How Singapore Is Shaping the Global Standard for Next-Generation AI Assurance
Artificial intelligence (AI) is accelerating into uncharted territory. Today’s systems are multimodal, able to understand text, images, audio, video, gestures, and increasingly multiple languages and cultural contexts. They do not just respond to instructions—they infer, detect patterns, and act in ways that increasingly resemble human reasoning across different modes and contexts.
This rapid progress brings extraordinary possibilities, but it also introduces new and unfamiliar risks.
Many existing AI safety frameworks were designed for a much simpler era—one that is dominated by text-only models, English language benchmarks, and Western-centric datasets. As AI becomes more multimodal and multicultural, the gap between what AI can do and how well we govern them is growing wider.
This raises an urgent question for policymakers, technologists, and businesses: How do we ensure that AI remains safe, fair, and trustworthy in a world of diverse cultures, languages and use cases?
AI safety’s new frontier
As AI systems expand across different formats and languages, the ways they can fail multiply as well.
At the core of this challenge is cultural sensitivity. As Prof Lam Kwok Yan, Executive Director of the National Centre for Research in Digital Trust (DTC), explains, AI safety can no longer be defined purely in technical terms. It is no longer enough for a model to behave “as specified,” it must also align with the social norms of the environment in which it is used.
This becomes especially complex when the same prompt is interpreted differently across languages. Models trained mainly on English and Western datasets can respond inconsistently across languages—even when presented with the same prompt.
Prof Lam illustrates this with a simple example: “If you ask an LLM [large language model] to criticise the monarchy—what is normal in one society can be offensive in another.”
Multimodality further raises the stakes. According to Prof Mohan Kankanhalli, Director at NUS AI Institute, safety becomes even harder when alignment varies across formats and languages. Multimodal systems introduce a larger “attack surface”, creating new vulnerabilities, inconsistencies, and opportunities for malicious exploitation.
“Training is not uniform across languages,” explains Prof Kankanhalli, where techniques like code-mixing or the switching between languages within a single prompt, can bypass safety guardrails.
In this new landscape, safety failures are no longer limited to words that are sensitive or inappropriate, or misclassified images. The risks are amplified as AI systems become more autonomous—connecting to tools, acting on behalf of users, and making decisions with real-world consequences.
From ad-hoc testing to scientific rigour
If AI risks are becoming more complex, testing must become more disciplined. Prof Lam suggests that AI’s rapid evolution demands a more scientific foundation for safety. The gap between academic research and real-world deployment has shrunk from a decade to just a few years. This means that risks emerge before they are fully understood.
Early testing, he explains, is often exploratory. But once patterns of failure become clearer, a more systematic and rigorous approach is needed.
“We need to build a taxonomy of AI risks and develop rigorous methods to test each type, because there is no one-size-fits-all approach to these problems,” says Prof Lam. This bottom-up scientific discipline, he argues, is essential before any unified safety framework can be established.
The evaluation gap
But even before testing begins, organisations face a more basic obstacle: the lack of high-quality, multilingual and multicultural datasets.
“The most important challenge is the lack of data,” says Prof Kankanhalli. He explains that creating datasets to simulate attacks or test behaviour across cultures is extremely time-consuming. Without these datasets, it becomes nearly impossible to properly evaluate AI systems across different linguistic and cultural contexts, such as for high-stakes deployments like legal reasoning, HR screening, customer service, and healthcare triage.
Another major blind spot lies in how organisations test AI for cultural and multilingual behaviour. Many try to test both at once, often leading to misleading results.
Prof Lam recommends a staged approach: test cultural acceptability first in a familiar language, then evaluate multilingual performance. Failing to separate these dimensions can throw up errors.
Domain-specific nuance adds yet another layer of complexity. In one example, a medical report had mentioned ‘collateral ligament’, and the model misinterpreted ‘collateral’ as a financial instrument,” which caused all the subsequent analysis to be wrong.
AI safety by design, not as an afterthought
To close these gaps, Singapore is developing practical tools for safety testing. One example is the open-source toolkit Project Moonshot, developed by Infocomm Media Development Authority’s (IMDA) BizTech Group (BTG), that combines benchmarking and automated red-teaming to help developers and compliance teams identify risks in LLMs. Singapore is also working with industry and academic partners such as Amazon Web Services (AWS) and ELGO AI to strengthen the ecosystem.
In a collaboration with Singapore University of Technology and Design (SUTD) and AWS, Moonshot uncovered “out-of-domain hallucinations” in an AI-powered STEM tutor—such as a mathematics tutor answering questions about a science concept. In another project with National University of Singapore (NUS) and ELGO AI, Moonshot was applied to evaluate a structured AI system for student activity risk assessment, demonstrating its flexibility beyond chatbots.
Lee Gang, Co-Founder & CEO of ELGO AI, a provider of AI development, hosting, and API services, observes that structured evaluation is still the exception than the norm. He says: “Most providers just develop and launch. There is no structured approach, no monitoring, no documentation. Maybe one out of ten even asks how to evaluate properly.”
Lee’s observation points to a wider problem: AI safety cannot rely on individual providers doing the right thing voluntarily. That gap is exactly what Singapore is trying to close—by treating AI assurance as infrastructure, and designing safety into the system rather than adding it after problems appear.
“Advancing the next generation of trust technologies is key to creating a resilient digital ecosystem for Singapore, one that builds public trust, protects data privacy, and supports secure, responsible innovation," said Kwee Geak, Director of Programmes for Digital Transformation Cluster at IMDA.
Singapore’s approach to AI safety standards stands out for its integration of research, policy and industry. Instead of importing governance models from the US or Europe, Singapore is building an AI safety ecosystem involving the Ministry of Digital Development and Information (MDDI), the National Research Foundation (NRF), and IMDA.
This ecosystem is supported by the Digital Trust Centre (DTC), funded by IMDA and NRF, and hosted by NTU, to focus on key areas of trust technologies; and the Singapore AI Safety Institute (AISI) to develop policies, drive technical work related to AI Safety and governance.
“There is close interaction between researchers, the regulator, and industry. IMDA plays a critical role in fostering this collaboration by providing access to real problems for the researchers and exposure to cutting-edge research for the industry, and ensuring long-term funding support for the local AI safety research ecosystem,” says Prof Kankanhalli.
From frameworks to global impact
A key outcome of this ecosystem is AI Verify, the world’s first testing framework and toolkit that enables companies to assess AI systems for fairness, robustness, safety, and transparency.
“When we tell clients about safety evaluation, they ask: how do I know this is credible? AI Verify and IMDA give that credibility,” says Lee.
Together with Project Moonshot and the Global AI Assurance Pilot, developed with the AI Verify Foundation, it extends this approach internationally by testing generative AI models across Southeast Asia’s diverse languages and cultures, bringing advanced safety testing and benchmarking into industry hands.
Singapore as a global AI safety testbed
Singapore’s strength lies not in size, but in design. The nation’s cultural diversity makes it a natural environment for inclusive AI testing, while its position as a global hub for aviation, maritime, finance, logistics, and telecommunications generates rich, high-quality data.
“In these domains, our data can be richer than in much larger countries,” says Prof Lam.
This data advantage is underpinned by strong foundation of digital trust. Singapore’s Privacy-Enhancing Technologies (PET) frameworks and national Data Protection Trustmark (DPTM) ensure responsible data sharing and AI evaluation without compromising sensitive information.
“Most people consider us a neutral, trusted partner. We have strong conditions to ensure data and IP are protected,” says Prof Lam.
Besides being widely regarded as a neutral and reliable partner, Singapore offers strong conditions for protecting data and intellectual property, an important foundation when safety evaluation requires collaboration across companies, countries, and culture.
Hence, Singapore’s direction towards strengthening scalable assurance through better testing infrastructure, clearer risk taxonomies, and context-aware fairness metrics that reflect cultural and linguistic differences.
The urgency is due to three reasons: First, AI deployment is growing faster than governance adoption, widening the gap between capability and oversight. Second, the rise of AI agents expands the attack surface into operational and cybersecurity territory as agentic systems interact with browsers, tools, and external systems. Browser-integrated AI is already creating huge security risks, warns Lee.
Third, industries like healthcare, finance, logistics, and law require domain-specific safety evaluation, where generic benchmarks are not sufficient.
This is why Singapore’s focus is shifting toward scalable assurance: developing taxonomies of AI risk, expanding testing into multimodal and generative scenarios through the Global AI Assurance Sandbox, and building context-aware fairness metrics that capture cultural and linguistic differences.
Ultimately, the goal is not simply to publish policies, but to create something more durable: a reference model for practical, multicultural AI assurance—one in which frameworks are validated through science and rigorous testing, not just policy. This shows that responsible AI does not have to slow down innovation. Done well, assurance does not slow innovation, but enables it by strengthening AI systems, improving trust, and helping AI scale safely.
.webp)