Financial Institutions Rulebook Updates
Following a consultation document issued earlier in May of this year, the MFSA has now officially published a revised version of Chapter 3 of the Financial Institutions Rulebook which relates to the rules applicable to financial institutions issuing electronic money or providing payment services in terms of the Financial Institutions Act (Chapter 376 of the Laws of Malta).
The updated rulebook contains a comprehensive set of rules which include:
- Matters requiring notification to and prior approval from the MFSA;
- Passporting, agents and distributors;
- Requirements relating to sound & prudent management;
- Outsourcing requirements;
- Safeguarding of Clients' Funds;
- ICT and Cybersecurity Risk;
- Prudential Requirements; and
- Record Keeping & Reporting Requirements
It also includes certain service-specific requirements.
This updated Chapter will become applicable in two stages as the changes being introduced in the first stage were largely already found in the previous version of the Chapter and hence will not impose new standards on current Licence Holders. The first stage will thus become applicable on 15th October 2024, and the second stage will become applicable on 15th December 2024.
The MFSA has also issued its feedback statement to the consultation document. As a result of this consultation exercise the MFSA made various changes to the proposed draft of the new rulebook whereby it sought to:
- eliminate any overlap between the current rulebook and the provisions of the Financial Institutions Act;
- provide further clarification vis-à-vis certain requirements; and
- enable Licence Holders to effectively comply with the new rules.
Interestingly, the MFSA has included a definition for "Independent Non-Executive Director" to refer to a non-executive director who is not engaged in the daily management of the Licence Holder and who is free from any present and past business, family, or other relationship of any nature – with the entity, its controlling shareholder/s or the management of either –that could influence the Director's objective and balanced judgment and reduce the member's ability to take decisions independently.
This definition is particularly relevant as, through the updated Rulebook, the MFSA has officially set out that the Board of Directors of a financial institution shall:
- be composed of at least three (3) members;
- include at least one (1) Independent Non-Executive Director;
- have a balance of executive and non-executive directors; and
- have at least one (1) member which is resident in Malta.
The Rulebook also includes updated to outsourcing obligations which are not intended to overlap with the requirements of the DORA Regulation.
The MFSA's feedback statement also tackled the rules relating to safeguarding of client funds. On the basis of feedback received, Licence Holders are now required to transfer funds other than client funds which are required to be safeguarded out of the safeguarding account as frequently as practicable throughout the day.
One respondent requested that the MFSA allow for funds to be safeguarded with branches of third-country credit institutions established in other EU Member States. The MFSA however chose not to onboard this feedback in view of the fact that the framework for branches of third country credit institutions in the EU is not harmonised amongst the Member States. As such, the MFSA deemed that it would only allow for safeguarding with third country branches where such branches are established in Malta.
Once this revised Chapter comes into force, the current Financial Institutions Rules 2 and 3 will cease to apply to financial institutions that fall within scope of the new Chapter. Financial Institutions Rule 2 however is expected to continue to apply to other financial institutions until otherwise communicated by the MFSA.
The MFSA has also published the final version of the FI Return as well as its ancillary guidelines; the FI Return is intended for the MFSA to collect the data necessary for its supervisory engagements. Financial institutions will be required to submit:
- Interim FI Return at intervals of three, six and nine months after the accounting reference data, and must be submitted within one month following its respective reporting date;
- Annual FI Return covering a twelve-month period and to be submitted annually within one month of the accounting reference date;
- Audited Annual FI Return to be submitted within six months of the accounting reference date together with the Audit Pack as set out in the Financial Institutions Rulebook.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.