Updates on the Role of the Compliance Officer under the Revised CSP Regime

The Company Service Providers Act, Cap 529 of the Laws of Malta, as revised by Act L of 2020, extends the requirement of authorisation to persons that had previously been exempted from authorisation and supervision from the Malta Financial Service Authority (the “MFSA”) to provide Company Service Provider (“CSP”) services. Furthermore, the revised regime updates and enhanced number of requirements which were applicable under the previous CSP framework in order to raise the bar for this particular sector.

In relation to the Compliance Function, the revised CSP regime enhances the competence assessment for the Compliance Officer and lays down the following requirements:

– The requirement for the persons involved in the Compliance Function of the CSP not to be involved in the performance of the services/activities which they monitor;

– The requirement for the persons involved in the Compliance Function of the CSP not to be involved in client on-boarding or client-facing roles;

– The requirement for the Compliance Officer of the CSP to draw up a compliance monitoring program;

– The requirement for the Compliance Officer of the CSP to present regular compliance reports to the board of directors of the CSP.

The CSPs authorised under the CSP Act were already subject to the appointment of a Compliance Officer. The revised regime introduced rules to strengthen the existing framework. In this respect, the newly enacted rules require the Compliance Officer to undergo a rigorous assessment of competence in line with the one imposed on the directors of the CSP.

From a review of the guidance notes, rules and regulations issued by the MFSA to supplement the newly enacted regime, it results that the MFSA’s assessment on the competence of the Compliance Officer will be based on the usual criteria of fitness and properness including the competence, reputation, conflicts of interest, independence of mind, and time commitment.

We have already delved into some of these requirements which already apply to other regulated entities. You can find hereto few remarks on the skills, knowledge, expertise, and authority of the Compliance Function.

The MFSA reiterates the importance of the independence of mind of the Compliance Officer and as such it imposes a restriction on the persons involved in the Compliance Function of the CSP when it comes to performance of the services/activities which they monitor, or services and activities related to client on-boarding, or client-facing. For further information on the independence of the Compliance Officer, you may refer to the relevant article in our website.

The revised CSP regime establishes that the Compliance Officer shall present to the Board of Directors of the CSP an annual Compliance Monitoring Program which should clearly outline the compliance monitoring to be carried out by the Compliance Function in a particular year, ensuring to identify and monitor high-risk areas which are relevant to the CSP. Moreover, regular updates on the implementation of the said program should be provided to the same Board, on a regular basis, in the form of compliance reports. We would suggest these updates are sufficiently detailed and are accompanied by supporting documentation such as offsite/onsite reports relating to the checking undertaken, also highlighting recommendations made.

In addition to the above mentioned updates, the regular compliance reports should be in line with the applicable rules, should outline the required confirmations, and should provide an update on the relevant compliance matters that are covered during the reporting period.

The MFSA has already issued several guidance documents on the matter outlining good compliance practice in relation to the contents of the compliance reports, the updates to be provided thereof, and the relevant matters that should be captured by the compliance reports. Some of these guidelines are stated in our latest write up on the Compliance Supervision of Fund Managers.

For further information on the subject matter, please contact us at [email protected].

The information contained in this write up is provided for general informational purposes only. It does not, and is not intended to, constitute legal advice on any subject matter. You should not act or refrain from acting on the basis of any content included in this write up without seeking legal or other professional advice for your particular situation.