Annual FI Return
- Deadline: Submit within 1 month from the accounting reference date.
- Contents: Includes audited financial statements, signed representation sheet, and auditor's management letter.
Auditor's Management Letter Implementation Statement
- Deadline: Submit within 4 months from the accounting reference date.
- Purpose: Explains how recommendations from the auditor's letter were addressed or provides reasons for inaction.
Compliance Report
- Deadline: Submitted annually along with the audited financial statements.
- Contents: Must include the Compliance Officer's monitoring plan, status of regulatory breaches, and details on how breaches were mitigated.
Interim FI Returns ("IFR")
- Deadlines:
- Q1 IFR: Within 1 month after the 3-month period.
- Q2 IFR: Within 1 month after the 6-month period.
- Q3 IFR: Within 1 month after the 9-month period.
- Contents: Each submission must include a signed Representation Sheet and any additional disclosures as required.
Risk Evaluation Questionnaire ("REQ")
- Deadline: Annually by 31 January.
- Submission: Must be submitted via the MFSA's License Holder ("LH") Portal and may require supporting documentation, including an updated Business Risk Assessment ("BRA") and Subject Person Profile.
Quarterly Statistical Reporting (BR/06)
- Deadline: Every quarter, in line with the statutory reporting schedule.
- Scope: Covers statutory financial information, including details of assets and liabilities.
Event-Driven Notifications
Material Changes
- Deadline: Notify immediately upon becoming aware of the
following:
- Changes in senior management or key function holders.
- Fraud or breaches of internal controls.
- Decisions to claim on Professional Indemnity Insurance.
- Legal or judicial proceedings of material significance (e.g., financial crime or significant operational losses).
Safeguarding Arrangements
- Deadline: Notify in advance upon any changes.
- Scope: Includes changes to safeguarding methodologies or third-party involvement. Prior approval from the MFSA may be required.
Outsourcing Critical Functions
- Deadline: Notify prior to outsourcing critical or important functions.
- Submission Requirements: Provide risk analysis, exit strategies, service-level agreements ("SLAs"), data protection measures, and contingency plans.
Departure of Appointed Persons
- Deadline: Notify within 5 working days of their departure.
- Details: Include reasons for departure and any remedial measures taken.
Passporting Notifications
- Deadline: Notify before initiating activities such as:
- Establishing branches in another EU member state.
- Appointing agents or distributors locally or across borders.
- Undertaking cross-border services under freedom of services.
Changes to Previously Notified Information
- Deadline: Notify immediately upon changes to prior passporting submissions or information provided.
Periodic Requirements
IT and Cybersecurity Infrastructure
- Requirement: Maintain systems ensuring the integrity, security, and availability of data stored locally or within the EEA. Align with the EU's Digital Operational Resilience Act ("DORA") if applicable.
Record Keeping
- Requirement: Retain records for at least 5 years in an accessible and secure format for MFSA review.
Reconciliations for Safeguarding Accounts
- Requirement: Perform periodic reconciliations and rectify discrepancies by the end of the business day.
Annual Safeguarding Audit
- Requirement: Audit safeguarding arrangements annually to confirm compliance with regulatory standards. Submit findings to the MFSA if required.
Reporting Obligations from Directive 5
BR/06 Return
- Deadline: As specified in the BR/06 (usually quarterly).
- Scope: Covers statutory financial information, including details of assets and liabilities.
BR/05 Return
- Deadline: As specified in the BR/05 (monthly or as required).
- Scope: Focuses on liquidity requirements for credit institutions.
COREP and FINREP Reporting
- Deadline: As per circulars issued by the competent authority.
- Scope: Financial institutions must submit data under the Common Reporting Framework ("COREP") and Financial Reporting Framework ("FINREP") according to Regulation EU No 575/2013.
Transmission Standards
- Requirement: All submissions must be sent through a secure electronic channel to the Central Bank of Malta ("CBM") using designated portals or transmission systems.
Ad Hoc Requests
- Requirement: The CBM may request additional statistical or regulatory information from financial institutions as needed. Examples include data on liquidity, exposure to specific sectors, or stress testing results.
Calendar of Reporting Obligations
|
OBLIGATION |
DEADLINE / FREQUENCY |
DETAILS |
|
Risk Evaluation Questionnaire ("REQ") |
Annually, 31 January |
Submission via MFSA's License Holder (LH) Portal, including updated Business Risk Assessment (BRA) and Subject Person Profile. |
|
Q1 Interim FI Return ("IFR") |
Annually, End of March |
Submit 1 month after the 3-month period. Includes signed Representation Sheet and required disclosures. |
|
Auditor's Management Letter Implementation |
Annually, 30 April |
Explains implementation of recommendations from the auditor's letter or reasons for inaction. |
|
Q2 Interim FI Return ("IFR") |
Annually, End of June |
Submit 1 month after the 6-month period. Includes signed Representation Sheet and additional disclosures. |
|
Quarterly Statistical Reporting (BR/06) |
Quarterly, End of each quarter |
Submit in line with the statutory reporting schedule (March, June, September, December). |
|
Compliance Report |
Annually, End of July |
Submission alongside audited financial statements. Must include monitoring plans and breach mitigation details. |
|
Q3 Interim FI Return ("IFR") |
Annually, End of September |
Submit 1 month after the 9-month period. Includes signed Representation Sheet. |
|
Annual FI Return |
Annually, 1 month after accounting year-end |
Submission of audited financial statements, signed Representation Sheet, and auditor's management letter. |
|
Year-End Quarterly Statistical Reporting (BR/06) |
Annually, End of December |
Submit the final BR/06 report for the year, summarizing quarterly data. |
|
Material Changes Notifications |
Immediate |
Notify MFSA of senior management changes, fraud, breaches, or legal/judicial proceedings of significance. |
|
Safeguarding Arrangements Changes |
In advance |
Notify of changes to safeguarding methodologies or third-party involvement. |
|
Outsourcing Critical Functions |
Prior to outsourcing |
Notify MFSA with risk analysis, SLAs, exit strategies, and contingency plans. |
|
Departure of Appointed Persons |
Within 5 working days |
Notify MFSA with reasons for departure and any remedial measures. |
|
Passporting Notifications |
Before initiating activities |
Notify for establishing branches, appointing agents/distributors, or cross-border activities under freedom of services. |
|
Changes to Passporting Information |
Immediate |
Notify MFSA of updates to prior submissions or other notifications. |
|
IT and Cybersecurity Infrastructure |
Ongoing |
Maintain systems ensuring data integrity, security, and availability in line with DORA. |
|
Record Keeping |
Ongoing, minimum 5 years |
Retain records in accessible and secure formats for MFSA review. |
|
Reconciliations for Safeguarding Accounts |
Periodically |
Perform and rectify discrepancies by end-of-business day. |
|
Annual Safeguarding Audit |
Annually |
Audit safeguarding arrangements and submit findings to MFSA if required. |
|
BR/05 Return |
Monthly or as required |
Focus on liquidity requirements for credit institutions. |
|
COREP and FINREP Reporting |
As per circulars |
Submit per the Common Reporting and Financial Reporting Frameworks (Regulation (EU) No 575/2013). |
|
Ad Hoc Requests |
As needed |
Respond to CBM's requests for additional data, such as liquidity or stress testing results. |
Date 30th January, 2025
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
