On 19 August 2025, the Malta Financial Services Authority (MFSA) issued a Dear CEO letter to financial institutions offering payment accounts, highlighting the outcome of a thematic review into their compliance with the Payment Accounts Regulations (S.L.371.18) and the relevant EU Implementing Technical Standards. The letter is significant because it underscores the Authority's supervisory focus on transparency, consumer protection, and the accurate communication of services by licensed entities. This paper examines the background to the letter, the MFSA's methodology, the regulatory findings, and the implications for financial institutions and their compliance officers.
Background and Legal Framework
The MFSA positions itself as a guardian of consumer trust and market integrity by ensuring that licensed entities uphold high standards of compliance and transparency. Within this framework, the Payment Accounts Regulations (S.L.371.18) establish obligations for financial institutions that provide accounts enabling consumers to deposit funds, withdraw cash, and execute payment transactions.
Two key documents are central to these obligations: the Fee Information Document (FID) and the Statement of Fees (SOF). The FID must be delivered to consumers in good time before entering into a payment account contract, while the SOF must be issued at least once a year, free of charge, detailing all fees incurred. These requirements are reinforced by the Commission Implementing Regulation (EU) 2018/34, which prescribes the standardised format of the FID, and the Commission Implementing Regulation (EU) 2018/33, which sets out the presentation requirements for the SOF.
Additionally, under Regulation 13 of the Payment Accounts Regulations, institutions must ensure that the information provided to the MFSA's Payment Accounts Fees Comparison Tool remains accurate and up to date. This tool enhances transparency by enabling consumers to evaluate fees across different providers on a comparable basis.
Methodology of the Thematic Review
Unlike a routine inspection of a single entity, a thematic review examines systemic practices across multiple institutions to identify industry-wide issues.
In this case, the MFSA's Conduct Supervision Function reviewed three financial institutions authorised under the Financial Institutions Act, each offering accounts meeting the regulatory definition of payment accounts. The review assessed the institutions' FIDs, SOFs, and the information displayed on their websites, alongside the accuracy of data provided to the MFSA's comparison tool.
Key Findings of the MFSA
The MFSA identified both areas of compliance and shortcomings:
1. Fee Information Document (FID)
Most institutions adhered to the requirements of the FID format.
However, the MFSA stressed two refinements. First, when a brand
name is used, it must be preceded by the service name to avoid
ambiguity. Second, while a glossary of terms is mandatory under
Regulation 7 of the Payment Accounts Regulations, it should be
provided as a separate document, in English, Maltese, and any other
agreed language. This ensures that the FID template is preserved in
its standardised form, while still giving consumers accessible
definitions.
2. Statement of Fees (SOF)
One institution was found to have issued SOFs that did not comply
with the prescribed technical standards. The MFSA reiterated that
the SOF must provide a detailed breakdown of all fees in line with
the corresponding FID, ensuring full transparency for
consumers.
3. Payment Accounts Fees Comparison Tool
The MFSA found that some institutions were failing to update their
fee information regularly on the comparison tool. In one case, a
discontinued product remained listed. The Authority emphasised that
institutions are obliged to notify the MFSA immediately if an
account is no longer offered so that outdated information can be
removed.
4. Misleading Terminology
The most concerning finding was the inappropriate use of
terms such as "bank," "banking," "mobile
banking," or "bank account" by institutions that are
not licensed as credit institutions under the Banking Act. Such
terminology risks misleading consumers into believing they are
dealing with a bank rather than a financial institution. The MFSA
reminded firms that, while deposits with financial institutions are
safeguarded under applicable legislation, they are not protected by
the Depositor Compensation Scheme, which applies only to credit
institutions. Firms must therefore exercise caution in their
communications and avoid any implication that their accounts
function as savings or interest-bearing products.
Regulatory Concerns
The letter highlights several risks. Failure to provide properly formatted FIDs and SOFs undermines transparency, while outdated information on the comparison tool risks misleading consumers and distorting competition. Misuse of terminology poses reputational risks and may erode consumer trust if clients later discover that protections normally associated with banks do not apply.
MFSA's Expectations and Way Forward
In its conclusion, the MFSA called on institutions to conduct a gap analysis against the Payment Accounts Regulations and the applicable EU implementing acts . This proactive step would allow firms to identify deficiencies and implement corrective measures before facing supervisory sanctions. The Authority also signalled that further supervisory engagements will take place, meaning that institutions should expect follow-up inspections and reviews to test compliance.
Implications for Financial Institutions
For compliance officers and executives, the Dear CEO letter serves both as a warning and a roadmap. Institutions must:
- Ensure that their FIDs and SOFs strictly comply with the
technical
standards; - Regularly update the MFSA's comparison tool to reflect current offerings;
- Review all consumer-facing communications, particularly websites and advertisements, to eliminate misleading terminology; and
- Clearly explain the safeguarding obligations of financial
institutions
while distinguishing them from deposit-taking banks.
Non-compliance could expose institutions to enforcement action, financial penalties, or reputational damage. Conversely, full alignment with the regulations not only avoids regulatory censure but also builds consumer trust by demonstrating transparency and integrity.
Conclusion
The MFSA's August 2025 Dear CEO letter on payment accounts illustrates the regulator's focus on transparency, accuracy, and consumer protection. While most institutions were broadly compliant, the deficiencies identified reveal the ongoing need for vigilance in compliance management. By addressing the issues raised, from fee disclosure to responsible marketing, financial institutions can not only meet regulatory requirements but also strengthen the trust of their clients. Ultimately, the letter serves as a reminder that regulatory compliance is not a box-ticking exercise but a cornerstone of sustainable financial services.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
