1. AlgoCandyHome
  2. Newsroom
  3. Industry Insights

What is IPPC

In Singapore, the Accounting and Corporate Regulatory Authority (ACRA) requires all Corporate Service Providers (CSPs) and Registered Filing Agents (RFAs) to maintain a proper compliance framework known as the IPPC — short for Internal Policies, Procedures and Controls.

The Importance of IPPC in the CSP AML Compliance Framework

At its core, the IPPC sets out how a CSP identifies, manages, and monitors financial crime risks. It is the foundation of every firm’s AML/CFT compliance system, ensuring that internal controls are consistent, traceable and regularly reviewed.

What an IPPC Covers

A complete IPPC should clearly outline a firm’s internal processes in several key areas:

  • AML/CFT policies: how the organisation detects and manages potential money laundering or terrorism financing risks.
  • Customer due diligence (CDD): how clients are onboarded, verified and monitored, in line with ACRA and FATF standards.
  • Ongoing monitoring: how the company tracks changes in client activity and responds to red flags.
  • Record keeping: how all documents, approvals and audit trails are stored and maintained.
  • Staff training and internal audit: how employees are trained and how compliance is reviewed within the organisation.

Each part of the IPPC works together to create a clear and defensible record of compliance.

ACRA’s Expectations

Under ACRA’s guidelines, CSPs are expected to do three things:

  1. Have a complete IPPC in place. Not having one—or relying on an outdated version—counts as a compliance breach.
  2. Implement it in daily operations. Written policies are not enough; firms must show that the procedures are followed in practice.
  3. Review it regularly. The framework should be updated at least once a year or whenever laws, regulations or business operations change.

These are not just recommendations. In ACRA’s AML inspection framework, the IPPC carries some of the highest compliance weighting.

Why It Matters

A weak or incomplete IPPC often leads to serious findings during audits or inspections. In some cases, firms have faced penalties not because they ignored AML rules, but because they failed to document and implement their policies properly.

A strong IPPC demonstrates that the firm takes its compliance obligations seriously. It protects the business, strengthens client trust and shows regulators that the company is committed to responsible governance.

How AlgoCandy Helps

AlgoCandy offers an audit-ready compliance platform designed specifically for Singapore CSPs. The system allows firms to build and maintain IPPC frameworks aligned with ACRA and FATF requirements, manage CDD and AML screening records, and generate audit reports with just a few clicks.

If you’re unsure where to start, you can refer to our customised IPPC Template Service for CSPs:
https://www.algocandy.com/singapore-ippc-template/

The template is drafted based on ACRA’s compliance framework, covers about 95% of what most CSPs need, and can save significant time when preparing your own IPPC.

Previous:

Read more

Contact us
SHARE
TOP
🎯 AML/CDD Compliance Training · Free Online Session    👉 Register Now
🎁 50% off basic software fee for clients signing up between Oct 1 and Dec 31.   👉 Book a Demo Now