I’ve just returned from a productive week in Singapore, and I can say with confidence, if you want to see where the future of ethics and compliance regulation is heading, look east.
Over the course of several days, I had the privilege of hosting an LRN Masterclass for senior compliance leaders, delivering a keynote at Global Legal ConfEx Singapore 2026 on the country’s emergence as a regulatory vanguard, and later returning to the stage to share findings from our 2026 Ethics & Compliance Program Effectiveness Report, with a particular focus on the Singapore data.
The conversations I had with legal and compliance professionals throughout the week reinforced a reality that our research has been tracking for years, the gap between organizations that are genuinely transforming their compliance programs and those still automating old habits is widening. And nowhere is that contrast sharper than in Singapore.
But is this transformation or transition?
Our 2026 Program Effectiveness Report, The Next Leap: Technology, Trust, and the Transformation of Compliance is built on surveys responses of over 2,500 ethics and compliance professionals and employees across industries and regions. The central question this year was “are organizations leveraging technology to enhance trust, or simply to automate old habits?”
The global picture is one of progress and paradox. Programs are expanding in sophistication and reach, but many remain stuck in a transitional phase, embracing technology in form, but not yet in function. The global program effectiveness score edged up only slightly, from 3.87 in 2025 to 3.89 in 2026 (on a 5.00 scale). High-impact programs continue to accelerate, while medium and low tiers improve only marginally. The performance gap is compounding year over year.
What makes Singapore such a compelling case study is that the regulatory environment here isn’t waiting for the profession to catch up. 2026 marks the end of Singapore’s grace period. Where 2025 was about setting reporting standards, 2026 is about enforcement, and after a decade talking about “Tone at the Top”, Singapore’s regulator just gave that tone a set of very sharp teeth.
Leadership accountability is no longer just a best practice; it’s a legal requirement. As of November 2025, fines for breaching director duties quadrupled to S$20,000. Courts can now issue custodial sentences of up to 12 months alongside fines for failing to act with reasonable diligence.
Our report data show that globally, 96% of high-impact programs say their ethical culture has grown stronger through recent challenges, compared to just 62% of low-impact programs. Singapore’s legislative approach makes clear that accountability can’t be optional, it must be structural. While the global data reveal board oversight has plateaued (fewer than half of organizations report their boards regularly review E&C metrics), financial firms in Singapore now require quarterly board attestations on compliance. That’s a fundamentally different expectation of governance.
One of the most striking contrasts between our global findings and Singapore’s regulatory posture is in AI governance. Globally, only 33% of organizations reference AI ethics in their codes of conduct. While 39% report using AI in at least one aspect of their compliance programs, fewer than half can explain how it actually improves outcomes. The gap between adoption and meaningful integration remains a critical barrier.
Singapore isn’t waiting for that gap to close. In January 2026, Singapore launched the world’s first Model AI Governance Framework for Agentic AI at Davos. Because agentic AI can act autonomously, updating databases, executing payments, making decisions without direct human instruction and the framework mandates “approval checkpoints” and “meaningful human accountability” to prevent automation bias. It encourages sandboxing and technical controls to manage autonomous actions.
This is exactly the kind of forward-leaning governance our report calls for. High-impact programs are 2.2 times more likely to focus on AI risks, 1.4 times more likely to integrate AI into training, and 1.3 times more likely to address AI in their code of conduct compared to medium-impact programs. Singapore’s framework provides a blueprint for what that integration can look like at a national level.
Our report found that only 29% of organizations globally employ analytics tools to evaluate program performance, a figure virtually unchanged from the prior year. In Singapore, if you aren’t digital by June, you aren’t just “medium-impact” you’re non-compliant.
Singapore is completely phasing out paper-based submissions by Q2 2026. Companies are mandated to integrate directly with ACRA’s API system to transmit data in real time. This isn’t aspirational, it’s a regulatory deadline with consequences.
The regional data from our report tells an interesting story here. Among the eight countries surveyed, Singapore showed 32% of organizations increasing the amount and type of data obtained from their E&C programs, which met with smiles in the room as it was notably higher than Japan at 16% and the UK at 20%, though behind the US at 43%. For adding data-based compliance tools, Singapore came in at 23%, in line with France but behind the US (30%) and UK (29%). There’s momentum, but the regulatory environment is pushing faster than voluntary adoption alone would achieve.
Globally, our data show that only 58% of employees believe their managers hold themselves to the same ethical standards as everyone else. In low-impact programs, that figure drops to just 15%. This middle management disconnect, where values articulated at the top fail to translate into daily practice. This remains one of the most persistent barriers to effective compliance programs.
Singapore is addressing this structurally.
The 2025/2026 Workplace Fairness Bill mandates formal grievance handling, forcing transparency in how concerns are escalated and resolved. Rather than relying solely on training and culture-building (which our data show often doesn’t reach middle managers in meaningful ways), Singapore is legislating the mechanisms of accountability.
The generational data in our report adds further texture. Gen Z employees report higher trust in managerial fairness and transparency (65%) than Gen X (55%). But trust alone isn’t enough, this needs to be supported by systems and structures. Singapore’s approach recognizes this.
The report reveals that third-party and supply chain oversight continues to lag behind other areas of compliance maturity globally. Overall adoption of third-party due diligence sits at just 27%, with a pronounced gap between high-impact programs (51%) and low-impact ones (15%). Only 35% of organizations are considering fraud training in the next year, which is concerning given mandates like the UK’s Failure to Prevent Fraud law.
Singapore is pushing ahead on ESG with concrete deadlines. Large Singaporean issuers must report Scope 3 (upstream and downstream) emissions starting in FY2026. This isn’t guidance, it’s a mandate, and it extends the reporting obligation deep into supply chains.
In our Masterclass on Wednesday morning and my subsequent session at Global Legal ConfEx, the conversation kept returning to this theme that the organizations best positioned for what’s coming aren’t the ones with the most tools, they’re the ones that have embedded data literacy, cultural intelligence, and ethical governance into how they actually operate. Singapore’s regulatory environment is effectively forcing that integration.
The week confirmed something I’ve been observing across our global research program for a while, the future of compliance isn’t about technology or culture, it’s about the integration of both, anchored in trust.
The report, which was co-written by Eric Morehead, Guillem Casoliva and myself, with expert guidance from our LRN Advisory team, frames 2026 as an inflection point, defined by technological potential and ethical necessity. The next leap in E&C effectiveness depends on integrating ethics with analytics, embedding ethical intelligence at every level (especially among middle managers), expanding governance engagement from passive oversight to active cultural stewardship, and clarifying AI’s role with global standards for transparency, fairness, and accountability.
Singapore is arguably further along this path than many jurisdictions in the world. The conversations I had with compliance leaders throughout the week, reinforced that the appetite for transformation is there. The challenge, as our data consistently shows, is closing the gap between intent and execution.
Looking further ahead
As I look further ahead, I asked some of the attendees what’s keeping them up at night
AI governance, ethics, and integration risks remain front and centre. The rapid adoption of AI in financial services raises concerns around explainability, bias, third-party AI providers, lifecycle controls, and ethical use. CECOs are grappling with how to integrate AI into compliance programs without adequate oversight, potential impacts on their teams, and emerging MAS guidelines on AI risk management expected to advance further in 2026.
AML/CFT and financial crime compliance continues to intensify. Heightened requirements around anti-money laundering and countering the financing of terrorism, stricter suspicious transaction reporting timelines, and new obligations around proliferation financing risks (particularly regarding FATF-flagged jurisdictions) are compounding. Singapore’s push against scams, including real-time frameworks and shared responsibility models which adds further pressure amid cross-border complexities.
Third-party and supply chain risks, a theme strongly echoed in our report’s global findings, remain a concern. Over-reliance on vendors, fintech partners, and global suppliers amplifies risks in oversight, due diligence, and cascading failures across AML and cyber. It’s not the due diligence, or the onboarding, that worries CECO’s but how their organizations are monitoring, training and educating their suppliers to align with the policies, procedures and values of the company they are providing services to.
Conduct, culture, and individual accountability round out the picture. Maintaining ethical culture, addressing conflicts of interest, strengthening whistleblower protections, and tackling retaliation fears remain critical. MAS’s Individual Accountability and Conduct (IAC) guidelines place clear expectations on senior management, while broader ESG integration adds further layers in an already demanding environment.
So, what are my final takeaways?
Well, it’s clear that Singapore’s regulators are emphasizing responsible innovation while simultaneously tightening safeguards across financial crime, technology, and conduct. For compliance professionals, whether based in Singapore or operating across Asia-Pacific, the message is clear and its how I opened up my keynote, that the enforcement cliff is here.
The organizations that will thrive aren’t the ones simply adopting tools or ticking regulatory boxes. They’re the ones connecting culture to data, embedding ethical intelligence into daily operations, and treating compliance not as a cost centre but as a source of competitive resilience.
LRN’s 2026 Program Effectiveness Report provides the evidence base. Singapore provides the regulatory proof of concept. The question for every compliance leader should now be are you ready to make the next leap?
For more insights from LRN’s 2026 Ethics & Compliance Program Effectiveness Report, visit LRN.com.
