The Malta Financial Services Authority ("MFSA") has published a consultation document on the revised Chapter 1 of the Financial Institutions Rulebook (FIR/01) ("Rulebook"). This updated framework sets out the authorisation procedures for persons seeking a licence or registration under the Financial Institutions Act (Chapter 376 of the Laws of Malta) and, once finalised, will replace the existing Financial Institutions Rule 1.
The proposed changes to FIR/01 signal a move towards a more transparent, structured, and expectation-driven authorisation process. By combining clearer guidance, stronger governance requirements, and a formalised application structure, the MFSA aims to enhance Malta's financial services framework while supporting innovation and maintaining high regulatory standards.
The main objectives of the revised Rulebook are to:
- Provide greater clarity on the authorisation process.
- Clearly define the processes for entities falling outside scope.
- Establish clear licensing considerations for different financial institution types.
- Formalise pre- and post-licensing conditions.
- Set out clear procedures for modifying or surrendering authorisations.
Key changes at a glance
The most notable updates include detailed criteria for when an activity is considered "regular and habitual," with examples and factors such as:
- Whether the activity generates remuneration.
- The nature of the relationship with clients.
- The number and types of licensable activities undertaken.
The MFSA also clarifies distinctions between financial institutions and credit institutions, and when an Investment Services Act licence may be more appropriate.
Entities using the Limited Network or Electronic Communications exemptions must notify the MFSA annually when meeting the set criteria.
The draft Rulebook includes stronger licensing expectations with applicants now expected to demonstrate:
- A viable business strategy and competitive analysis.
- Adequate capital and resilience of their model.
- Local 'mind and management' and operational substance in Malta (avoiding "letterbox" setups).
- Robust governance aligned with the MFSA's Corporate Governance Code.
- Responsible outsourcing practices, with oversight and mitigation of associated risks.
These qualitative expectations are a significant addition to the previous document, which focused more on statutory and documentary requirements.
Moreover, the MFSA now requires a preliminary meeting presentation at least 10 working days in advance, covering ownership, regulatory history, planned activities, financial projections, organisational structure, DORA compliance, outsourcing, and safeguarding measures.
The updated rule reinforces the MFSA's Fitness and Properness Guidance, speciying that this assessment shall be applicable to every person that has a qualifying holding in the applicant, beneficial owner, member of the Board of Directors, Senior Manager, the Money Laundering Reporting Officer, the Compliance Officer and any other person which the Authority may deem necessary.
The new Rulebook includes a section on the Compliance Officer role, which is now described in greater detail. The role emphasises independence from operations, proactive breach reporting, and maintaining accurate regulatory communication.
Finally, a dedicated section now covers licence modifications, changes in shareholding/control, surrender or cessation of business, which was not previously covered in the current FIR/01.
Stakeholders are invited to submit feedback on the new FIR/01 by Friday, 26 September 2025.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
