Trusq

factual analysis · traceable to primary sources

Topics Opportunities Take the check Work with us LinkedIn NL·EN
Analysis

Singapore's MAS publishes an AI risk toolkit for finance — before its guidelines bind

Adopted 2026-03-20 · ≈ 4 min read · Dirk Baaijen

On 20 March 2026 Singapore's MAS concluded phase two of Project MindForge with an AI Risk Management Toolkit for the financial sector, co-created with a 35-member industry consortium. Its Operationalisation Handbook precedes binding guidelines and spans generative and agentic AI.

On 20 March 2026 the Monetary Authority of Singapore (MAS) announced the successful conclusion of phase two of Project MindForge, publishing an AI Risk Management Toolkit for the financial services sector. Project MindForge, launched by MAS in mid-2023, exists to strengthen AI risk management for financial institutions that deploy AI in their services and operations. The toolkit is built to cover the full spread of the technology — traditional AI, generative AI, and emerging agentic AI — rather than treating generative systems as a special case bolted onto an older model-risk regime.

What the toolkit is

At the centre of the toolkit is an AI Risk Management Operationalisation Handbook that gives detailed, practical guidance on putting an AI risk-management framework into operation. It is accompanied by a supplement of AI case studies drawn from financial institutions — the experiences, challenges and risk-management practices of using AI in different organisational contexts. The Handbook is organised into four sections:

  • Scope and oversight — establishing an AI governance framework and clear

roles and responsibilities for AI oversight.

  • AI risk management — identifying where AI is used, assessing risk

materiality, and inventorising AI through organisational systems, policies and procedures.

  • AI lifecycle management — implementing controls across the entire lifecycle

of an AI use.

  • Enablers — building the organisational capabilities, infrastructure and

resources for ongoing responsible AI use.

The Handbook is explicitly a living document: MAS will update it periodically as industry practice matures and to reflect its supervisory expectations.

Guidance arriving before the rule

The sequencing is the analytically interesting part. MAS is still reviewing responses to an earlier public consultation on a set of Guidelines on AI Risk Management, and the Handbook's four sections are deliberately aligned with those proposed Guidelines. In other words, the operational "how" is being shipped to the industry while the supervisory "what" is not yet final. That inverts the usual order — rule first, implementation guidance later — and lets firms begin building before the binding text lands. It also means the Handbook will track the Guidelines as they are finalised, so today's practical guidance is a forward indicator of tomorrow's supervisory expectation.

Governing by convening

MAS did not write the toolkit alone. It was co-created by a consortium of 24 leading banks, insurers and capital-market firms plus technology partners and trade associations — 35 entities in all, including global institutions such as BlackRock, Citi, DBS, HSBC, Standard Chartered, UBS and UOB, the cloud and chip providers AWS, Google Cloud, Microsoft and Nvidia, and Singapore's main banking and insurance associations. This is regulation by convening rather than by decree: the same model the knowledge base records in Singapore's cross-sector approach to agentic AI, where the regulator sets the table and the industry co-writes the practice.

Looking ahead, MAS will set up an AI risk management workgroup under its new BuildFin.ai initiative — consortium members plus other practitioners — to develop implementation resources and build frameworks for newer AI technologies such as agentic AI. As MAS's Chief FinTech Officer Kenneth Gay put it, the Handbook "marks a major step forward in our journey to ensure the responsible adoption of AI in finance," with BuildFin.ai a "foundation for our next phase of collaboration."

Where it sits internationally

Read against the rest of this knowledge base, the MAS toolkit is another tile in a fast-thickening mosaic of voluntary, soft-law AI governance for finance. In the same month-range it sits alongside the FSB's 12 sound practices — a global menu for the financial sector — and the US Treasury's adaptation of the NIST AI Risk Management Framework. None of these creates new legal obligations; all three work by becoming the shared vocabulary that supervisors and firms converge on. For a globally active bank or insurer, the value is the ability to describe one AI governance system in terms that travel across Singapore, the G20 and the United States at once.

The contrast with the European Union remains the sharpest line on the map. Where the EU governs financial-sector AI through binding law — the AI Act's high-risk designations for creditworthiness and insurance pricing, layered over DORA's ICT and third-party regime — Singapore governs through proportionate, co-created guidance with a supervisory backstop. The broader picture of international AI governance explains why a financial centre might rationally choose the second route: in a sector where the largest players are global, a practical handbook that the industry helped write can move faster, and bind more willingly, than a statute.

Sources

  1. https://www.sgpc.gov.sg/api/file/getfile/Media%20release_MAS%20Partners%20Industry%20to%20Develop%20AI%20Risk%20Management%20Toolkit%20for%20the%20Financial%20Sector.pdf?path=%2Fsgpcmedia%2Fmedia_releases%2Fmas%2Fpress_release%2FP-20260320-2%2Fattachment%2FMedia+release_MAS+Partners+Industry+to+Develop+AI+Risk+Management+Toolkit+for+the+Financial+Sector.pdf
    Official MAS media release (Singapore Govt Press Centre), 20 Mar 2026: toolkit, four-section Handbook, 35-member consortium (Annex A).
  2. https://www.mas.gov.sg/news/media-releases/2026/mas-partners-industry-to-develop-ai-risk-management-toolkit-for-the-financial-sector
    Canonical MAS media release for the same announcement on the regulator's own site.

Share on LinkedIn

Read next

A

How the ECB supervises AI in eurozone banks: technology-neutral, existing frameworks, a generative-AI focus

For the 2026-2028 cycle the ECB places AI under its operational-resilience priority, and in February 2026 two Supervisory Board members set out the stance: with 85%+ of supervised banks using AI, govern it within existing frameworks rather than new rules, with a sharper focus on generative AI.

A

The UNESCO Recommendation on the Ethics of AI: the world's broadest AI standard, and why it is not a law

UNESCO's 2021 Recommendation on the Ethics of AI is the nearest thing to a universal AI standard — adopted by 193 states. It is non-binding but broad, resting on 11 policy areas and a Readiness Assessment used by 70+ countries. Its 4th Global Forum convenes in Riyadh on 14–17 September 2026.

A

Singapore: the Model AI Governance Framework and AI Verify

Singapore regulates AI not with a binding law but with voluntary instruments: the Model AI Governance Framework (with a separate version for generative AI) and the AI Verify testing toolkit. The aim is trust through testable practice rather than legal obligations up front.

Dirk Baaijen

About this knowledge base

Compiled and maintained by YRproject — programme and project direction at the intersection of digital transformation, AI and regulation. Every factual claim is traceable to its primary source. YRproject is led by Dirk Baaijen About & method →

A project or programme? Work with YRproject →

The monthly briefing

AI regulation in five minutes: what changed, what is coming and what it means. No spam, unsubscribe anytime.

Your address is used for this only and stored on our own servers.