Singapore Corporate Governance After CALA 2025: A Director’s Practical Risk Mitigation Checklist

The Corporate and Accounting Laws (Amendment) Act 2025 (CALA 2025) commenced on 6 May 2026, marking the most significant upgrade to Singapore’s corporate governance penalties in over a decade. Maximum fines for director breaches have quadrupled from S$5,000 to S$20,000. Imprisonment terms have been extended. Audit reports must now name the individual public accountant responsible. Corporate service providers must be registered with ACRA. And the grounds for director disqualification have been expanded.

If you are a director of a Singapore company, the question is no longer whether these changes affect you — they do. The question is what you should do about it. This article provides a practical, action-oriented checklist for directors who want to mitigate their personal risk exposure under the new regime.

The Five Key CALA 2025 Changes That Affect Directors

Before turning to the checklist, it is worth understanding what specifically changed on 6 May 2026.

1. Higher Director Penalties

The maximum fine for breaching core director duties under the Companies Act has increased from S$5,000 to S$20,000 per offence. For more serious breaches — including falsification of accounts and fraudulent trading — imprisonment terms have been extended to up to 12 months. The intent is clear: ACRA wants directors to take their statutory obligations seriously, and the penalty regime has been upgraded to match that expectation.

2. Extended Director Disqualification Grounds

Director disqualification has been extended to include convictions under the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act (CDSA) — Singapore’s primary money-laundering statute. A director convicted of a money-laundering offence will now face disqualification from acting as a director or taking part in the management of any company for up to five years. This is a direct response to the high-profile money-laundering cases Singapore has prosecuted in recent years.

3. Audit Report Named-Auditor Requirement

Going forward, audit reports for Singapore companies must name the individual public accountant responsible for the engagement. Previously, only the audit firm was named. The named-auditor requirement increases individual accountability within audit firms and makes it easier for regulators and shareholders to trace the responsibility for audit opinions.

4. Selective Share Buybacks Require Special Resolution

Selective share buybacks — where a company buys back shares from specific shareholders rather than pro-rata from all shareholders — now require a special resolution (75% approval) plus the approval of 75% of the affected class of shareholders, excluding the participating shareholders themselves. This addresses concerns about selective buybacks being used to squeeze out minority shareholders at artificially low prices.

5. Corporate Service Providers Must Register with ACRA

Under the Corporate Service Providers Act (enacted as part of the broader CALA 2025 package), corporate service providers — including company secretary firms and registered agent providers — must now be registered with ACRA and comply with AML/CFT obligations. For directors, this means that your company secretary must be an ACRA-registered CSP. If they are not, you may be dealing with an unregistered provider, which creates compliance risk.

The Director’s Risk Mitigation Checklist: 10 Action Points

The following checklist is designed to help directors assess and address their personal exposure under the post-CALA 2025 regime. Work through each item with your company secretary or legal counsel.

☐ 1. Review Your Directors’ and Officers’ (D&O) Insurance Coverage

The most direct way to protect yourself against a higher penalty regime is adequate D&O insurance. Check your current policy limit — if it was benchmarked against the old S$5,000 maximum fine, it may be insufficient. Ask your insurer whether the policy covers regulatory fines (many policies distinguish between regulatory fines and civil claims). Review the coverage for legal defence costs, which are often the largest practical expense in a director dispute.

☐ 2. Confirm All Statutory Filings Are Current

Under the higher-penalty regime, overdue filings are a straightforward enforcement risk. Confirm that the following are up to date: annual returns (within 7 months of financial year end for private companies), financial statements (prepared and tabled or distributed to members), confirmation statement filings, changes in officers or share structure filed with ACRA, and any outstanding charges or mortgages registered. See our Singapore Company Compliance Calendar for a complete deadline reference.

☐ 3. Update Your UBO (Beneficial Owner) Register

Singapore companies are required to maintain a Register of Registrable Controllers (RORC), commonly called the UBO register, and to lodge controller information with ACRA. This requirement often goes unattended, particularly for companies with complex ownership structures or recent changes in shareholding. Verify that the RORC is accurate and that lodgement with ACRA reflects the current position.

☐ 4. Verify That Your Company Secretary Is ACRA-Registered

With the Corporate Service Providers Act now in force, your company secretary must be an ACRA-registered CSP. Ask your company secretary for their ACRA registration number. If they cannot provide one, they may be operating without registration, and you should seek to appoint a properly registered provider. You can verify CSP registration status on ACRA’s BizFile+ portal.

☐ 5. Check That Audit Reports Name the Individual Public Accountant

If your company is subject to statutory audit, confirm with your auditor that future audit reports will name the individual public accountant responsible for the engagement, as now required under CALA 2025. For the current financial year, this requirement applies from 6 May 2026. Your audit engagement letter should reflect this change.

☐ 6. Review Any Planned Share Buybacks for Compliance

If your company is planning a share buyback — including as part of a shareholder exit or restructuring — determine whether it is a general or selective buyback. If selective, the new special resolution plus 75% class approval requirement applies. Ensure proper shareholder approval is obtained before any selective buyback is executed. An improperly executed selective buyback is both invalid and a potential trigger for minority oppression claims under Section 216.

☐ 7. Brief Co-Directors on the New Penalty Regime

Each director bears individual statutory responsibility. A breach by one director does not automatically expose others — but a director who was present at a board meeting where an unlawful decision was made, and who did not object, may be held accountable. Ensure all co-directors understand the raised penalty threshold and the specific obligations that apply under the Companies Act. Board minutes should reflect substantive engagement with compliance matters, not merely procedural approvals.

☐ 8. Conduct an AML/CDSA Compliance Review

Given that CDSA convictions now trigger director disqualification, companies should review their AML/CFT procedures — particularly those dealing with customers, suppliers, or counterparties in higher-risk jurisdictions. This is especially relevant for companies that handle cash-intensive transactions, international fund flows, or dealings with newly incorporated entities. If your company does not have a documented AML policy, now is the time to put one in place.

☐ 9. Review Board Minutes and Governance Documentation

Under the higher-penalty regime, the concept of “reasonable diligence” will be scrutinised more closely. A director who can demonstrate — through board minutes, attendance records, and documented queries — that they actively engaged with compliance matters is in a far stronger position than one who rubber-stamped resolutions. Review your board minutes for the past two years. Ensure they reflect substantive discussions on material decisions, not just formal approvals.

☐ 10. Establish a Clear Escalation Protocol

Directors should know when to escalate to the company secretary or legal counsel. As a general rule, escalate when: the company is facing financial difficulty or insolvency risk; a regulatory authority has made an enquiry; a shareholder dispute is brewing; an unusual transaction is proposed; or you are unsure about the legality of a proposed action. The cost of a legal review at the escalation stage is almost always less than the cost of dealing with a breach after the fact. If you need legal advice on director obligations, seek it proactively.

What “Reasonable Diligence” Means in Practice

Many of the Companies Act’s director duty provisions include a “reasonable diligence” defence — a director who exercised reasonable diligence in the performance of their duties may avoid personal liability even if a statutory breach occurred at the company level. Under the higher-penalty regime introduced by CALA 2025, this defence takes on greater importance.

Reasonable diligence is not a passive concept. It requires that a director: attend board meetings and engage with agenda items; read financial statements and raise questions where figures are unclear; follow up on outstanding compliance matters flagged by the company secretary; and seek professional advice when faced with matters outside their expertise.

The more thoroughly a director can document their active engagement — through minutes, correspondence, and professional consultations — the stronger their reasonable diligence argument in any regulatory investigation or court proceeding.

Related CALA 2025 Context for Directors

For a full overview of what CALA 2025 introduced, see our earlier detailed guides: CALA 2025 Commenced 6 May 2026: What Directors Must Know and Corporate & Accounting Laws Amendment Act 2025: Key Changes.

Directors who wish to understand their broader statutory duties — including the general duty of skill, care and diligence and the duty to act in the company’s best interests — should also refer to our Director Duties and Personal Liability in Singapore 2026 guide.

For the latest Singapore business news and regulatory updates, there are useful resources for directors and business owners navigating the post-CALA landscape.

Beyond corporate compliance, sound financial management and investment planning are equally important considerations for business owners managing their personal exposure alongside their corporate responsibilities.

Conclusion

CALA 2025 has reset the baseline for director accountability in Singapore. Higher fines, expanded disqualification grounds, named auditors, tighter buyback rules, and mandatory CSP registration are not abstract regulatory changes — they are practical obligations that every director of a Singapore company must now factor into their governance approach.

The ten-item checklist above is a starting point. Not every item will be equally urgent for every company, but working through them systematically — ideally with your company secretary — will give you a clear picture of where your exposure lies and what needs to be addressed.

To speak with the team at Raffles Corporate Services, you can email [email protected] or call, SMS, or WhatsApp +65 8501 7133. We are happy to assist with any queries.

— The Editorial Team, Raffles Corporate Services