Singapore

Debate on the Immigration (Amendment) Bill

Mr Speaker Sir,

I will be addressing two areas of amendments in the Immigration (Amendment) Bill, namely, digitalising and automating immigration processes, and the administration of immigration passes and permits.

Automating immigration processes

The Bill will introduce provisions to support ICA’s (Immigration and Checkpoints Authority) New Clearance Concept (NCC) to further automate immigration clearance. I appreciate that ICA is in the forefront of immigration technology, but have three concerns to highlight regarding the roll out of the NCC.

First, MOS (Minister of State) Faishal told the House on April 21st that under the NCC, “all manual counters and automated lanes will be replaced in phases with the next generation Automated Border Clearance System gates”. Does this mean that once NCC is fully rolled out, the use of manual counters will no longer be an option for Singaporean travellers?

Some categories of travellers frequently face difficulties in the process of clearing immigration. For example, some elderly citizens are unable to provide usable fingerprints due to their dry skin. Wheelchair users may have difficulty getting their irises scanned due to the height and angle of the scanners. Iris recognition systems could become prone to error as people’s irises change with age or after cataract surgery. And the biometrics of young children are still developing and may change over time.

Will the NCC include reasonable accommodations like wider gates for wheelchair users and adjustable scanners that can capture biometrics from travellers who cannot hold their head up for long?

Most importantly, will Special Assistance Lanes which are manned by ICA officers continue to be provided at the passenger halls of Changi Airport and all land and sea checkpoints, and will they be easily accessible by all travellers with special needs?

Second, I note that the Bill empowers the Minister to authorise the disclosure of passenger information to the airport operator for specific uses. Does this “airport operator” refer to only the Changi airport operator or also operators of foreign airports? Do the “specific uses” include the sharing of Singaporeans’ biometric data? What enhanced safeguards are in place to ensure data security, particularly if Singaporeans’ data will be shared with third party vendors or foreign governments, over which we have little control?

And third, I note that Singapore is one of the first countries in the world to implement NCC-type capabilities. As shared by MOS Faishal in April, some of these capabilities will be implemented in a form and manner not used or tested elsewhere. I also recall that the four-and-a-half hour disruption to immigration systems on March 31st was caused by a failed upgrade of the Multi-Modal Biometrics System (MMBS).

May I ask if the MMBS has since been fully upgraded? What additional contingency plans will ICA put in place to ensure that the upgrade to the NCC will not cause immigration disruptions of that scale or worse?

Administration of immigration passes and permits

Another key area of amendments in the Bill is to enable the ICA to more efficiently administer immigration passes and permits issued to foreigners and PRs (Permanent Residents).

Cross-national marriages between a Singaporean and a foreigner make up about a quarter of all marriages in Singapore. Foreign spouses face many challenges settling down in Singapore, the chief of which is obtaining permission from the Government to remain in Singapore for the long term. This can be achieved, first, through securing an LTVP (Long Term Visit Pass) and, subsequently, PR.

For foreign spouses who hold university degrees and draw high salaries, obtaining an LTVP, PR and even citizenship is usually not difficult, since their income and skills add great weight to their applications. But those with low educational qualifications and incomes face far greater challenges in obtaining long-term residency.

At my Meet the People Sessions, which are attended mainly by residents in the lower income group, about a fifth of cases involve immigration matters. The Singaporean residents who approach me are usually disappointed that their foreign spouse’s LTVP or PR applications were unsuccessful and want me to make appeals for them. Some share with me their deep longing to start a family, but their hesitation due to their spouse’s uncertain immigration status. Most don’t understand why the applications were rejected because no reasons are provided by ICA.

During a 2012 Parliamentary exchange between Ms Indranee Rajah and the then-MOS (Home Affairs), Mr Masagos Zulkifli, Ms Rajah highlighted three cases of Singaporeans with prior convictions who were facing difficulties getting their foreign spouse’s LTVP approved. Mr Masagos agreed with Ms Rajah that families are the pillar of support for ex-offenders, but clarified that the “family” in this case referred to an “existing family unit”, not a new family unit formed when the ex-offender got married soon after his release. He added that “an offender just out of prison has many issues to deal with and an environment he is not familiar with anymore.” He further stated that “should a marriage not work out or the husband reoffends, the spouse who is a foreigner will not have relatives in Singapore to turn to nor jobs to sustain herself or her children as many are generally low skilled.”

Parents and siblings are not the only pillar of support for ex-offenders. Many may be estranged from their “existing” families or may have suffered divorce while incarcerated, and are starting anew. In fact, having a spouse provides stability and an added incentive for them to remain crime-free.

We should not deny ex-offenders who have served out their prison sentence the right to get married to anyone they choose to. Similarly, once they are married, it would be most unfair for the State to deny or delay a foreign spouse’s long term residency on account of an ex-offender’s past conviction. This could put a strain on their marriage and finances, and keep the ex-offender locked in a “second prison”.

The Government should not make it difficult for a married couple to stay together by denying an LTVP to a foreign spouse or child of a Singaporean. Family formation is one of the core social values in Singapore and our immigration policy must support it.

In 2015, ICA introduced the Pre-Marriage LTVP Assessment (PMLA) to give prospective cross-national couples an indication if the foreign spouse is likely to qualify for an LTVP after the marriage. However, since the PMLA was introduced, out of an annual average of 7,200 LTVP applications, only 3,000 applicants — or less than half — had completed the PMLA prior to applying for the LTVP, according to a reply by the Minister to my question last month.

In my conversations with residents who face difficulty getting an LTVP for their foreign spouses, most were unaware of the PMLA before they tied the knot. Does the Registry of Marriages (ROM) and the Registry of Muslim Marriages (ROMM) advise cross-national couples to complete the PMLA before getting married? I am aware that the ROM website advises them to undergo a PMLA. However, is this highlighted to the couple in person before the marriage registration process, keeping in mind that many of these couples may not be proficient in reading English?

Furthermore, even passing the PMLA is not a guarantee of obtaining an LTVP after marriage. In another reply to me last month, the Minister revealed that only 1,900 out of the 3,000 foreigners issued with Letters of LTVP Eligibility were eventually granted LTVP or LTVP-Plus, which means 37% were not. The Minister explained that not every person who has obtained a Letter of LTVP Eligibility goes on to apply for an LTVP but it is unclear if this fully accounts for the 37% gap.

The Minister has stated in this House that ICA generally does not disclose the reasons for unsuccessful applications for immigration facilities. This lack of transparency is out of step with practices in some other developed countries. In Canada, for spouse sponsorship applications that are refused, their government provides reasons for refusal in writing. Similarly, Australia’s Department of Home Affairs explicitly states that if Partner visa applications are refused, the Department will provide information on why the visa was refused.

Improving the immigration process for relatives of Singaporeans

I wish to propose four approaches that could improve ICA’s immigration process for the immediate family members of Singaporeans.

First, there should be disclosure of the broad reasons for rejection of LTVP, PR and citizenship applications by foreign spouses, children and parents of Singaporeans.

Singapore does not permit dual citizenship so this is our citizens’ only homeland. They do not have an easy option to settle in another country if their spouse is not given permission to live with them in Singapore for the long term, especially if they are from a low income group. When rejections happen without a reason, the Singaporean spouse can feel disconnected from their own nation. I have seen this in the eyes of my constituents who sought appeals for immigration applications for their spouses.

Second, where mitigation paths for future applications can be furnished, ICA should do so. For example, if an applicant was rejected because their economic contributions were not deemed sufficient, they should be informed of this, so that they could take steps to enter the workforce, upskill themselves and strive to perform better at work so as to earn promotions and salary increments. This is preferable over an opaque dead end.

Third, ICA should provide more criteria transparency to the immigration framework — similar to the COMPASS framework for employment passes. Previous answers by Ministers in this House have revealed the range of factors that are considered for LTVP, PR and citizenship applications. Why not list all these criteria clearly on the ICA website and on application forms, instead of expecting applicants to comb through the Parliament Hansard? Applications meeting these criteria should get fast tracked approval, with discretionary rejections allowed on a case-by-case basis.

The Minister told this House in 2018 that ICA does not share the “specific criteria or grounds for rejecting applications” due to concerns that “information about detailed assessment criteria can be abused to inflate an undeserving applicant’s chances of success” and that “some people could then try to game the system”.

In presenting the COMPASS (Complementarity Assessment) framework, which is used to evaluate foreigners’ employment passes and went live this month, the Government emphasised that it brings benefits like “transparency”, “clarity”, and “predictability” for businesses. COMPASS provides a points system, specific benchmarks for salaries and diversity, and employs objective data so firms can accurately assess where they stand. Indeed, the COMPASS criteria spell out in no uncertain terms how many points are awarded for various factors like salary, qualifications and improving diversity.

If the MOM (Ministry of Manpower) is comfortable with the disclosure and transparency in the COMPASS framework in order to provide businesses with clarity and predictability for manpower planning, then surely ICA can extend these same principles to Singaporeans and their foreign spouses, children or parents, who need the same clarity and predictability for their family planning.

The Minister also said that the “reasons for rejection may be used to arouse negative sentiments in other countries” and that “this may create bilateral sensitivities and is not in Singapore’s interest.”

It is a universally accepted principle that countries have the right to make their own decisions on immigration. In any case, ICA does not need to tell the applicant that they were rejected because they were from a particular country or of a particular race. If there are any reasons for rejection that may conceivably cause diplomatic friction, those need not be shared with the applicant. However, the vast majority of reasons for immigration rejections are not going to sour relations with other countries. Let’s not throw the baby out with the bathwater.

Lastly, ICA should provide clearer channels for immigration appeals. The Bill removes the statutory right of appeal to the Minister on decisions made by ICA on granting, revoking and varying conditions attached to PRs’ permits. I have no objections to the removal of this right. I agree that foreigners have no right to demand to enter or stay in Singapore, and I note from MHA’s statement that PR applicants and PRs may still seek ICA’s reconsideration of its decisions, particularly if there are new facts that were not previously submitted to ICA.

However, when searching the ICA website, I could not find much information on submitting appeals for failed LTVP and PR applications. The website only states that failed PR applicants may submit a fresh application if there are changes to their circumstances. Anecdotally, residents often tell me that they were advised by ICA officers to make an appeal through their MPs.

While I am grateful for the chance to engage with more constituents at my Meet the People Sessions, submitting appeals through one’s MP should not be the default means of communication between citizens and the government. An accessible, self-service channel should be made available, particularly for appeals with a substantial volume. A secure online form should be made available on the ICA website for all immigration appeals, with clear instructions guiding appellants to submit new facts that were not previously provided in their earlier application.

Conclusion

I believe these proposals will provide a balance between the Government’s prerogatives and the needs of Singaporean families, while upholding our national interest. They could lessen the anxiety and frustration that Singaporeans with foreign spouses, children or parents experience with the immigration process.

I support the Bill.

This was my speech in the debate in Parliament on the Immigration (Amendment) Bill on 18 September 2023.

LTVPs and Pre-Marriage LTVP Assessments

Immigration related matters are among the more common issues residents discuss with me at my Meet the People Sessions. Most involve a Singaporean husband and his foreign wife, who is seeking a Long-Term Visit Pass (LTVP) or permanent residency. Sometimes, I meet Singaporeans whose spouses’ LTVP is not approved by ICA, obliging them to apply for Short-Term Visit Passes, which allow a maximum of 89 days’ stay. This leads to uncertainty and, sometimes, the separation of the couple, which can be a strain on the relationship.

To reduce the uncertainty about whether an LTVP for a foreign spouse will be approved, a Pre-Marriage LTVP Assessment (PMLA) was introduced. However, based on a reply to my Parliamentary Question by Minister for Home Affairs K. Shanmugam, less than 42% of LTVPs from foreign spouses of Singaporeans completed the PMLA before applying for an LTVP. In reply to another PQ, the Minister also shared that of the 3,000 Letters of LTVP Eligibility (following the PMLA) that were issued annually in the past few years, 63% were eventually granted an LTVP or LTVP+ (although not all applied).

From the figures and my interactions with residents, it appears many were unaware of the PMLA before they got married.

Here is the full Q&A from the 2 Aug 2023 sitting:

Mr Gerald Giam Yean Song asked the Minister for Home Affairs in each year from 2016 to date (a) how many Long-Term Visit Pass (LTVP) applications are received; (b) of these, how many applicants have previously applied for a Pre-marriage Long-Term Visit Pass Assessment (PMLA).

Mr K Shanmugam: From 2016 to 2022, the Immigration and Checkpoints Authority (ICA) processed an annual average of 7,200 applications from foreign spouses of Singaporeans for the Long-Term Visit Pass (LTVP). Of these, an annual average of 3,000 applicants had completed the Pre-Marriage LTVP Assessment (PMLA) prior to applying for LTVP.

Mr Gerald Giam Yean Song asked the Minister for Home Affairs in each year from 2016 to date (a) how many Pre-Marriage Long-Term Visit Pass Assessment (PMLA) applications are received; (b) of these how many are issued with a Letter of Long-Term Visit Pass (LTVP) eligibility; and (c) of those who are successful and applied for an LTVP, how many are eventually issued an LTVP or LTVP+.

Mr K Shanmugam: From 2016 to 2022, an annual average of: (a) 3,900 applications for the Pre-Marriage Long-Term Visit Pass (LTVP) Assessment (PMLA) were processed by the Immigration and Checkpoints Authority; and (b) 3,000 Letters of LTVP Eligibility were issued.

Of those who had received a Letter of LTVP Eligibility, about 1,900 annually were eventually granted an LTVP or LTVP-Plus (LTVP+). This is because not every person who has obtained a Letter of LTVP Eligibility goes on to apply for an LTVP. Those with a Letter of LTVP Eligibility, which is valid for one year, will generally have their LTVP or LTVP+ approved if their circumstances were unchanged from the time at which they completed the PMLA.

Source: Singapore Parliament Reports (Hansard)

Photo by Priscilla Du Preez on Unsplash

Seafood safety following the Fukushima waste water release

Next year, Japan will start releasing treated radioactive water from its damaged Fukushima nuclear power plant into the Pacific Ocean. Many people in the Asia-Pacific region, including in Singapore, are concerned about this move’s radiological impact on people and the environment. On 3 Aug 2023, I asked Minister for Sustainability and the Environment Grace Fu if the Government is monitoring the water around the areas (in the Pacific Ocean) where our sources of seafood come from to assess whether or not the release of the wastewater will impact Singapore.

The Minister said that the Government will monitor reports coming from those areas but because Singapore does not have jurisdiction in those areas, it would be “very unrealistic to expect NEA to be monitoring the quality of waters several thousand miles away from Singapore”. She said, however, that the Government assesses the plan put up by the Japanese authorities on how they intend to discharge the wastewater and takes guidance from IAEA (the International Atomic Energy Agency). She also said that the Singapore authorities “take food samples” to manage the risks.

This is the full exchange in Parliament:

Ms Joan Pereira asked the Minister for Sustainability and the Environment with regard to the release of treated wastewater from the Fukushima nuclear plant into the Sea by Japan (a) what measures are in place to ensure the safety of our food products, especially seafood, imported from Japan; and (b) whether the Ministry has assessed the potential impact on Singapore’s surrounding waters.

Mr Melvin Yong Yik Chye asked the Minister for Sustainability and the Environment with regard to the impending release of treated radioactive water from the Fukushima Daiichi nuclear plant into the ocean (a) whether the Singapore Food Agency (SFA) will review the safety of seafood imports from Japan; and (b) what actions will SFA take when an imported food is found to have elevated levels of tritium or other radionuclide levels.

The Minister for Sustainability and the Environment (Ms Grace Fu Hai Yien): Mr Speaker, may I have your permission to answer Question Nos 8 and 9 together in the Order Paper today, because they relate to the same matter?

Mr Speaker: Please proceed.

Ms Grace Fu Hai Yien: Thank you very much. The Singapore Food Agency (SFA) and the National Environment Agency (NEA) adopt a science-based approach towards assessing food safety risks and environmental impacts respectively.

To ensure food safety, food imported into Singapore is subjected to SFA’s surveillance and monitoring regime, which includes radiation surveillance. Food products that fail SFA’s inspections and tests will not be allowed for sale. SFA has been closely monitoring food imports, including those from Japan, and our surveillance results have been satisfactory. SFA also keeps abreast of international developments and expert reports from the International Atomic Energy Agency (IAEA) and foreign food safety authorities to augment our surveillance and monitoring regime.

NEA assesses that Japan’s planned discharge of treated radioactive water from the Fukushima nuclear plant into the sea is unlikely to impact the seawater quality in or around Singapore waters. Since 2019, NEA has been closely monitoring Singapore’s waters as part of NEA’s environmental baseline radiation monitoring programme. The radioactivity measured continues to remain within our natural background levels. SFA and NEA will continue to monitor closely radiation levels in our food imports and our environment respectively.

Mr Speaker: Ms Joan Pereira.

Ms Joan Pereira (Tanjong Pagar): Mr Speaker, I have three supplementary questions for the Minister. I note that NEA operates a network of about 40 ambient radiation monitoring stations in and around Singapore, which provide a daily update on radiation levels. First, may I ask if the Ministry of Sustainability and Environment (MSE) has any plans to increase the frequency of monitoring to more than once a day or to include more monitoring stations?

The second question is a request for the readings to be made known to the public; and third, does MSE have any processes presently to monitor the presence of tritium in our environment?

Ms Grace Fu Hai Yien: Mr Speaker, sorry, I could not catch hold of the Member’s second and third points – made known to the public on what?

Ms Joan Pereira: Make known to public on the radiation levels.

Ms Grace Fu Hai Yien: Yes, okay. And the third?

Ms Joan Pereira: Any process presently to monitor the presence of tritium in our environment.

Ms Grace Fu Hai Yien: I thank the Member for the questions. I would like to assure Members here as well as members of the public that we do keep a close watch, as I have mentioned earlier, including the readings from the 40 monitors that Member Joan Pereira has mentioned. And we do include readings on radiation and, if necessary, we will make some of these known if we need the public to be aware. Because these monitors actually collect a lot of data, so, we do not think that it is necessary to highlight one of them, unless it is in the public interest to do so.

And we have in the past, for example, when it comes to haze, we do highlight certain readings when we think that it is necessary for the public to take action. Otherwise, there will be a lot of data that may inundate the public and actually may not have the desired impact.

Having said that, we will monitor closely. For some indicators, we do intend to increase the number of monitors, but I will just assure the Member that we will look into the overall requirements of environmental protection and assess our capability from time to time.

Mr Speaker: Mr Melvin Yong.

Mr Melvin Yong Yik Chye (Radin Mas): Sir, I thank the Minister for her reply. My supplementary questions relate to food products. First, I would like to ask if SFA tests all imported food products coming from high-risk locations where there are potential nuclear contamination issues. Second, what would be the recourse for consumers who suspect that they have bought or consumed a product that contains high radionucleic levels?

Ms Grace Fu Hai Yien: Thank you very much, Mr Melvin Yong, for the question. We take a risk-based approach when it comes to food safety and these risks could be many different types of risks. It can be from nuclear activities, nuclear active materials, it can be contamination from the environment. We are inundated actually with many, many different types of risks. So, I would not want Members to go away thinking that nuclear contamination is the only thing that we are concerned with or this is an issue that we are concerned about right now. As I have mentioned earlier in my reply, we have actually been monitoring a whole host of risks and you can see that SFA, from time to time, does take action against food items that do not meet our requirements.

So, this regime will continue and, of course, we will watch the situation with the discharge of Fukushima wastewater carefully. We will also rely on international assessments and we do exchange data and intelligence with other food safety authorities.

Mr Speaker: Mr Gerald Giam.

Mr Gerald Giam Yean Song (Aljunied): I thank the Minister for her replies. I note the Minister said that the discharge of wastewater is unlikely to impact the waters around Singapore. But can I ask the Minister if NEA or SFA is monitoring whether the water around the areas where our sources of seafood come from is being monitored to assess whether or not it will impact Singapore?

Ms Grace Fu Hai Yien: Of course, we will monitor reports coming from those areas. As you see, we do not have jurisdiction in those areas. So, it is really not very realistic for us to expect NEA to be monitoring the quality of waters several thousand miles away from Singapore. Having said that, we do assess the plan that has been put up by the Japanese authorities on how they intend to discharge the wastewater. We do watch what IAEA is doing because IAEA is obviously monitoring the discharge and also on the lab reports very closely.

More importantly is that we do take food samples to manage the risks. So, I can assure the Member as well members of the public that this item is on our agenda and we will be taking all necessary actions to keep food coming into Singapore safe.

Source: Singapore Parliament Reports (Hansard)

Photo by Tamas Pap on Unsplash

App Restrictions on Government-Issued Mobile Devices

Earlier this year, several governments around the world banned specific apps from being installed on government-issued mobile devices, amid fears that user data and information collected by these apps would be misused, or that sensitive data would be collected by such apps.

I asked the Prime Minister whether all government-issued mobile devices are pre-installed with device management apps and antivirus software. I also asked how the government ensures that sensitive information on these devices do not fall into the wrong hands, especially devices used by civil servants and political office holders.

This was the full exchange in Parliament on 9 May 2023:

Mr Gerald Giam Yean Song asked the Prime Minister (a) whether all Government-issued mobile devices used by civil servants and political office holders are pre-installed with device management application (DMA) and antivirus software; (b) if so, how does the Smart Nation Digital Government Group (SNDGG) ensure that sensitive information passing through these devices does not fall into the wrong hands; and (c) if not, how does SNDGG ensure that only approved apps are downloaded, only appropriate websites are accessed and only malware-free email attachments are opened on these devices.

The Senior Minister of State for Communications and Information (Dr Janil Puthucheary) (for the Prime Minister): Madam, Government-issued mobile devices are secured through technical controls and policies on appropriate use.

Technical controls include the installation of Mobile Device Management software, which allow for remote removal of data from compromised devices. Connectivity to the Government network must be done via a virtual private network. Emails are screened by a security application that blocks emails containing suspicious attachments. As a policy, such devices cannot be used to process and store highly classified information that may cause serious damage to national interests.

We also educate public officers through regular training so that they are aware of cybersecurity risks, including rogue apps or spoof websites. As members will appreciate, cyber risks can never be fully eliminated. We will implement appropriate safeguards while enabling officers to be effectively supported with IT tools.

Mdm Deputy Speaker: Mr Gerald Giam.

Mr Gerald Giam Yean Song (Aljunied): I thank the Senior Minister of State for the reply. Has the Government assessed the risk that the apps installed on these phones, whether they are personal or official mobile phones of public servants and civil servants, may be able to surreptitiously access official secrets that may be stored on the phone or accessible on the phones? And what mitigation measures are done to prevent this – for example, do all official devices require anti malware software to be installed?

Also, the Senior Minister of State mentioned quite a bit of restrictions on the official mobile phones. What rules are in place to ensure that civil servants do not use their personal devices for official purposes, just to get around the official phone restrictions in an effort to communicate with one another or with the public?

Dr Janil Puthucheary: Madam, I thank the Member for the question. His supplementary questions touch on a number of areas – malware mitigation, installation of software, installation of apps, the use of personal devices versus official devices. We do have policies as well as technical solutions that apply to all of those areas that he had asked about.

But the key issue is the behaviour of our personnel. Every single one of these technical, software solutions can be weakened by inappropriate behaviour. So, the key is really to make sure that our public officers understand what they are allowed to do and how what they do exposes themselves as well as our systems to risks, and to make sure that their behaviour is not compromised. The short answer is, we do have technical solutions to each of the issue that he has brought up, but what we really need to emphasise is the process and people factors in order to make sure that we secure this space. And I thank him for his questions.

Source: Singapore Parliament Reports (Hansard)

Photo by Ketut Subiyanto on Pexels

Cat management framework in HDB flats

In September 2022, NParks launched a six-month long public consultation exercise on the cat management framework. I asked the Minister for National Development on 5 July 2023 for an update on the cat management framework, specifically whether NParks will complete the framework by late 2023, what are the results of the six-month public consultation exercise on the framework that was launched in September 2022, and whether due consideration will be given to responsible cat owners, such as allowing cats as pets in HDB flats.

This was my question and the Minister’s answer:

Mr Gerald Giam Yean Song asked the Minister for National Development (a) whether NParks’ review of the cat management framework is on track for completion by late 2023; (b) what are the results of the six-month public consultation exercise on the framework launched in September 2022; and (c) whether the review will give due consideration to responsible cat owners, in deciding whether to allow cats as pets in HDB flats.

Mr Desmond Lee: The key findings of the National Parks Board (NParks)’s public survey on the proposed cat management approach were shared at the Pets’ Day Out event on 6 May 2023. NParks is further engaging the community on the proposed approach, including through focus group discussions with various stakeholder groups. NParks aims to share more details on the proposed approach in the later part of this year.

In deciding whether to allow cats as pets in HDB flats, we will continue to carefully balance the needs of different segments of the community. This was explained in our response to a Parliamentary Question from Mr Louis Ng, which was issued on 7 November 2022.

7 November 2022

Review of pet cat ownership in HDB flats

Mr Louis Ng Kok Kwang asked the Minister for National Development (a) how long will the Ministry take to complete its review of pet cat ownership in HDB flats following the end of the public consultation; and (b) what are the key factors which the Ministry will consider in this review.

Mr Desmond Lee: In September this year, NParks launched a six-month public consultation exercise on our proposed cat management framework. The framework aims to promote responsible cat ownership and caregiving, while safeguarding public health and ensuring the well-being of our pet and community cats. Following the public consultation, we aim to complete our review, including the possibility of allowing pet cats in HDB flats, in the later part of next year.

As we review HDB’s pet ownership policies, we will carefully consider the feedback received through our various consultation channels. These include our online survey, which has gathered close to 30,000 responses so far, and our upcoming community dialogues and focus group discussions. In conducting the review, we will continue to balance the needs of different segments of the community, such as residents who would like to keep cats in their flats, and others who may have concerns about the disamenities caused by irresponsible cat ownership.

We will also place importance on protecting public health and animal welfare. For example, the possibility of regularising the keeping of pet cats in HDB flats will be studied alongside the proposal to introduce a licensing and microchipping scheme for pet cats. This would improve the traceability of pet cats, so that we can respond to animal disease outbreaks more effectively and better protect public health. In addition, this would allow us to hold irresponsible cat owners to greater account if their cats are found to be neglected, abused or abandoned.

We will also be mindful of the circumstances of existing cat owners, including those with multiple cats. Any new measures will be carefully studied and implemented in phases where necessary, and we will provide the necessary support to help affected stakeholders adapt to any changes that are introduced.

In the meantime, we encourage members of the public to share their views by taking part in our survey and upcoming engagement sessions, as we work together to improve our policies for cat management and welfare.

Source: Singapore Parliament Reports (Hansard)

Photo by Nathan Fertig on Unsplash

Background checks on foreign nationals before they set up Singapore companies

In March, Justin Sun, a China national who founded BitTorrent Foundation in Singapore, was sued by the US Securities and Exchange Commission (SEC) following allegations of selling unregistered securities, fraud and market manipulation. Sun’s BitTorrent was registered in Singapore under the business activities of “IT and Computer Service Activities,” which greatly differs from the offences his company has been alleged to have committed (i.e. the fraudulent issuance and sale of crypto assets).

I am concerned that foreign nationals could take advantage of the ease of setting up companies in Singapore, so as to use Singapore as a base to boost their reputations and subsequently conduct fraudulent activities. With this concern in mind, I asked the Deputy Prime Minister Lawrence Wong to provide information on the types of background checks undertaken on foreign nationals before they are allowed to set up Singapore companies.

I also asked how the Accounting and Corporate Regulatory Authority (ACRA) verifies whether these companies’ activities are conducted as stated in their applications.

This is my question and DPM Wong’s reply on 4 July 2023:

Mr Gerald Giam Yean Song asked the Deputy Prime Minister and Minister for Finance (a) what background checks are undertaken on foreign nationals before they are allowed to set up Singapore companies; (b) how does ACRA verify whether these companies’ activities are in line with what their directors declared when they were seeking incorporation; and (c) how actively does ACRA investigate companies to verify whether they are conducting activities in accordance with their incorporation documents.

Mr Lawrence Wong: Foreign nationals based overseas must engage the services of an Accounting and Corporate Regulatory Authority (ACRA)-Registered Filing Agent (RFA) to set up Singapore companies. RFA is a professional services firm, such as a law firm, accounting firm or corporate secretarial firm. RFA is responsible to conduct customer due diligence, including verifying identity and background information, confirming the veracity and adequacy of documents and obtaining beneficial ownership information. They are also required to perform ongoing transaction monitoring on their customers and their companies’ business activities after incorporation, to ensure that the activities are consistent with the RFA’s knowledge of the customer, business and risk profile. They must report any suspicious transactions to the Police.

In addition, ACRA will investigate if it receives information that a company is not conducting activities in line with what was declared at incorporation. The company will be referred to the Police if it is suspected to be engaging in illegal activities. To facilitate this, ACRA also makes publicly available much of the information lodged by companies. This helps to ensure that members of the public accessing this information can report any discrepancies to ACRA.

Should there be any indication of false filings, ACRA will take enforcement action against the RFA. Persons who have knowingly provided false or misleading information to ACRA may be subject to fines or imprisonment.

Source: Singapore Parliament Reports (Hansard)

Photo by Esaias Tan on Unsplash

Loss of CPF savings through malware scams

The Singapore Police Force reported that Android device users lost at least $99,800 of their Central Provident Fund (CPF) savings in June 2023 alone through malware-related scams. During the 4 July Parliament sitting, Minister for Manpower Tan See Leng said that victims had installed apps which contained malware that “allowed the scammer to take full control of the phone, steal banking and Singpass credentials stored in the phone and perform unauthorised CPF log-ins and withdrawals.”

Ordinarily, Singpass credentials — specifically the six digit passcode — would not be stored on the phone as they would be input from memory by users. Passcodes certainly should not be stored in the Singpass app itself. This prompted me to ask the Minister if there was a vulnerability in the Singpass app, and if so, whether MOM was working with GovTech to patch it.

As it turned out, what the Minister meant was that some victims stored their Singpass credentials in a “notepad” app on their phones and this was what the malware was able to read to login via Singpass and access their CPF accounts.

This is but one way scammers can access your savings if you choose not to install apps from Google Play Store or Apple Store. All users can better protect themselves from such scams by following the advice in the 29 June 2023 joint statement by CPF Board, GovTech and the Police.

This is the Parliament exchange I had with the Minister:

The Minister for Manpower (Dr Tan See Leng): Mdm Deputy Speaker, my response to this Parliamentary Question will also address the Parliamentary Question filed by Mr Zhulkarnain Abdul Rahim as a written Parliamentary Question for yesterday’s Sitting.

Since January 2023, the Police received more than 700 reports of victims having downloaded malware onto their phones, with more than $8 million worth of savings lost through unauthorised withdrawals from the victims’ bank accounts and so on. Based on the investigations thus far, nine of these cases involved unauthorised Central Provident Fund (CPF) withdrawals, amounting to a net loss of $124,000 in CPF savings. I would like to add that the ninth case did not result in loss of CPF savings. So, even though nine involved unauthorised CPF withdrawals, the ninth case itself did not result in the loss of CPF savings because the Singapore Police Force (SPF) managed to stop the transfer out from the bank account of the CPF member.

CPF monies were paid from members’ CPF accounts to their own bank accounts and then they were subsequently withdrawn from these bank accounts by the scammers.

The modus operandi of these malware-related scams has been extensively covered in an earlier joint advisory from the Police, Government Technology Agency (GovTech) and CPF Board on 29 June 2023. In gist, the victims downloaded malware-infected Android Package Kits, or APK, from unauthorised sites and they subsequently turned on accessibility services when told by the scammer to purportedly facilitate the purchase of items at a steep discount. Doing so allowed the scammer to take full control of the phone, steal banking and Singpass credentials stored in the phone and perform unauthorised CPF log-ins and withdrawals.

I urge all Singaporeans to stay vigilant. We should update our phones regularly with the latest security patches and we should only download apps from official app stores and exercise the greatest of caution when we are prompted to turn on accessibility services. These accessibility services are mainly meant to assist users with disabilities to use their devices, such as by allowing apps to read and control your screen.

As a further precaution, CPF Board and GovTech have introduced additional authentication measures since 22 June 2023 to increase the protection for CPF members. Members may be asked to perform Singpass Face Verification (SFV) or other checks when accessing CPF e-services. This provides additional security in addition to the existing two-factor Singpass authentication required for accessing CPF e-services. Members who require assistance on CPF services and the SFV can visit the CPF service centres and Singpass counters respectively. They may also call the Singpass helpdesk.

These additional safeguards may make it slightly less convenient for members to perform certain CPF e-services but I think members would agree that it is better to be safe than sorry. This is especially so in light of new threats. The Government will continue to review and monitor these threats closely and work closely alongside the banks to introduce more precautionary measures where necessary.

The Police will spare no effort in tracking down those responsible for such malware incidents and will take tough action against them. I urge anyone with information on such crimes to contact the Police immediately.

…

Mr Gerald Giam Yean Song (Aljunied): Madam, just now I heard the Minister say that the scammers were able to obtain the victims’ Singpass credentials from their phones after they managed to install the app on their phone. Is MOM working with GovTech to patch this vulnerability if it, indeed, is a vulnerability?

Dr Tan See Leng: I thank Mr Gerald Giam for his question. Perhaps, Mr Giam may not have an appreciation of the different steps that these scammers sort of would navigate to actually get the CPF members to download these apps. Today, the vulnerability appears to be in the Android phones and generally our members may have just gone online, whether it is on Facebook or some other form of social media, and come across some particular app which purportedly gives him a steep discount; a very, very good deal, in which they have to download that particular app. And once they download the app, they will, more often than not, get phone calls from someone helping them to navigate and to use the app.

And they then hand over some of the navigational options to this and turn on the accessibility services on their Android phone itself. That then exposes themselves to all these scammers to then undertake and take over their information.

So, the added precautionary measure that we have put up is that for vulnerable members, they would need an additional step of using the Singpass Face Verification. We have these identities stored, because the NRICs, the passports, we have that. Based on our records, we can then ensure that the person who is logging in and making these withdrawals actually corresponds to the actual member and not through some scam account.

So, we believe that, today, that added step, which to some members cause a lot of inconvenience, is sufficient as a precautionary measure. I hope that addresses your concern.

Mdm Deputy Speaker: Mr Gerald Giam.

Mr Gerald Giam Yean Song: To clarify, I understand the process in which the scammers use to access the phone. But just now the Minister said that once the accessibility is enabled, the scammers are able to read the passwords that are stored in Singpass. Typically, these passwords should not be stored at all inside the phone. So, I just want to understand whether or not this is something that is being looked into, as to why is it that passwords are stored inside the phone for that reason?

Dr Tan See Leng: I think there are a myriad of reasons why people store their passwords on their phones, in their notepads and so on. There are also members who write it down somewhere in a booklet and they put it at home.

I cannot tell you how members will want to store their passwords to remind themselves. But I think the added measure today, first of constantly educating our public to not download any form of innocuous-looking apps from unauthorised stores, unauthorised sites and also to not just switch on the accessibility services; and at the same time, not release details to someone who is unknown over the phone and at the same time adding on the additional security verification through the Singpass Face Verification step, I think it is sufficient for us to prevent, today, unauthorised withdrawals from the CPF account. Of course, I said that there are also parallel initiatives to deal with what happens after the money goes into the banking account.

So, there are all these measures that we are doing.

I would not want to be in a position of hubris where we say that we have got it all figured out. Because today, cybersecurity constantly evolves – scammers and hackers are getting more and more creative. So, we have to constantly work at nudging our people, working with one another to keep reminding all of our members, all of our citizens, to always be vigilant. At the same time, the Government will also constantly find new ways to step up our precaution to protect our members. I hope that gives you the reassurance.

Mdm Deputy Speaker: Senior Minister of State Janil.

The Senior Minister of State for Communications and Information and Health (Dr Janil Puthucheary): Thank you, Mdm Deputy Speaker. I raised my hand, but I think Minister Tan had already made the point. The information is being taken from other parts of the phone, not as Mr Giam had asked about. But the point has been made by Dr Tan already.

Source: Singapore Parliament Reports (Hansard)

Photo by Markus Spiske on Unsplash

HDB flats without direct lift access

I filed a question for written answer from the Minister for National Development for an update on the Lift Upgrading Programme at the 4 July 2023 Parliament sitting, in particular how many HDB blocks still lack direct access to lifts and whether HDB will continue to retrofit units with direct access as new solutions become available.

This is the answer provided by the Government:

Mr Gerald Giam Yean Song (Aljunied GRC) asked the Minister for National Development after the first round of the Lift Upgrading Programme (LUP) and subsequent retrofitting to provide direct lift access for more of HDB units (a) how many HDB blocks still have units without direct access to lifts; (b) where are these blocks located; (c) what are the criteria for the post-LUP retrofitting of such flats; and (d) whether HDB will continue to retrofit units with direct lift access as new design and technical solutions become available.

Mr Desmond Lee (Minister for National Development): To date, more than 5,000 HDB blocks have benefited under the Lift Upgrading Programme (LUP). There are about 140 blocks island-wide without direct lift access where LUP will incur high cost and, in some cases, not be feasible due to existing technical and site constraints.

Over the years, HDB has piloted and adopted different design approaches and innovative technical solutions to bring direct lift access to more blocks under LUP. Some examples of the solutions that have been successfully implemented include machine room-less lifts, home lifts and bubble lifts.

There are some HDB blocks which have undergone LUP but do not have lifts stopping on the same floor level, due to technical constraints at the time of lift upgrading. For such flats, some residents need to climb about one flight of stairs to get to their units as compared to three or four flights of stairs prior to upgrading.

For blocks without direct lift access, HDB will continue to explore new technologies and adopt them where feasible. Residents who are in urgent need of direct lift access due to medical conditions or mobility reasons can apply for the Lift Access Housing Grant of up to $30,000 to help them buy another flat with direct lift access.

Source: Singapore Parliament Reports (Hansard)

Questions to the Minister on inflated newspaper circulation numbers

On 16 June 2023, SPH Media Group’s Audit and Risk Committee published its report investigating the issues surrounding the inflated circulation numbers of SPH.

The report highlighted a barter arrangement between SPH and another media company, which it called “X”. Media company X provided an unspecified number of e-paper digital subscriptions to SPH in exchange for 15,000 Straits Times and Business Times digital subscriptions (from SPH). The amounts paid by X to SPH and vice versa were offset against each other. SPH reported these 15,000 copies in its (inflated) circulation numbers. According to the report, there was no evidence that the digital access codes for the Straits Times and Business Times digital copies were distributed.

In Parliament on 6 July, I asked Minister for Information and Communications Josephine Teo whether there would be any investigation into media company X as to whether they too were inflating their circulation numbers. The Minister replied that she was not at liberty to disclose the full range of the Police’s investigations. She added that it was for the Police to decide whether to specifically look into establishing liability on the part of X.

Separately, a fund, known as the NIE Fund, was set up to pay for the distribution of newspaper samples to students, needy families, halfway houses and charities. The report found that during the review period, approximately $748,000 from the NIE Fund was used to pay for bulk copies of newspapers to “shore up” the circulation numbers, cushion the fall in print circulation numbers and to meet circulation number KPI targets. The report found evidence to suggest that some of SPH’s clients were not aware that monies they had paid would be used for the purposes of purchasing bulk copies.

I asked the Minister what kind of accountability had been given to the donors and the clients who had contributed to the NIE Fund on the understanding that they were helping the underprivileged in society but were instead used to shore up the circulation figures for SPH. The Minister replied that the purpose of making “full disclosure” on the findings was to allow these entities to decide if they wanted to take further action. She added that they could, if they chose to, but the Government would not decide on their behalf.

This is the link to the full Audit and Risk Committee Report: https://static.sph.com.sg/uploads/2023/06/Annex-ARC-Report.pdf

This is the Parliament exchange I had with the Minister:

Mr Gerald Giam Yean Song (Aljunied): Thank you, Madam. Madam, the ARC report stated that the X Barter Deal was not a genuine arrangement. The corresponding revenue and expenses should not have been recognised and the corresponding circulation numbers should not have been counted. So, my question is, if it was found that the X Barter Deal was not a genuine arrangement, will there be any investigation into the other media company, which was named as “X” in the report, and whether they were also inflating their numbers?

Secondly, the Minister said that the question of loss of public funds does not arise. But what kind of accountability has been given to the donors and the clients who had contributed to the NIE Fund on the understanding that they were helping the underprivileged in society but were instead used to shore up the circulation figures for SPH?

Mrs Josephine Teo (Minister for Communications and Information): Mdm Deputy Speaker, at this point, we will not be at liberty to disclose the full range of the Police’s investigations. Are they specifically looking to establish liability in the context that Mr Giam described? That is for the Police to decide.

On the Member’s second question on accountability to the donors and the other parties that made resources available to SPH Limited, the purpose of making full disclosure on the findings is precisely to allow these entities to decide if they want to take further action. So, they can, if they choose to. It is not for us to decide on their behalf.

Source: Singapore Parliament Reports (Hansard)

Scams involving SMS OTP diversions

There were several scam cases previously where scammers intercepted the SMS one-time password (OTP) sent by banks and used them to make unauthorised transactions without the customers’ knowledge. At the sitting of Parliament on 5 July 2023, I asked the Prime Minister how many fraudulent bank transactions had been made as a result of SMS OTP diversions.

I had previously raised concerns in Parliament in October 2021 and May 2023 about the insecurity of SMS OTPs. Given the concern about SMS OTPs, I further asked whether MAS had a timeline for requiring banks to phase out the use of SMS OTPs in favour of other multi-factor authentication (MFA) methods. For those customers who were already using other MFA methods, I asked whether MAS would require banks to provide them with the option to stop the use of SMS OTPs.

Replying on the Prime Minister’s behalf, Mr Tharman Shanmugaratnam acknowledged that between September 2020 and December 2020, there were cases reported where malicious actors diverted SMS OTPs to perform fraudulent bank transactions. He said local telco operators had since implemented additional security safeguards to mitigate the risk. Hence, the risk of SMS OTPs being diverted had now been largely addressed and the Police had not found any confirmed cases of SMS OTP diversions since January 2021.

However, given the inherent vulnerability of the SMS channel, Mr Tharman said that the Monetary Authority of Singapore (MAS) has required banks to phase out SMS OTP as a sole factor to authenticate high-risk transactions. He said the transition has commenced, and MAS will set a deadline for all retail banks to complete this. Indeed, I received a notification from my bank on 18 July stating that they will be moving away from SMS OTP and manual verification questions progressively as they transit to push notifications for authentication purposes.

This is the full answer provided by the Government:

REVIEW OF PAST CASES GIVEN RECENT ADVISORY ON MALWARE-
RELATED UNAUTHORISED BANK TRANSACTIONS

Mr Gerald Giam Yean Song asked the Prime Minister (a) in the past year how
many fraudulent bank transactions have been made a result of SMS one-time password (OTP) diversions; (b) whether MAS has a timeline for requiring banks to phase out the use of SMS OTPs in favour of other multi-factor authentication (MFA) methods; and (c) whether MAS will require banks to provide customers with the option to stop the use of SMS OTPs in the interim, if they are already using other MFA methods.

Dr Tan Wu Meng asked the Prime Minister in view of the police advisory
informing the public that malware was used to compromise mobile devices resulting in unauthorised transactions made from bank accounts, whether MAS will consider reviewing previously closed cases of customer disputes with banks where unauthorised transactions were reported despite one-time passwords not being divulged or received.

Mr Tharman Shanmugaratnam (for the Prime Minister): My response will cover the questions raised by Mr Gerald Giam and Dr Tan Wu Meng in today’s Order Paper.

Globally, and in Singapore, scam cases have been rising. Scammers have been quick to evolve their tactics to trick consumers into divulging their banking credentials as well as to evade detection. As previously explained in this house, Singapore has adopted a multi-layered strategy to combat scams. Agencies are continuing to work closely with the industry to strengthen our anti-scam measures to fight the evolving threats.

Before 2021, there were cases reported where malicious actors diverted SMS one-time passwords (OTPs) to perform fraudulent bank transactions. These occurred between September 2020 and December 2020. The attacks were caused by unauthorised access to the systems of overseas telecommunication (telco) operators to divert the SMS OTPs sent by the banks to their customers, which were then used to authenticate fraudulent online card payment transactions. While our local telco networks were secure and not compromised, the telco operators had since implemented additional security safeguards to mitigate the risk. Hence, the risk of SMS OTPs being diverted has now been largely addressed. The Singapore Police Force has also not found any confirmed cases of SMS OTP diversions since January 2021.

Nevertheless, given the inherent vulnerability of the SMS channel, the Monetary Authority of Singapore (MAS) has required banks to phase out SMS OTP as a sole factor to authenticate high-risk transactions. Banks in Singapore have already moved away from sole reliance on SMS OTP for high-risk online banking activities, like adding of payees and changing of fund transfer limits. MAS expects the same for high-risk card transactions, such as authorising online card payments. The transition has commenced, and MAS will set a deadline for all retail banks to complete this.

MAS does not currently see the need to require banks to provide customers the
ability to opt out of SMS OTPs as this would limit the authentication toolkit that the banks have and dilute the effectiveness of multi-layered security for protecting customers. When used in combination with other authentication factors such as biometrics or digital tokens, SMS OTP provides an additional layer of security that fraudsters have to overcome. In addition, SMS OTP is an authentication method that is accessible by all customers as it can be received on any type of mobile device. It allows all customers to perform low-risk activities, such as viewing of account balance and paying of bills, conveniently without the need for an additional device. Removing SMS OTPs entirely will exclude a significant number of online banking customers who do not own mobile devices that can install digital tokens.

The transition away from sole reliance on SMS OTP for high-risk online banking activities will however not deal with other scam types, such as those related to phishing and malware to steal banking credentials, that has been growing recently. Scam cases involving malware infections of customer devices are not new. However, scammers are exploiting newer technologies. In more recent cases, they have acquired the ability to control customers’ devices using malware. In such cases, the customer may not be aware that SMS OTPs had been delivered to his mobile device, or that unauthorised transactions had been performed, as the scammer who has obtained control over the mobile device has deleted both the SMS OTPs and transaction notifications. Such cases are concerning.

The Cyber Security Agency of Singapore has published an advisory on an ongoing malware campaign targeting Android Devices in May 2023. Members of the public are strongly reminded and urged to take these necessary measures, which have also been amplified by the banks, to protect themselves against malware:
(a) Pay attention to the security permissions requested by the application and be wary of applications that ask for unnecessary permissions on mobile devices.
(b) Install applications only from the official Google Play Store.
(c) Uninstall any unknown applications that are found in mobile devices
immediately.
(d) Perform anti-virus scans and keep regular backups of important data.
(e) Ensure that mobile devices’ operating systems and applications are updated
regularly to be protected by the latest security patches.

When customers discover any unauthorised transactions in their accounts or suspect that their mobile device may have been compromised by malware, they should immediately contact the bank or activate the “kill switch” that the banks provide to freeze their accounts. They should work in cooperation with the bank to establish the facts surrounding the transaction. They should also report fraudulent activities to the Police. For malware cases, the Police may request that customers submit their mobile devices for investigation.

MAS expects banks to treat customers fairly in all cases of dispute over unauthorised transactions. Banks must consider whether they have fulfilled their obligations, and whether customers have done their part in protecting their accounts. Customers can ask banks to reassess their cases should new information relevant to their disputes surface.

Source: Singapore Parliament Reports (Hansard) and MAS

Photo by Mikhail Nilov on Pexels