Circular 04/2026 · New Entry Notification · Programme Reference: CSP-18

Certificate of Corporate Secretarial Practice

A formal credential issued by Data Bureau (Singapore) confirming that the holder is an ACRA-registered Corporate Service Provider that meets an independently assessed standard of governance, compliance, and operational conduct.

About This Certificate

The Certificate of Corporate Secretarial Practice (Programme Reference: CSP-18) is issued by Data Bureau (Singapore) to Corporate Service Providers (CSPs) registered with the Accounting and Corporate Regulatory Authority (ACRA) under the Corporate Service Providers Act 2024. Each certificate is assigned a unique Certificate ID and is valid for one year from the date of issuance, subject to ongoing compliance with the Data Bureau (Singapore) Renewal, Revocation & Programme Conduct Policy (DB-POL-001).

The certificate confirms that the holder is a legally registered CSP in good standing with ACRA, and has satisfied Data Bureau's independently assessed standard across six domains: regulatory standing and institutional legitimacy, AML/CFT/KYC compliance, statutory and regulatory filing governance, employment and human resource compliance, operational governance and client protection, and public institutional presence and brand integrity.

ACRA CSP registration is a prerequisite for application. Registration confirms who may operate and under what conditions. CSP-18 assesses what a CSP does within that framework — how it governs its compliance, manages client obligations, maintains its staff, and presents itself to the market.

Certificates are publicly verifiable at any time via the Data Bureau (Singapore) registry at databureau.com.sg/registry. Any business, counterparty, or procurement officer may enter a Certificate ID to confirm its authenticity and current status.

Assessment Areas

The assessment areas below follow the CSP-18 standard framework used by Data Bureau (Singapore). They are presented in neutral, high-level terms and do not constitute an exhaustive disclosure of all evaluative factors.

The assessment areas below are illustrative. An entity may satisfy every published area and still not receive certification where proprietary assessment factors indicate material risk. Published areas are a necessary but not sufficient condition for certification.

Assessment Area 1

Regulatory Standing & Institutional Legitimacy

•Active ACRA CSP registration and verifiable legal identity as a Singapore-registered institution.
•Consistent registered particulars across official government records and public-facing materials.

Assessment Area 2

AML / CFT / KYC Compliance

•Documented anti-money laundering, counter-financing of terrorism, and customer due diligence policies in operation.
•Staff training, beneficial ownership verification, and client risk management practices consistent with applicable regulatory requirements.

Assessment Area 3

Statutory & Regulatory Filing Governance

•Demonstrated record of managing statutory compliance obligations on behalf of client companies within required timeframes.
•Systematic processes for deadline management, statutory registers, and client portfolio oversight.

Assessment Area 4

Employment & Human Resource Compliance

•Workforce managed in accordance with Singapore employment law, CPF requirements, and MOM regulations.
•Designated Registered Qualified Individual (RQI) maintained with current qualification and training records.

Assessment Area 5

Operational Governance & Client Protection

•Written engagement terms, conflict of interest policies, and PDPA-compliant data handling in place.
•Client complaints process, professional indemnity insurance, and records handover procedures documented and operational.

Assessment Area 6

Public Institutional Presence & Brand Integrity

•Coherent and verifiable public identity maintained consistently across the firm's website, communications, and official records.
•Named personnel, registered business name, and contact information consistent and publicly accountable.

Application Process

Applications are submitted directly to Data Bureau (Singapore). Assessment is conducted remotely. No physical site visit is required.

1
Application submission
The applicant submits the CSP-18 application form via the designated submission channel, confirming ACRA CSP registration status. The application fee is settled at submission.
2
Evidence package submission
The applicant submits the full evidence package covering all six assessment domains. Incomplete submissions are returned within five working days with a written specification of outstanding items.
3
Mandatory domain review
Data Bureau's assessing panel reviews the four mandatory domains first. Where any mandatory domain does not meet its individual threshold, the applicant is notified and the assessment is closed. The applicant may reapply after a minimum remediation period of 90 days.
4
Full domain review
Where all mandatory domains are satisfied, the panel assesses the remaining domains. A clarification interview by video conference may be requested to resolve evidentiary ambiguities.
5
Assessment report
A confidential assessment report is issued to the applicant specifying domain-level findings and, where applicable, remediation requirements. The report is issued within 15 working days of evidence package acceptance.
6
Certificate issuance
Upon a certified outcome, the CSP-18 certificate is issued in digital format. The firm's name and certification status are recorded in the Data Bureau public registry.

Renewal, Revocation & Conduct

Certificate holders are subject to the Data Bureau (Singapore) Renewal, Revocation & Programme Conduct Policy (DB-POL-001), which governs ongoing compliance obligations, annual renewal requirements, revocation grounds, and the appeals process.

Recertification is required at 12-month intervals. Material changes to the firm's structure, ownership, or regulatory status must be notified to Data Bureau within 21 days of the change occurring.

The full policy is published separately and is available online.

About This Certificate

Assessment Areas

Assessment Area 1

Regulatory Standing & Institutional Legitimacy

•Active ACRA CSP registration and verifiable legal identity as a Singapore-registered institution.
•Consistent registered particulars across official government records and public-facing materials.

Assessment Area 2

AML / CFT / KYC Compliance

•Documented anti-money laundering, counter-financing of terrorism, and customer due diligence policies in operation.
•Staff training, beneficial ownership verification, and client risk management practices consistent with applicable regulatory requirements.

Assessment Area 3

Statutory & Regulatory Filing Governance

•Demonstrated record of managing statutory compliance obligations on behalf of client companies within required timeframes.
•Systematic processes for deadline management, statutory registers, and client portfolio oversight.

Assessment Area 4

Employment & Human Resource Compliance

•Workforce managed in accordance with Singapore employment law, CPF requirements, and MOM regulations.
•Designated Registered Qualified Individual (RQI) maintained with current qualification and training records.

Assessment Area 5

Operational Governance & Client Protection

•Written engagement terms, conflict of interest policies, and PDPA-compliant data handling in place.
•Client complaints process, professional indemnity insurance, and records handover procedures documented and operational.

Assessment Area 6

Public Institutional Presence & Brand Integrity

•Coherent and verifiable public identity maintained consistently across the firm's website, communications, and official records.
•Named personnel, registered business name, and contact information consistent and publicly accountable.

Application Process

Applications are submitted directly to Data Bureau (Singapore). Assessment is conducted remotely. No physical site visit is required.

Application submission

The applicant submits the CSP-18 application form via the designated submission channel, confirming ACRA CSP registration status. The application fee is settled at submission.

Evidence package submission

The applicant submits the full evidence package covering all six assessment domains. Incomplete submissions are returned within five working days with a written specification of outstanding items.

Mandatory domain review

Data Bureau's assessing panel reviews the four mandatory domains first. Where any mandatory domain does not meet its individual threshold, the applicant is notified and the assessment is closed. The applicant may reapply after a minimum remediation period of 90 days.

Full domain review

Where all mandatory domains are satisfied, the panel assesses the remaining domains. A clarification interview by video conference may be requested to resolve evidentiary ambiguities.

Assessment report

A confidential assessment report is issued to the applicant specifying domain-level findings and, where applicable, remediation requirements. The report is issued within 15 working days of evidence package acceptance.

Certificate issuance

Upon a certified outcome, the CSP-18 certificate is issued in digital format. The firm's name and certification status are recorded in the Data Bureau public registry.

Renewal, Revocation & Conduct

Recertification is required at 12-month intervals. Material changes to the firm's structure, ownership, or regulatory status must be notified to Data Bureau within 21 days of the change occurring.

The full policy is published separately and is available online.