The information contained in this document is marketing material and for informational purposes only. The information contained in this document is presented without any warranty or representation as to its accuracy or completeness and all implied representations or warranties of any kind are hereby disclaimed. Recipients of this document, whether clients or otherwise, should not act or refrain from acting on the basis of any information included in this document without seeking appropriate professional advice. The provision of the information contained in this document does not establish any express or implied duty or obligation between Citco and any recipient and neither Citco nor any of its shareholders, members, directors, principals or personnel shall be responsible or liable for results arising from the use or reliance of the information contained in this document including, without limitation, any loss (whether direct, indirect, in contract, tort or otherwise) arising from any decision made or action taken by any party in reliance upon the information contained in this document. © The Citco Group Limited, December 2023.
Singapore: Requirement to register Data Protection Officer with ACRA
According to the Personal Data Protection Act, every organization must appoint at least one person as a Data Protection Officer (DPO) to manage data protection duties and guarantee PDPA compliance.
A DPO must possess the necessary skills and knowledge to guarantee that the organization complies with the PDPA. This officer does not have to be employee of the organization, however, he/she should be reachable at all times. Depending on the company, a DPO may be a person whose scope of work solely relates to data protection or who has numerous roles in addition to being primarily responsible for data protection.
In terms of the required steps, the board must pass a resolution on the appointment of a DPO and the company must register details of DPO with ACRA.
Please note that there is no time limit for registering a DPO. Moreover, the registration of the DPO data with ACRA is not obligatory but it is highly recommended.
For more information read Raymond Ching’s article ‘What you need to know about appointing a Data Protection Officer in Singapore’ here.