Enforcement Directorate The Enforcement Directorate has two functions; an Enforcement Function and a Due Diligence Function. FIND OUT MORE

Enforcement Function

The MFSA has a range of enforcement powers from the MFSA Act (Cap 330 of the Laws of Malta) and the various other sectorial financial services legislation. In addition, the Enforcement Function is responsible for investigating any possible breaches of financial services laws and regulations in relation to persons or entities authorised and supervised by the MFSA.

Due Diligence Function

The Due Diligence function set up in 2020, is responsible for carrying out due diligence checks on persons proposed to take on approved positions within entities licensed by the MFSA. This necessitates a close collaboration between the different functions of the MFSA both of a supervisory and regulatory capacity in order to carry out its work more effectively. Amongst its responsibilities, the function also oversees ongoing due diligence to ensure continued integrity, name screening of all functionaries and other tasks such as the vetting of prospective Highly Qualified Persons. The function acts as a control which is essential to safeguard the continued integrity of the financial services sector and acts a safety net for continued consumer protection and trust.

Administrative Measures & Penalties



Enforcement Documentation

Settlement Agreements

Administrative Measures & Penalties

The role of the Enforcement Function is to undertake necessary investigations regarding matters which come to its attention through various sources. It investigates authorised persons who have or are suspected to have contravened any provision of any law administered by the MFSA or any rules or regulations made thereunder and also investigates persons, both legal and natural, that carry out licensable activities without the necessary licence, authorisation or registration from the Authority.

Should the Enforcement Function identify any breach, it will make recommendations on what regulatory actions should be taken by the Authority.

The Enforcement Function exercises the powers vested in it by virtue of the Malta Financial Services Act.

The remit of the Enforcement Function includes undertaking investigative and enforcement work in accordance with sectorial financial services legislation and the regulations made thereunder, as well as rules, directives and regulatory requirements issued by the MFSA.


The Protection of the Whistleblower Act (CAP. 527) (the “Act”) aims to provide a framework for the protection of persons who expose improper practices such as misconduct and, or dishonest or illegal activity in an organisation. These persons are considered as “Whistleblowers”. Whistleblowing is therefore the disclosure by a person of information regarding improper practices in an organisation. The Act also provides for protection of the whistleblower against detrimental action that he/she might otherwise suffer as a result of his/her whistleblowing.

As the MFSA is a designated authority under the First Schedule to the Act, it is designated to receive external disclosures from whistleblowers in relation to matters, activities or services falling under the regulatory and supervisory competence of the MFSA and for this purpose it has set up a Whistleblowing Reports Unit.

As a designated authority under the Protection of the Whistleblower Act, the MFSA is authorised to receive external disclosures in matters related to the business of credit and financial institutions, the business of insurance and the activities of insurance intermediaries, the provision of investment services and collective investment schemes, pensions and retirement funds, regulated markets, central securities depositories, the carrying out of trustee business either in a professional or personal capacity, company service providers, and generally such other areas as may be placed from time to time under the regulatory and supervisory competence of the MFSA.

External disclosures which are reported to the MFSA must fall within the remit of the MFSA. In order to further help understand the suitability for the disclosure to be made externally, a more thorough explanation can be found in the Whistleblower External Procedure which can be found here.

External disclosures to the MFSA regarding an improper practice will only qualify as protected disclosures if the following positive determinations are made inter alia:

  • The Whistleblower must have disclosed his identity;
  • The Whistleblower must reasonably believe that the information and any allegation made is substantially true at the time of the disclosure and that such information fell within the scope of the Act;
  • The Whistleblower reasonably believes that the information tends to show an improper practice committed by the employer/employee of the employer;
  • The information provided is not protected by legal privilege; and
  • An internal disclosure or a public disclosure has already been made (unless otherwise allowed by the Act).

When making an external disclosure to the MFSA, the identity of anyone who comes forward with a disclosure shall be kept confidential, and this level of confidentiality and protection is afforded also to any information which may in any way appertain to the identification of the Whistleblower, unless he instructs the Authority otherwise. This will ensure that any persons who find themselves in a situation where they feel that they should lodge a disclosure, are not held back from doing so as their identity will not be divulged.

The Whistleblowing External Procedure provides details as to the procedures to be followed when a breach is to be reported. Such procedures include details as to the manner in which the external disclosure is handled, the acknowledgement which is subsequently given by the MFSA, any request for clarification or additional information in those cases where it is required by the MFSA and the MFSA’s duty to provide feedback to the Whistleblower in line with the timeframes established by law under Article 16 of the Act.

If the Whistleblower is somehow disciplined by his respective employer for having made the disclosure, the law provides for several remedies upon which he may turn to. These are:

  • file an application to the First Hall, Civil Court for an order requiring the person who has taken the detrimental action to either remedy that action, or else to an injunction to be issued, as per Article 7 of the Act; or
  • bring his claim before the Industrial Tribunal and have his right asserted if the matter concerns employment issues, as per Chapter 542 of the Laws of Malta; or
  • lodge a complaint to the Office of the Ombudsman within a period of six (6) months from the date of the disciplinary action, for the office of the Ombudsman to conduct their investigation, as per Article 14 of Chapter 385 of the Laws of Malta.

Finally, it is important to keep in mind that in terms of Article 4(1) of the Act, a Whistleblower who makes a protected disclosure is not liable to any civil or criminal proceedings or to a disciplinary proceeding for having made such a disclosure.

However, it should be noted that the protections which are conferred to the Whistleblower do not apply to employees who knowingly disclose information which he knows or ought to reasonably know is false, and such shall be an offence punishable in terms of Article 101 of the Criminal Code. Such Whistleblower may also be subject to legal action by any person or organisation which are subject to such false information, as per Article 9(2) of the Act.

For more information in this respect, kindly refer to the Whistleblowing External Procedures which can be found on the MFSA’s website. Otherwise, the Whistleblowing Reports Unit at the MFSA can be contacted by means of the following contact details:

  • Telephone Number: 2144 1155
  • Email Address: [email protected]
  • Address: Whistleblowing Reports Unit, Triq l-Imdina, Zone 1, Central Business District, Birkirkara, Malta

External disclosures should be made in writing by downloading and completing the Whistleblowing External Disclosure Form available here.


If an offer is too good to be true, then it probably is. So be careful!

Scammers cheat people out of their money. The MFSA’s role is to educate consumers about scams involving financial products and services.

If you have been scammed, the MFSA is here to provide you with more information or any queries you might have. All information can be provided to the Authority by email on [email protected].

However, the MFSA is unable to investigate fraudsters. That is the role of the Malta Police.

Settlement Agreements

The Settlement Policy provides for the possibility of resolving investigations in the shortest time possible. Following a consultation process conducted in relation to the principles in the Settlement Policy, the MFSA assessed the feedback received and the final Settlement Policy has been devised. The Settlement Policy sets out the principles which are to be adhered to during settlement discussions. Resolving investigations by means of a settlement agreement will still entail the taking of an administrative measure by the MFSA however this will be by means of a settlement agreement which would have to be agreed to between the investigated person and the MFSA.


MFSA Settlement Policy