The MFSA Publishes a Revised FinTech Regulatory Sandbox Framework

On the 13th of March 2023, the Malta Financial Services Authority (“MFSA”) published the revised MFSA FinTech Regulatory Sandbox (the “Regulatory Sandbox”), established in line with the MFSA Rule 3: The MFSA FinTech Regulatory Sandbox (the “MFSA Rule 3”).

The original Regulatory Sandbox was issued in 2020, and its main purpose was to provide a regulatory environment which advances FinTech through legal certainty and knowledge-sharing, and simultaneously ensuring consumer protection, market integrity, and financial soundness. The updates introduced to the Regulatory Sandbox in 2023 is a result of the past two years’ experience, feedback from the industry, and the best practices of other international regulatory sandboxes. Furthermore, these revisions aim to revaluate the Regulatory Sandbox as a whole to enhance its effectiveness and efficiency.

The following are the main revisions to the Regulatory Sandbox:

  • Revised definitions of ‘Regulated FinTech Service Provider’, ‘Technology Provider’, and ‘Unregulated FinTech Service Provider’;
  • Simplified Sandbox Cycle, which has been re-structured into four stages, being the Proposal Stage, Application Stage, Testing Stage, and Exit Stage. These revisions also introduce clearer requirements to provide more clarity;
  • Revised Fitness and Properness Assessment, which has been revised to better reflect the requirements laid down by the MFSA for eligible applicants determined as ‘Technology Providers’ or ‘Unregulated FinTech Service Providers’. In this regard, eligible applications determined as such shall be required to submit a self-declaration to confirm their integrity. On the other hand, those eligible applicants determined to be ‘Regulated FinTech Service Providers’ would require a fitness and properness assessment as per the existing sectoral legislation;
  • Revised Matters to be Mutually Agreed Upon, in relation to the Testing Framework. The Testing Framework, introduced by the MFSA Rule 3, includes the testing period, testing plan, testing objectives, testing requirements, testing disclosures and the exit strategy. For eligible applicants determined to be Regulated FinTech Suppliers, the Testing Framework is developed as part of the authorisation process. Meanwhile, eligible applicants determined to be Technology Providers or Unregulated FinTech Service Providers, this framework is developed during the Application Stage. The revisions also include a general requirement that the eligible applicants must inform their clients of their admission to the Regulatory Sandbox and the keys risks associated with the solution;
  • Revision of Fees and Fee Structure, providing more clarity and becoming more proportionate t the scope and length of the testing stage.

Feel free to contact us for assistance or more information on the above.