Does your jurisdiction regulate Fintech services under the traditional Financial Services laws or does it have any ad hoc regulatory frameworks for fintech services? (Financial Services Laws/Ad Hoc Framework/Hybrid)

Fintech firms are regulated by the Malta Financial Services Authority (“MFSA”) under the Markets in Financial Instruments Directive (MiFID II). Ad hoc frameworks for virtual assets and blockchain technology under the Virtual Financial Assets Act (VFA Act) and Innovative Technology Arrangements and Services Act (ITAS Act)

Make a list of fintech services that may obtain a licence in your jurisdiction? 

The primary services which are offered licences in Malta under the MFSA are:

1. Electronic Money Institutions (EMIs)
2. Payment Service Providers (PSPs)
3. Peer-to-Peer (P2P) Lending Platforms
4. Crowdfunding Platforms
5. Virtual Asset Service Providers

What is(are) the name(s) of the regulatory authority(ies) responsible to grant licences and regulate fintech service providers? If there is more than one, please list which fintech services are regulated by which authority.

Malta Financial Services Authority (“MFSA”)

Are there any specific restrictions on the types of fintech services that can be offered in and/or from your jurisdiction?

There are significant restrictions for consumer protection for retail investors, these include some forms of options trading and high risk complex investment products being offered to the public. Services inconsistent with the law are prohibited. Privacy coins are prohibited.

Is reverse solicitation allowed in your jurisdiction, for fintech firms licensed in other reputable jurisidictions? (Meaning that a third-country fintech firm can offer services to clients in your jurisdiction providing its at the exclusive initiative of the client).

Reverse solicitation in Malta is primarily governed by the European Union. Reverse solictation is permitted outside the union and requires genuine initiation by the client. Malta benefits from being in the union to allow it to operate across the EU using a system known as “passporting” which means it can operate in EU/EEA coutnries without additional local licenses.

Are there any specific requirements for companies providing fintech services in your jurisdiction?

There are significant requirements for licensed companies including capital requirements, governance and management, risk management, AML prevention, data protection and consumer protection. There are various reporting and compliance requirements.

Are there any specific consumer protection measures that apply to fintech services in your jurisdiction?

There is the requirement for transparent and accurate information disclosure with easily understandable information on all restrictions and fees, along with fair contract terms and complaints handling process with the use of Alternative Dispute Resolution services. High risk complex investment products can not be offered to retail investors. Advertising guidelines includes providing balanced information, avoiding aggressive or high-pressure tactics, and using plain language. Additionally, firms must disclose key information, such as fees and risks, to enable consumers to make informed decisions.

Are there any other legal issues that companies should be aware of when providing fintech services in your jurisdiction?

Companies operating in Malta need to consider wider EU laws such as PSD2, EMD, MiFID. There are also laws on consumer rights and unfair commercial practices in the form of directives which companies need to be aware of.

Are virtual assets (such as cryptocurrencies and) permitted in your jurisdiction? (Yes/No)

Yes

If the answer is Yes, is there any licensing /authorisation/notification process that needs to be followed for a person to issue a new virtual asset? (Yes/No)

Yes

If the answer is Yes, please provide a summary of the process that needs to be followed by a person to issue a new virtual asset).

The first step is to conduct a financial instrument test to decide if it qualifies as a VFA, drafting and submission of the whitepaper to the MFSA will then spur a review by the authority and other further clarifications prior to approval. It is worth noting there are more ‘ICO friendly’ jurisdictions and also note the upcoming implementatation of MiCA in Europe

Are Virtual Asset service providers regulated in your jurisdiction? (Yes/No)

Yes

If the answer to your previous question is Yes, please provide a summary of the framework that regulates such service providers explaining which licence(s) need to be obtained from which authority(ies).

Virtual Service Asset Providers (“”VASPs””) must obtain one of the four types of VFA licenses, depending on the nature and scope of their services. These licenses are classified as Class 1, Class 2, Class 3, and Class 4.
Class 1: License for VFA agents providing advice or services related to VFAs.
Class 2: License for VASPs that don’t hold or control clients’ assets, such as portfolio management and investment advice.
Class 3: License for VASPs that hold and control clients’ assets, excluding custodian services, such as brokers and asset managers.
Class 4: License for VASPs providing VFA custodian services or operating VFA exchanges.

Are you as a firm providing services and advice relating to Virtual Assets? (Yes/No)

Yes

Please feel free to add any pertinent comments in addition to your answers.

N/A