Between June and August 2025, the Financial Stability Function conducted a comprehensive survey to assess the adoption, use, and governance of Artificial Intelligence (AI) across the Maltese financial services sector. The exercise was undertaken in line with an ESMA-led initiative and extended locally to capture a broad, cross-sectoral view. With a response rate of 96.7% across 214 licensed entities, the survey provides the first system-wide benchmark of AI utilisation in Malta’s financial ecosystem.

Early-Stage Adoption with Varying Levels of Maturity

Overall, the findings indicate that AI adoption in the Maltese Financial Services Sector is still in its infancy. While pockets of activity exist, particularly among credit institutions, financial institutions, and VFASPs/CASPs, most entities are either not using AI or doing so in a limited manner. Only 39% of respondents reported testing or deploying AI in production, typically through a small number of use cases.

AI strategies across the financial sector remain in early stages of maturity. The majority of surveyed entities do not yet have a board-approved AI or digital strategy, and nearly 70% reported no AI investment in 2024. Investment activity tends to be centralized at the group level instead of being domestically driven. Looking ahead, investment in AI is not expected to abate, with many respondents indicating plans to increase their allocation, reflecting a growing awareness of its potential role.

Focus on Efficiency Rather Than Revenue

Confidence in AI’s financial benefits remain limited. Entities investing in AI primarily view it as an enabler of operational efficiency rather than a driver of revenue growth. This is reflected in the types of benefits identified, including improved data analysis, process optimisation, and internal efficiency gains.

AI is most commonly used for code generation, communication with clients, and compliance-related tasks as illustrated in Figure 2.

Governance and Risk Management: Progress Reported but Gaps Remain

The survey replies show that awareness of AI-related risks is increasing, especially around data protection, accuracy, regulatory compliance, and third-party reliance. While more than half of respondents have introduced AI guidelines or principles, and many rely on human oversight as a key safeguard, formal governance frameworks remain inconsistent. A formally approved AI policy was reported by 60% of respondents, and around 40% have contingency plans in place for AI-related disruptions.

Public GenAI tools are widely accessible within organisations, yet less than half of those that allow access have formal policies governing their use. This misalignment underscores the need to better align broad accessibility with clear controls, training, and accountability.

Most entities perceive their current AI use as posing limited systemic risk. However, the limited use of formal impact assessments and increasing reliance on third-party providers and cloud infrastructure point to areas requiring closer supervisory attention as adoption deepens.

Looking Ahead

As the EU AI Act [1] is gradually implemented and AI capabilities continue to evolve rapidly, financial entities must strengthen their governance, build internal expertise, and adopt more structured risk management practices. The survey results provide a valuable benchmark for assessing the current state of AI implementation within the Maltese Financial Services sector. These insights will help the MFSA monitor AI developments, identify emerging risks, and engage with the industry as it adapts to the regulatory and technological changes ahead. While adoption is still developing, the direction is evident, making preparedness essential.

[1] Regulation (EU) 2024/1689 (AI Act)