L·V Notes
Brief · Read-through of MAS P017-2025
What MAS expects · when
Reading the consultation paper · sharp version

What MAS expects, and
when it expects it.

From a clean read of the November 2025 consultation paper P017-2025 and the proposed Guidelines on AI Risk Management. Five expectation areas, ten consultation questions, one transition period, one applicability gate. Below is the picture without the commentary noise.

Issuer
MAS
Consultation paper P017-2025 · Nov 2025
Scope
All FIs · proportionate
Defined in s.2 Financial Services and Markets Act 2022. Branches/subsidiaries may leverage parent-entity frameworks if equivalent.
Consultation closes
31 Jan 2026
10 questions. Submissions published & attributed unless confidentiality requested.
Transition
12 months after issue
Once the final Guidelines are issued, FIs have 12 months to assess and implement.

§ 01 — The five expectation areasWhat MAS asks FIs to do.

The Guidelines are organised around five sections (numbered as MAS numbers them in Figure 1 of the paper). Each section sets supervisory expectations. None creates new prohibitions; all are calibrated by proportionality. Read down this list and the ask is unambiguous.

01
AI Oversight§2 of Guidelines
Board and senior management must own AI risk. Establish frameworks, policies and processes to identify, inventorise, assess materiality, govern, and manage AI through its lifecycle. Foster appropriate AI risk culture. Ensure existing organisation-wide risk management is updated to address AI risks. Define AI risk appetite explicitly with thresholds and indicators. Articulate clear roles and responsibilities; escalation paths; reporting to Board.
  • Board approves governance approach, sets risk appetite, ensures sufficient AI literacy to oversee and challenge.
  • Senior management implements, escalates, allocates resources, regularly reviews effectiveness.
Trigger condition Where overall AI risk exposure is material, FI must establish a dedicated cross-functional AI risk committee. Driven by use cases that expose the FI to significant risks (high-risk AI in critical business lines or regulated activities).
02
Key AI risk management systems, policies and procedures§3 of Guidelines
Three load-bearing systems must exist:
  • AI Identification — clear definitions, criteria, processes (with robust systems) to consistently identify AI usage across all business and functional areas. Designated control function as final arbiter.
  • AI Inventory — accurate, up-to-date inventory of AI use cases, systems and models. Either dedicated, or enhancement of existing inventories with clear linkages. Captures purpose, scope, model type, data, dependencies, lifecycle status, risk-materiality rating, validation status, owners.
  • Risk Materiality Assessment — assessment methodology evaluating impact, complexity, reliance. Inherent and residual risk both assessed. Residual must meet risk appetite before deployment. Reviewed regularly.
Three minimum dimensions Materiality must minimally cover Impact (consequences of failure on FI & customers), Complexity (nature and novelty of the AI), Reliance (degree of autonomy & human involvement, alternatives).
03
AI Lifecycle Controls§4 of Guidelines · 11 control domains
Robust controls covering the entire AI lifecycle, applied proportionate to assessed risk materiality, across eleven control domains:
  • Data management — fit-for-purpose, representative, quality, classification, security, privacy, lineage.
  • Transparency & explainability — calibrated to risk; higher standards for credit, underwriting, advisory, fund management.
  • Fairness — define "fair" outcomes, identify and mitigate harmful bias across the lifecycle.
  • Human oversight — roles, capabilities, design, documentation; counter automation bias and decision fatigue.
  • Third-party AI — onboarding, transparency, supply-chain, concentration, contingency, legal, capability, complexity.
  • Selection — justify and document algorithm and feature choices; weigh complexity against risk.
  • Evaluation & testing — measures, methods (incl. adversarial & stress), overfitting mitigation, key failure modes.
  • Technology & cybersecurity — security, access control, third-party components.
  • Reproducibility & auditability — full documentation across data, training, evaluation, explainability, fairness.
  • Pre-deployment reviews — independent for high-risk; peer reviews otherwise; technology & cyber sign-off.
  • Post-deployment monitoring & change management — drift, incidents, kill switches, retirement protocols.
Contingency plans (high-risk) For AI assessed as high risk, FI must develop and test contingency plans — fallback systems or manual processes. Where "kill switches" exist, contingency activation protocols must be in place and tested regularly.
04
AI Capability & Capacity§5 of Guidelines
Two stacks must be present and maintained:
  • AI risk-management capabilities — competent personnel; recruit talent; train staff; allocate human / technological / financial resources proportionate to AI risk profile. Regular review of training programmes including coverage of newer AI technologies.
  • Technology infrastructure — adequate hardware (e.g. GPU), network, memory, secure data pipelines for performance, scalability, resilience. Aligned to MAS Technology Risk Management Guidelines.
Resource proportionality Capabilities and capacity must be commensurate with the FI's AI exposure. Not aspirational. Not borrowed. Includes Board-level AI literacy sufficient for effective challenge.
05
Scope & Proportionate Application§1.5 + Annex of Guidelines
The Guidelines apply to all FIs but in a manner commensurate with size, nature of activities, AI use, and risk profile. Two-step gate determines what applies:
  • Step 1 — does the FI have AI use cases, systems, or models? If no → basic policies only (Annex §5).
  • Step 2 — is AI used as an integrated part of business processes? If no → basic policies only. If yes → §2 oversight + §3 risk management systems apply in full; §4 lifecycle controls and §5 capabilities apply proportionate to risk materiality of each use case.
Branches/subsidiaries may leverage parent-entity frameworks if those frameworks meet these expectations.
"Integrated part" test (Annex §2) Two questions. (a) Would lack of access to AI disrupt workflows the FI is materially dependent on? (b) Is AI integrated with systems the FI is materially dependent on? Yes to either = integrated.

§ 02 — Proportionality, as MAS draws itThree tiers, one decision flow.

Figure 2 of the consultation paper draws this as a decision tree. Below is the same logic with each tier's binding obligations spelled out. Where you land determines what applies.

Decision flow · which obligations bind

From Annex §1–§4
QUESTION 1 Do you have AI use cases, systems, or models? QUESTION 2 Is AI an integrated part of business processes? TIER 1 · NONE / BASIC USE Basic policies only Annex §5 · 5 minimum elements TIER 2 · NON-INTEGRATED Basic policies only Annex §3 examples (LLM drafting, etc.) TIER 3 · INTEGRATED USE Full Guidelines apply §2 Oversight · §3 Systems · in full; §4 Lifecycle & §5 Capability — proportionate. YES NO NO YES
Tier 1 · No AI
Basic policies only.
  • Senior-management AI owner designated.
  • Allowed/disallowed uses defined.
  • Approved-tools list maintained.
  • Communication, checks, annual review.
  • Human review of AI outputs before use.
No oversight framework, no inventory, no lifecycle controls required at this tier.
Tier 2 · Non-integrated
Basic policies only.
  • Examples (Annex §3): individual LLM use to draft emails; AI grammar/spell tools; AI to summarise research; AI image generation in marketing; ad-hoc claims-document review.
  • Humans use AI assistively and check outputs.
  • Same five basic-policy elements as Tier 1.
Threshold question: would removing AI materially disrupt a workflow? If no — Tier 2.
Tier 3 · Integrated
Full Guidelines apply.
  • §2 Oversight — board, senior management, framework, policies, risk appetite — in full.
  • §3 Risk-management systems — identification, inventory, materiality assessment — in full.
  • §4 Lifecycle controls — 11 domains — proportionate to risk materiality of each use case.
  • §5 Capability & capacity — proportionate to AI exposure.
  • Annex §4 examples: legal contract review, IT helpdesk chatbot, financial data extraction, claims, advisory.
All AI use cases that introduce significant risks (critical business lines, regulated activities) are by definition in Tier 3.

§ 03 — The lifecycle, as MAS describes itEleven control domains, one lifecycle.

Section 4 of the Guidelines is the most operationally detailed. It specifies eleven control domains arranged across the AI lifecycle. Below is the canonical sequence — from intake through retirement — with the binding control at each gate.

G1 · INTAKE
Use-case definition
Roles, scope, materiality
G2 · DATA
Data management
Fit-for-purpose, quality, lineage, privacy
G3 · SELECT
Algorithm & features
Justified, documented, simpler-first
G4 · BUILD
Train & tune
Reproducibility, auditability
G5 · TEST
Evaluation & testing
Measures, stress, adversarial, overfitting
G6 · FAIR/EXPL
Fairness & explainability
Protected attributes, narrative
G7 · REVIEW
Pre-deployment review
Independent for high-risk
G8 · SECURITY
Tech & cyber sign-off
Pen test, red team, deploy checklist
G9 · DEPLOY
Production release
Contingency plan, kill switch (high-risk)
G10 · MONITOR
Post-deployment
Drift, incidents, change management
G11 · RETIRE
Decommissioning
Data destruction, stakeholder notification

Plus the cross-cutting layer.

Three controls run across all eleven gates rather than at any one of them: third-party AI management (transparency, supply-chain, concentration, contingency, legal, capability), human oversight (roles, capabilities, design, documentation), and aggregate-portfolio review (periodic re-validation of high-risk AI; aggregate risk view across all deployed AI). These are present at every gate, owned at every gate, and evidenced at every gate.

§ 04 — Materiality, in three dimensionsImpact · Complexity · Reliance.

MAS specifies the minimum dimensions in §3.10 of the Guidelines. Each AI use case is assessed against all three, both inherent (before controls) and residual (after controls). Residual must meet the FI's risk appetite before deployment (§3.9). Below is the working visualisation an architect would put into the inventory.

Impact on FI & customers →
M · HIGH IMPACT, LOW COMPLEXITY
Established AI in critical decisioning
Conventional credit-scoring model in lending. High explainability standard. Independent validation.
H · HIGH IMPACT, MED COMPLEXITY
Material customer-facing AI
Underwriting, advisory, fund-management AI with significant decision weight. Full lifecycle stack.
H+ · HIGH IMPACT, HIGH COMPLEXITY
GenAI / agentic in critical lines
Cross-functional AI committee. Kill-switch tested. Independent re-validation. Board-visible.
L+ · MED IMPACT, LOW COMPLEXITY
Operational AI, low autonomy
Internal copilots used assistively. Light controls. Periodic review.
M · MED IMPACT, MED COMPLEXITY
Workflow-integrated AI
Helpdesk chatbot, document-extraction tools. Targeted controls, drift monitoring.
H · MED IMPACT, HIGH COMPLEXITY
Novel AI, lower stakes
Pilot agentic systems in non-critical areas. Heavier evaluation despite limited impact, due to complexity.
L · LOW IMPACT, LOW COMPLEXITY
Assistive use
Email drafting, grammar, summarisation. Annex §3 territory. Basic policy only.
L · LOW IMPACT, MED COMPLEXITY
Exploratory AI
Research, exploratory analytics. Light registration; controls if promoted.
M · LOW IMPACT, HIGH COMPLEXITY
Experimental tooling
Sandboxed novel AI. Capability-build focus. Promotion path requires full controls.
Complexity (technology + data + novelty) →

The third dimension — Reliance (autonomy of the AI, level of human oversight, availability of alternatives) — is captured for each use case as a separate axis on the inventory record. Higher reliance shifts the use case toward H/H+ regardless of where it sits on impact × complexity.

§ 05 — The timelineFrom consultation to compliance.

MAS proposes a 12-month transition after issuance (§4.7 of the consultation paper, also Question 10). Issue date is not yet announced; the consultation closed 31 January 2026. Below is the indicative working calendar an architect should plan against — assuming Q3 2026 issuance, which is consistent with MAS's typical post-consultation cadence.

NOV 2025 31 JAN 2026 Q1–Q3 2026 ~Q3 2026 (assumed) ~Q3 2027 + 12 MONTHS CONSULTATION OPEN SUBMISSIONS CLOSE MAS REVIEW + MINDFORGE HANDBOOK FINAL GUIDELINES ISSUED · T₀ END OF TRANSITION 12-month transition · §4.7 PUBLISHED P017-2025 paper DEADLINE 10 questions answered COMPANION MindForge Handbook T₀ · ISSUE Final Guidelines live T+12 · COMPLY Full implementation BANK SIDE · workstreams to land before T+12 Inventory built · materiality methodology defined Lifecycle controls operationalised by tier Capabilities + tech infra in place · Board MI live

The architect's working dates.

Honest caveat: the issue date for the final Guidelines is not stated in P017-2025. Q3 2026 is an inference, not a published date. If the consultation produces material changes, issuance could slip into Q4 2026 or 2027. Architects should plan to a moving T₀ but a fixed 12-month window from whatever T₀ turns out to be.

§ 06 — The ten questions on the tableWhat MAS is actually asking.

The Guidelines are at consultation stage, which means the structure described above is provisional. MAS asks ten questions in §5 of the paper. Reading the questions tells you where MAS itself sees the open ground.

Q1
Application of Guidelines to all FIs in a proportionate manner — is the Annex guidance workable?
Q2
Proposed scope of AI use cases, systems and models — is the definition fit?
Q3
Responsibilities of the Board and senior management — are they appropriately set?
Q4
Cross-functional AI risk committee where AI exposure is material — and how is "material" assessed at organisational level?
Q5
Definitions, criteria and processes for consistent AI identification — workable in practice?
Q6
Maintaining an accurate, up-to-date inventory of all AI usage — feasible across the FI?
Q7
Risk dimensions of impact, complexity, reliance — are these the right three? Are others needed?
Q8
Lifecycle standards, processes and controls — and the proportionate-application calibration.
Q9
Anything missing? Aspects of AI risk management not covered.
Q10
The proposed 12-month transition period — too long, too short, about right?

Three of these questions sit closer to the architectural surface than the others. Q4 is asking how to operationalise materiality at the organisational level — i.e. when does aggregate AI exposure trip the cross-functional-committee requirement. Q7 is asking whether impact/complexity/reliance is the right minimum set. Q10 is asking whether 12 months is enough — and for institutions with mature MRM, it usually is; for those starting from a CMDB and a slide deck, it usually isn't.

The expectation is a working surface, not a slide pack.

Read across all five expectation areas and the message is consistent. MAS expects identifiable, inventoried, materiality-assessed AI; controls calibrated to materiality, not status; and capabilities and infrastructure that are real, not declared. The 12-month transition is generous against a clean starting point and tight against a messy one. The proportionality flow makes the obligations smaller for FIs with light AI use; it does not make them softer for FIs with integrated use.

For the architect, the unit of work is the inventory record. Every AI use case in the FI either has one (with materiality, lifecycle status, owner, validation, third-party links, evidence trail) or it does not. By T+12, every use case must have one. That is the test the supervisor will run.

Source · MAS Consultation Paper P017-2025 Guidelines on AI Risk Management · Nov 2025 10 questions · 12-month transition Submission: form.gov.sg/690b2a3b024ee5eebbfcf7f1