MFSA Consultation Document on raising the bar for Company Service Providers

On 22th October 2019, the Malta Financial Services Authority (the “MFSA”) has issued a consultation document (the “Consultation Document”) on which the MFSA is seeking feedback from the stakeholders. The purpose of this Consultation Document is to reassess the regulatory framework and the supervision of company service providers (the “CSPs”).
The MFSA’s proposals are the following:
1. Extending the Role of CSPs
The MFSA is considering extending the role of CSPs to include the service of providing guidance on and the submission of documentation of all prospective applicants for authorisation with the MFSA.
i. Appoint a minimum of two designated persons (these “Designated Persons” may be appointed to act as director or in a similar position in relation to other entities) – this requirement will be also applicable where the CSP is “acting as or arranging for another person to act as director or in a similar position in relation to other legal entities”; and
ii. Conduct a fitness and properness assessment on clients, prior to their on-boarding.
2. The introduction of CSP licence classes with new capital requirements
The MFSA is proposing categorising CSPs into classes and raising the initial capital requirements as follows:

3. Market Entry Requirements
In the Consultation Document, the MFSA proposes to extend the authorisation requirement to all persons providing the service of a CSP in or from Malta.
In this regard, the MFSA would require full authorisation and registration for advocates, notaries, legal procurators, accountants and for companies have a licence and provide company services in an approved foreign jurisdiction and therefore such persons may no longer avail of the exemptions. Under certain circumstances, the trustees or fiduciaries will also require informing the MFSA, if they are providing company services.
Furthermore, the MFSA will also require CSPs to be legal persons.
4. Enhanced competence assessments for directors, compliance officers, MLROs and designated persons of CSPs
In order to ensure that all the CSPs are sufficiently competent to fulfil their role, the MFSA is proposing enhancing competence assessments (“Competence Assessment”) which will be based on two pillars:
i. Experience and educational background; and ii. Where it is needed, the applicant will need to attend for an interview with the MFSA.
5. Enhanced requirements with respect to governance, compliance and risk management
The MFSA is proposing the following other requirements for the CSPs such as:
i. New rules regarding, for example, business continuity, ongoing monitoring, cyber security etc.; ii. Risk management related policies and procedures in line with the PMLFTR and the Implementing Procedures – Part I; iii. Keep a risk register vis-á-vis their clients; iv. Competence Assessment for the Compliance Officers and the MLROs; v. Quantitative and qualitative assessment of time commitment of the Designated Persons.
6. The institutional architecture for the supervision of CSPs
The MFSA is also considering two possible options for the institutional structure regarding the supervision of CSPs which are the following:
i. The MFSA being the regulator of CSPs and be responsible for the authorisation and supervision of CSPs; or ii. The MFSA and Self-Regulatory Organisations (“SROs”) will be jointly responsible for the supervision of CSPs.
In this latter option, the MFSA would be designated as the default supervisor for all CSPs and the SROs may perform the supervision of CSPs under certain circumstances. In any case, the authorisation process will be carried out only by the MFSA.
Please take note that these proposals of the Consultation Document are not binding and are subject to changes and revisions following the received feedback from the stakeholders. The stakeholders may send their suggestions on the Consultation Document by email to [email protected] until 22th November 2019.