Banking Supervision is responsible for the oversight of all licenced banking activities in Malta which includes non-bank financial institutions (e.g. payment institutions). This oversight includes off-site and on-site examinations of all licenced institutions applying a risk-based approach. The ultimate objective is to ensure that these licensed institutions comply with all regulations and licence conditions, whilst having the necessary corporate governance and control structures in place.
Supervision of both Significant Institutions, which is carried out together with the European Central Banks through the Single Supervisory Mechanism, and that of Less Significant Institutions through the SREP procedures, is executed by the banking Supervision team.
Banking Supervision is also responsible for policy advice and development both within the MFSA and to external stakeholders, to consistently and effectively apply local legislation and transpose EU legislation and guidelines issued by the European Banking Authority.
David Eacott heads the Banking Supervision team within the Authority.
The Communications function has a pivotal role to play in supporting the MFSA’s strategic priority of engaging directly and regularly with all key stakeholders. Acting as the central point of contact, the Communications function drives the Authority’s internal and external communications, and is responsible for managing public and media relations.
As designated brand guardians, the Communications team handles the MFSA’s reputation and image on digital and offline platforms, including the Authority’s website and social media presence, as well as corporate publications. As part of its remit, the Communications function oversees the organisation of the MFSA’s events, which range from briefings, workshops and seminars for licence holders and financial services practitioners, to the MFSA’s participation at fairs and conventions, both locally and overseas.
In keeping with the Authority’s commitment to focus on increased consumer education and awareness, the Communications team devises and implements consumer education campaigns to safeguard consumers’ interests, and also handles, on a daily basis, the various queries received.
The Communications team at the MFSA is led by Christine Apap.
MFSA’s Conduct Supervision oversees the way in which firms, namely those providing services in the areas of banking, insurance, investments, company service providers and trustees & other fiduciaries, design their products and services as well as the manner in which these same firms manage their relationship with consumers.
Firms which place conduct at the top of their agenda promote and support the fair, strong, efficient and transparent provision of services and increase consumer confidence. In turn, the level of trust that consumers have in financial services will also have an impact on the growth of the financial services sector.
Conduct Supervision ensures that consumers of financial services are treated fairly, honestly and professionally by regulated entities. The ultimate objectives of this function is to set up a regulatory framework that secures appropriate consumer protection in financial services. The team also enacts a pre-emptive supervisory regime which addresses potential or emerging risks for financial services consumers, together with an operational regime to strengthen the responsibilities of regulated persons in treating customers fairly.
Emily Benson is the Head of Conduct Supervision at MFSA.
Data Management and Business Intelligence
The Data Management and Business Intelligence (BI) function is a newly set up team within the Authority, through which the MFSA’s data will be treated as an important asset for enabling risk-based supervision. The aim of this function is to enable timely and effective decision-making across the Authority, in line with the overall business strategy.
The team is responsible for driving data governance, data quality management and integrity, as well as the data architecture across the whole organisation, whilst working closely with business stakeholders, process owners and the Technology team. As part of its remit, the function is also responsible for automating and managing data-related supervisory work flows, as well as managing a centralised data warehouse and BI analytics platform to provide ongoing insights, analyses and dashboards for end users.
The Data Management and Business Intelligence team at MFSA is led by Daniela Bagnaschi.
The Due Diligence function is responsible for conducting checks on persons being proposed to take on approved positions within entities licensed by the MFSA. The function’s remit is to focus on probity, intelligence gathering, due-diligence and ongoing monitoring of fit and properness of individuals and their involvements while operating in the financial services sector. To this effect, the Authority is investing in more technology, information systems and process enhancements, along with human resources and skillsets, to increase the effectiveness and robustness of Due Diligence.
Necessitating close collaboration with local and international law enforcement agencies and coordination between the different supervisory and regulatory teams of the MFSA, the function is responsible for carrying out probity screenings in relation to all qualifying beneficial owners as well key functionaries within a licensed entity. The Due Diligence function is also responsible for carrying out ongoing checks on a risk-based approach, to verify that approved persons are of good repute.
The Due Diligence function at the MFSA is led by Paul Caruana.
The Enforcement function is responsible for conducting investigations and enforcing the regulatory framework vis-à-vis persons or entities supervised by the MFSA. This necessitates close collaboration with the other functions within the Authority in order to carry out its work efficiently and effectively. The Enforcement function is also responsible for investigating persons or entities, whether licensed or otherwise, who are suspected of undertaking licensable activities falling within the regulatory and supervisory functions of the MFSA, without the necessary licence or authorisation.
Upon conclusion of its investigations, the Enforcement function makes recommendations for enforcement action to be taken by the Authority. Enforcement action may include, amongst others, the imposition of administrative penalties, the suspension or cancellation of licences/authorisations, the issue of directives requiring that any person having functions in relation to the holder of a licence be prohibited from carrying out licensable activities, and the issue and publication of reprimands and warnings.
The Enforcement team also issues guidance to the public on how to detect investment scams and other market malpractices that could be detrimental to consumers of financial services, as well as notices and warnings to alert the public of the risks involved in transacting with certain entities.
Edward Grech heads the Enforcement function within the MFSA.
The Finance team is responsible for corporate finance, financial planning and control including financial operations and assurance. This includes the preparation of financial budgets and forecasts, treasury, financial planning and control, book keeping, payroll and all statutory accounting.
The team is also responsible for the collection of licence fees, payments to suppliers together with timely submission of financial information to the Ministry of Finance, Board of Governors and other Government entities.
The Finance function also liaises with the Statutory Auditors regarding the annual audit of the Authority’s Financial Statements which are drawn up annually in compliance with International Financial Reporting Standards.
Charlo Bianco heads the Finance function within the MFSA.
Financial Crime Compliance
Financial Crime Compliance is a dedicated AML/CFT supervisory function established to strengthen the MFSA’s role in preventing the use and involvement of authorised persons in money laundering and financing of terrorism. The function is entrusted with the supervision of the Authority’s licence holders to verify that they comply with AML/CFT legislation and procedures, and monitors international sanctions and other restrictive measures whilst providing regulated entities with the relevant information and guidance.
In fulfilling its remit, it also coordinates closely with the prudential and conduct functions of the MFSA and collaborates externally with the Financial Intelligence Analysis Unit, the National Coordinating Committee for AML/CFT, the Sanctions Monitoring Board and other National and international Stakeholders.
Anthony Eddington heads the Financial Crime Compliance function within the Authority.
The Financial Stability team carries out risk monitoring and macro-prudential oversight of the financial services sector.
The function is also responsible for the recommendation of regulatory measures to address systemic and other potential risks impacting the sector, as well as the implementation of policy initiatives to meet regulatory and financial stability objectives.
As a function, it interfaces with the micro-prudential supervisory functions of the Authority at the operational level, ensuring that all relevant information is shared and actioned across all areas of regulation and sector-specific supervision.
Joseph J. Agius heads the Financial Stability Function with the Authority.
Insurance and Pensions Supervision
Insurance and Pensions Supervision is responsible for the prudential oversight of authorised re-insurance undertakings, insurance intermediaries, retirement schemes, retirement funds and retirement plan service providers, including business carried out in an EU Member State or EEA State, either through establishment or under the freedom to provide services.
Supervision is carried out on a prospective and risk-based approach, comprising the continuous verification of the proper operation of the business of insurance and its compliance with insurance legislation, through a combination of off-site and on-site supervision.
Through its supervisory work, the team aims to protect policyholders and beneficiaries in accordance with the regulatory obligations namely emanating from the Insurance Business Act, the Insurance Distribution Act and the Retirement Pensions Act, whilst safeguarding the stability of the financial system.
Ray Schembri heads the Insurance and Pensions Supervision team.
Established through the provisions of Article 12D of the MFSA (Cap 330), the MFSA’s Internal Audit function is an independent and consulting activity designed to add value and improve the operations and control environment of the Authority. It designs its audit engagements to provide independent and objective assurances to the Board of Governors through the Audit Committee.
The Internal Audit function supports the Authority to accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of the internal risk management, control, and governance processes. It keeps the Audit Committee informed on emerging trends and standards in internal auditing and prevention of fraud by providing consultancy and advice as appropriate for the better functioning of the Authority. Internal Audit further assists the MFSA to identify, analyse, respond, gather information and monitor strategic risks that could actually or potentially impact the ability of the Authority in achieving its mission and objectives.
The Internal Audit Charter defines in general terms the purpose, scope of work, accountability, responsibility and authority of the Internal Audit function with the MFSA. It establishes the position of Internal Audit, authorising access to records, personnel and physical properties relevant to the performance of an audit engagement and defines the type and scope of the internal audit activities.
The Head of Internal Audit at MFSA is John Sammut.
People and Culture
Placing employees and other stakeholders at the very heart of the Authority’s mission, the People and Culture function reflects the drive being undertaken to bring about change and organisational growth within MFSA. People and Culture provides the Authority with the human resource capabilities that are essential for the fulfilment of its mission. It attracts and retains the best possible talent while striving to ensure that the Authority becomes an employer of choice for suitably qualified and experienced professionals. It also serves the training and development needs of the employees with the Authority, supporting them in the progression of their career paths.
It is also responsible for identifying training needs in the financial services sector and for developing, creating and implementing training programmes in conjunction with the relevant professional training bodies and academic institutions. The team implements other staff related provisions, including the MFSA Ethics Framework, the MFSA Anti-Fraud Policy and Occupational Health & Safety.
All the projects and initiatives undertaken by the team, such as policy development, recruitment, training and performance management, are driven by the five MFSA values, of integrity, trustworthiness, dependability, independence and excellence.
Calvin Cassar heads People and Culture at MFSA.
Programme Management (PMO) and Quality Assurance
The Programme Management & Quality Assurance office is responsible for the setting up and ongoing management of a single, centralised framework, designed to ensure the implementation and delivery of key organisational projects and other change initiatives within the Authority.
Programme Management define best practice within the Authority with the aim of standardising quality assurance and change management activities, thus introducing economies of repetition in the execution of projects.
The Programme Management team is key towards ensuring the completion of projects, within budget, established timeframes and quality. Whilst providing support to key business operations and IT projects to a successful conclusion, the function seeks to create a foundation for consistent project success throughout the organisation through the development of a strong and pervasive Programme Management discipline within the organisation’s project teams.
Kevin Fitzgerald is the Head of Project Management and Quality Assurance.
Resolution is responsible for drafting resolution plans for banks and certain investment services firms, advising the Resolution Committee on whether an institution should go into liquidation or resolution, and the application of resolution tools as necessary. The Resolution team interacts on an on-going basis with European institutions and local Authorities to carry out its work.
In order to retain its operational independence from the supervisory function, the Act contemplates the creation of a Resolution Committee and its underlying structures. The Resolution Committee shall have all the powers assigned to it by the Resolution Authority under the MFSA Act. The Resolution functions are carried out as contemplated by the Act and as provided for by the Resolution Committee.
Furthermore, these structures administer the requirements emanating from the Bank Recovery and Resolution Directive (BRRD), Single Resolution Mechanism Regulation (SRMR), the Recovery and Resolution Regulations (RRR) and the Intergovernmental Agreement (IGA) on the transfer and mutualisation of contributions to the Single Resolution Fund.
Aldo Giordano heads the Resolution function within the Authority.
Introduced as a separate function within the Authority in 2019, Risk Management is not only responsible for the analysis of risks but also the development of plans to mitigate such risks within the MFSA.
The Risk Management team is responsible for keeping the risk control framework under review, providing the strategic input and direction with regards to the Authority’s risk appetite, ensuring that the defined risk appetite is compliant with the requirements set out by the European Supervisory Authorities.
The Risk Management team is also responsible for ensuring that the internal processes and procedures of the MFSA comply with European Standards whilst offering recommendations on how these can be improved from a risk and quality perspective.
Franco Borg is Head of Risk Management at MFSA.
Securities and Markets Supervision
The Securities and Markets Supervision function’s key objective is to ensure investor protection, fairness, efficiency and transparency in financial markets and the safeguarding of systematic stability. The function is split into three sections: the Authorisations team is responsible for the processing of applications, changes in control and appointment of approved persons, requests for changes in documentation, waiver/exemption applications as well as passporting notifications under the relevant EU/EEA Directives; the Capital Markets team reviews applications for admissibility to listing on Regulated Markets and Initial Public Offerings (processing of notices received by the MFSA as submitted in terms of the Securitisation Act), supervises of listed companies, securities exchanges and trading venues and undertakes general market oversight to ensure market integrity; and the Funds and Investment Firms team supervises collective investment schemes and service providers (fund managers, custodians and fund administrators and investment firms).
The Securities and Markets Supervision function’s approach is primarily focused on offsite and onsite supervision. This function is also currently tasked with undertaking event supervision taking into consideration how specific licensed entities operate, identifying their risk models and how they deal with customers. As a prudential supervisor, the function focuses on system controls, governance arrangements, risk management and risk mitigation within licensed entities.
Doreen Balzan is Head of Securities and Markets Supervision within the Authority.
Strategy, Policy and Innovation
The Strategy, Policy and Innovation function is responsible for providing advice, analyses and reviews on current and prospective strategies and policies related to key priority areas in respect to the various financial services sectors. The function also proposes new areas which could potentially be delved into by the MFSA and provides insight on how related frameworks may be developed.
The function is also responsible for the implementation of the MFSA’s FinTech Strategy, which aims to establish Malta as an international FinTech hub, supporting and enabling financial service providers to infuse technology in product and service offerings. To achieve the objectives identified in the FinTech Strategy, the function is working towards the setting up of a FinTech Regulatory Sandbox and a FinTech Innovation Hub, which will provide the necessary ecosystem to enable FinTech start-ups and scale-ups, technology firms and established financial service providers to develop viable FinTech solutions.
In formulating and proposing policies, the function seeks to ensure that the Authority is proactive in the face of new opportunities, perceived risks and changing international standards which may impact the financial services sector, whilst fostering innovation and enhancing access to financial products. The function hence contributes towards strengthening Malta’s framework for the regulation of the sector, whilst promoting and coordinating strategic thinking across all functions within the MFSA.
As part of its remit, the function is also responsible for participating in selected local, EU and international fora, including committees of the European Supervisory Authorities, which may impinge on the Authority’s strategies and policies.
The Strategy, Policy and Innovation function is led by Clare Farrugia.
Supervisory Quality Assurance
Supervisory Quality Assurance is a newly-set up function within the MFSA, enabling the Authority to put more focus in this area, in line with European Central Bank (ECB) recommendations.
Headed by Catherine Galea, the main role of the function centres around the review of supervisory approaches in order to safeguard the consistency and quality of supervisory activities, while acting as a key contributor to the development of homogeneity across supervisory functions and in line with European Supervisory Authority standards.
From a quality assurance perspective, it ensures the proper use and continuous enhancement of the holistic supervisory framework and promotes supervisory standards in line with international best practices and the MFSA’s vision. As part of its ongoing work, the function is also responsible for identifying emerging risks and deficiencies in the internal supervisory processes and offer recommendations to address shortcomings.
Supervisory Quality Assurance at the MFSA is led by Catherine Galea.
The Technology function at MFSA leverages cutting-edge technology, industry standards and methodologies to provide reliable services to the rest of the organisation and the entities interacting with the Authority through digital means. The team provides operational support to the other functions of the Authority and is responsible for managing the Authority’s resources, efficiently supporting the overall business strategy.
It is responsible for technology design, development, integration and delivery of all the information and communications infrastructure, platforms and services, and works with several technology vendors and partners. It also ensures the protection of data based on the principles of data privacy, while mitigating against cyber threats using advanced protection mechanisms.
Technology is also assigned with the responsibility of providing information security analysis to the Regulatory functions. Officials from the Technology team participate in several European committees, expert groups and industry fora.
The Technology team at MFSA is led by Reuben Vella.
Virtual Financial Assets
In an attempt to gain first mover advantage and establish Malta as a leader in this sector, the MFSA has been one of the first regulators in the world to introduce a regulatory framework for virtual financial assets.
The Virtual Financial Assets Framework was created to provide legal certainty to crypto assets and new technologies being used in financial services, whilst at the same time ensuring investor protection, market integrity and financial stability.
The framework establishes three types of authorisations; those of VFA Agents, Whitepapers, and VFA Service Providers. The Virtual Financial Assets function within the Supervisory Directorate is responsible for receiving applications, granting authorisations and supervising licence holders within this regulatory framework.
Herman Ciappara heads the Virtual Financial Assets function within the Authority.
Legal & International Affairs
The Legal & International Affairs Directorate is generally responsible for legal and international affairs pertaining to the MFSA. It is composed of two functions, namely the Legal Affairs function and the EU & International Affairs function.
The Legal Affairs function provides legal advice across the organisation. It is responsible for the drafting and/or vetting of legal documents which the Authority may enter into. The Legal Affairs function is also responsible for the coordination and oversight of the legislative process falling under the administration of the MFSA, including such legislative amendments or new laws as may be required for the purposes of transposing EU Directives or implementing EU Regulations.
Moreover, the said function attends to any litigation matters and represents the Authority in any action or legal proceedings in which the MFSA is involved or has an interest. This includes the preparation and filing of judicial acts and any other legal or judicial submissions or documents for the Authority, as well as any other work necessary in preparation for court or tribunal sittings.
The EU & International Affairs function is responsible for the coordination of relations with international organisations and memoranda of understanding with other foreign regulators. The function provides advice to Government on the formulation of financial services policy, mainly relating to upcoming legislative and non-legislative proposals issued by the European Commission. The function is also actively engaged in policy dialogue, negotiations and follow up of EU institutional affairs and dossiers.
Supervisory ICT Risk & Cybersecurity
The Supervisory ICT Risk & Cybersecurity function provides specialised insight to the Authority’s supervisory functions across all sectors and on several fronts, including ICT Governance, ICT Risk Management, ICT Outsourcing and Cybersecurity Programmes, based on established regulatory frameworks, technical standards and guidelines. It also supports the development of policies and guidelines related to ICT Risk and Cybersecurity and participates in Working Groups and Committees at local and international levels. The function assesses cybersecurity resilience measures for licence holders and is a contact point for reporting cyber incidents.