Enforcement Directorate The Enforcement Directorate has two functions; an Enforcement Function and a Due Diligence Function. FIND OUT MORE

Enforcement Function

The MFSA has a range of enforcement powers from the MFSA Act (Cap 330 of the Laws of Malta) and the various other sectorial financial services legislation. In addition, the Enforcement Function is responsible for investigating any possible breaches of financial services laws and regulations in relation to persons or entities authorised and supervised by the MFSA.

Due Diligence Function

The Due Diligence function set up in 2020, is responsible for carrying out due diligence checks on persons proposed to take on approved positions within entities licensed by the MFSA. This necessitates a close collaboration between the different functions of the MFSA both of a supervisory and regulatory capacity in order to carry out its work more effectively. Amongst its responsibilities, the function also oversees ongoing due diligence to ensure continued integrity, name screening of all functionaries and other tasks such as the vetting of prospective Highly Qualified Persons. The function acts as a control which is essential to safeguard the continued integrity of the financial services sector and acts a safety net for continued consumer protection and trust.

Administrative Measures & Penalties



Enforcement Documentation

Settlement Agreements

Administrative Measures & Penalties

The role of the Enforcement Function is to undertake necessary investigations regarding matters which come to its attention through various sources. It investigates authorised persons who have or are suspected to have contravened any provision of any law administered by the MFSA or any rules or regulations made thereunder and also investigates persons, both legal and natural, that carry out licensable activities without the necessary licence, authorisation or registration from the Authority.

Should the Enforcement Function identify any breach, it will make recommendations on what regulatory actions should be taken by the Authority.

The Enforcement Function exercises the powers vested in it by virtue of the Malta Financial Services Act.

The remit of the Enforcement Function includes undertaking investigative and enforcement work in accordance with sectorial financial services legislation and the regulations made thereunder, as well as rules, directives and regulatory requirements issued by the MFSA.

In terms of article 4(1)(c) of the Malta Financial Services Authority Act, one of the MFSA’s functions is to keep the general public informed of important developments in the sector that it regulates, and to provide the public with relevant information and guidance. Article 16(8) of the Malta Financial Services Authority Act also provides that:

Any administrative or disciplinary sanction or measure, of whatever type, including reprimands or warnings, imposed or decided by the Authority under any law for whose administration it is responsible, shall be published in such medium and in such manner and for such duration as may be deemed warranted by the circumstances and the nature and seriousness of the breach or wrongdoing. 

The MFSA is obliged to make public all sanctions and penalties it imposes on its licence-holders so that the general public will be better informed. The current MFSA policy on publication is that after a licence-holder is notified of the MFSA’s decision to impose a penalty or administrative sanction, the MFSA shall publish a notice of the sanction on its website and in such other media deemed appropriate in the circumstances. Where and as applicable, the notice published on the website will indicate clearly whether the penalty or sanction is currently being appealed against. Publication on the MFSA website is based on the following criteria:

  1. A notice to the public in respect of a fine not exceeding € 3,000, a warning, a reprimand or other minor infringement shall remain posted on the website for a minimum period of two (2) years.
  2. A notice to the public in respect of a fine exceeding € 3,000 but not exceeding € 25,000, or of more serious infringements shall remain posted on the website for a period of five (5) years.
  3. A notice to the public in respect of serious infringements, including suspension or restriction of a licence for regulatory purposes (not a voluntary request for suspension or restriction) and fines exceeding € 25,000 shall remain posted on the website for a period of ten (10) years.
  4. A notice to the public in respect of a cancellation of a licence for regulatory purposes (not a voluntary surrender) shall not be removed from the web-site.
  5. A warning of a general nature shall be removed from the web-site only when it is established that there is no further threat to the public. The removal of such warnings is not tied to a pre-determined number of years.   The MFSA seeks to ensure high standards of conduct and management throughout the financial system.

The MFSA believes that the naming of persons, including licence-holders that have been sanctioned for breaching provisions of law, will lead to a greater awareness of the standards which should guide the activities and the conduct of operators in the financial services industry.

Kindly note that these notices are intended as a summary of the Authority’s decisions and, accordingly, are not the actual decisions themselves.


The Protection of the Whistleblower Act (CAP. 527) (the “Act”) aims to provide a framework for the protection of persons who expose improper practices such as misconduct and, or dishonest or illegal activity in an organisation. These persons are considered as “Whistleblowers”. Whistleblowing is therefore the disclosure by a person of information regarding improper practices in an organisation. The Act also provides for protection of the whistleblower against detrimental action that he/she might otherwise suffer as a result of his/her whistleblowing.

As the MFSA is a designated authority under the First Schedule to the Act, it is designated to receive external disclosures from whistleblowers in relation to matters, activities or services falling under the regulatory and supervisory competence of the MFSA and for this purpose it has set up a Whistleblowing Reports Unit.

As a designated authority the MFSA under the Act, is authorised to receive external disclosures in matters related to the business of credit and financial institutions, the business of insurance and the activities of insurance intermediaries, the provision of investment services and collective investment schemes, pensions and retirement funds, regulated markets, central securities depositories, the carrying out of trustee business either in a professional or personal capacity, company service providers, and generally such other areas as may be placed from time to time under the regulatory and supervisory competence of the MFSA.

External disclosures to the MFSA in regard to an improper practice as above will only qualify as protected disclosures if an internal disclosure has already been made or attempted to be made within the relevant organisation.

An external disclosure may also be made if the whistleblower has reasonable grounds to believe one or more of the following:

  • that although an internal disclosure has previously been made, the whistleblower has not been informed on the status of the matter disclosed, or it is reasonably evident to the whistleblower that there has been no action or recommended action on the matter to which the disclosure relates within a reasonable time from the making of the disclosure; or

  • that the head of the organisation is or may be involved in the improper practice alleged in the disclosure; or

  • that immediate reference to the MFSA, is justified by the urgency of the matter to which the disclosure relates, or some other exceptional circumstances; or

  • that as an employee the whistleblower will be subjected to an occupational detriment by his employer if he/she makes an internal disclosure; or

  • that it is likely that evidence relating to the improper practice will be concealed or destroyed if he/she makes an internal disclosure.

External disclosures should be made in writing by downloading and completing the Whistleblowing External Disclosure Form available here.


If an offer is too good to be true, then it probably is. So be careful!

Scammers cheat people out of their money. The MFSA’s role is to educate consumers about scams involving financial products and services.

If you have been scammed, the MFSA is here to provide you with more information or any queries you might have. All information can be provided to the Authority by email on [email protected].

However, the MFSA is unable to investigate fraudsters. That is the role of the Malta Police.

Settlement Agreements

The Settlement Policy provides for the possibility of resolving investigations in the shortest time possible. Following a consultation process conducted in relation to the principles in the Settlement Policy, the MFSA assessed the feedback received and the final Settlement Policy has been devised. The Settlement Policy sets out the principles which are to be adhered to during settlement discussions. Resolving investigations by means of a settlement agreement will still entail the taking of an administrative measure by the MFSA however this will be by means of a settlement agreement which would have to be agreed to between the investigated person and the MFSA.


MFSA Settlement Policy