Regulatory Guidance Supporting sustainable financial innovation and digital transformation
to ensure legal certainty and knowledge sharing.

Innovation Office

Want to discuss your FinTech idea or solution within the context of our regulatory frameworks… or have a query on an enabling technology, innovation, or any regulatory developments…

Our dedicated team focusing on technology-enabled financial innovation will guide you accordingly, to navigate our frameworks and regulatory and supervisory processes.


Explore our FinSights into technology-enabled financial innovations and how they are transforming our financial services landscape.

What is FinTech?

Explore further FinTech literature here.

Although internationally there is no uniform definition of FinTech, in its Rule 3 (Chapter 330 of the offical laws of Malta) the MFSA defines FinTech as “technologically-enabled financial innovation that could result in new business models, applications, processes or products with an associated material effect on financial markets and the provision of financial services”, which conforms to that adopted by the European Commission FinTech Action Plan, the European Banking Authority FinTech Report on Sandboxes and Innovation Hubs and the Financial Stability Board.


To qualify as FinTech, a solution should encompass the following characteristics:

  1. Provide, create, or support the provision of financial products or processes
  2. Rely fully or partially on novel or emerging technology
  3. Be novel, unique or disruptive
  4. Provide identifiable value added by addressing an issue or bring benefits to the consumers or the financial sector

Decentralised Finance

Coming soon …

European Digital Finance Package

Motivated to establish a competitive EU financial sector that promotes financial inclusion while ensuring consumer protection and financial stability, in

2020 the European Commission (‘EC’) adopted a Digital Finance Package (‘DFP’) after broad public consultations and the digital finance outreach, which

consists of a digital finance strategy, proposals on crypto-assets, retail payments strategy and proposals on operational resilience.

Digital Finance Strategy

The transformation towards a more digitalised EU-wide financial sector is set out in the Digital Finance Strategy (‘DFS’), which consists of (i) the elimination of fragmentation within the Digital Single Market (‘DSM’), (ii) the adoption of EU-wide regulatory frameworks enabling digital innovation, (iii) the support towards data-driven finance, and (iv) addressing digital transformation challenges and risks.

Addressing Market Fragmentation

EU-wide Interoperable Digital Identities | Remote and Cross-Border Onboarding | Technical Standards and GDPR | Harmonised Licensing and Passporting | Cross-Border Testing

Regulatory Frameworks Facilitating Digital Innovation

Markets in Crypto-Assets (‘MiCA’) | Oversight framework on ICT providers | Supporting Cloud Computing and Artificial Intelligence Adoption

Creation of a European Financial Data Space

Standardised and Machine-readable EU-wide legislation | Promoting RegTech and SupTech | Supporting Open Finance

Assessing Digital Transformation Challenges and Risks

Prudential and Conduct Regulation Revaluation | Legislative Proposals on Non-bank Lenders | Digital Operational Resilience Act (‘DORA’)

Crypto-Assets Frameworks

On 24 September 2020, as part of the DFP, the European Commission proposed the Markets in Crypto-Assets (‘MiCA’) framework and the DLT Market Infrastructures Pilot Regime.

Markets in Crypto-Assets (‘MiCA’) framework

This initiative provides a clear framework on crypto-assets regulation at an EU level that supports innovation, fair competition and harmonises cross-border regulation in relation to the issuance and provision of crypto-assets related services. The proposed regulation covers all crypto-assets not falling within the scope of existing financial services legislation, asset referenced-tokens and e-money tokens.

DLT Market Infrastructures Pilot Regime

On 2 June 2022, the proposed regulation on DLT-based market infrastructures was published setting out an EU-wide regulatory sandbox that entities utilising DLT-based securities trading and settlement systems would be exempted from certain existing EU requirements, eliminating regulatory barriers to the issuance, trading and post-trading of DLT-based financial instruments whilst fostering regulatory experience between EU regulators. Under the dedicated DLT Market Infrastructures Pilot Regime, DLT Multilateral Trading Facilities (‘DLT MTF’), DLT Securities Settlement systems (‘DLT SS) and DLT Trading and Settlement Systems (‘DLT TSS’) are allowed to operate.

Retail Payments Strategy

With the aim to enable ‘citizens and companies in Europe to benefit from a broad and diversified range of world-class payment services and instruments’, ‘enable home-grown and pan-European payment solutions’ and ‘support the international role of the euro’, the proposed Retail Payments Strategy focuses on:

Instant Payments and Availability of Central Bank Money

Adoption of EU-Wide Instant Payments | Interoperability between Clearing and Settlement, and Payment Service Providers | Enhancing Consumer Protection | Accessibility and Acceptable of Euro Cash and Central Bank Digital Currency (‘CBDC’)

Innovative and Competitive Retail Payments Markets

PSD2 Review | Strong Customer Authentication | Authorisation Consolidation | Ancillary Services Supervision

Efficient and Interoperable Retail Payments Systems

Payments Ecosystem | Oversight on Access Restrictions

Efficient International Payments and Remittances

Accessible, affordable and transparent cross-border payment and remittances | PSD2 Cross-border transactions review

Digital Operational Resilience Framework

As part of the Digital Finance Package (‘DFP’), the Digital Operational Resilience Act (‘DORA’) was proposed by the European Commission on 24 September 2020, which aims at consolidating and enhancing rules on Information Communication Technology (‘ICT’) risk, creating a single legislative act containing all provisions addressing digital risk in finance. DORA covers various pillars that address ICT and cybersecurity which ultimately provide a comprehensive digital resilience framework.

Setting up and maintenance of robust ICT systems that minimise the consequences from breaches

Continuous identification of potential ICT risks

Establishment of a system that instantaneous detects unusual activities

Development of policies dedicated at business continuation and recovery plans following an incident

Formation of mechanisms with the ability to learn and develop from past incidents

To ensure a safe financial system, authorised persons within the financial services landscape would be subject to the requirements established under DORA, including oversight on critical ICT third-party service providers to mitigate undue operational risks. The scope of DORA is very broad, namely covering credit institutions, payment institutions, e-money institutions, investment firms, crypto-asset service providers, central securities depositories, managers of alternative investment funds, UCITS management companies, administrators of critical benchmarks, crowdfunding service providers and ICT third-party service providers.

Our Publications

Contact Us