Digital and Mobile Banking Services

To make informed decisions, you, as consumer, should be provided with timely and high-quality information on the characteristics and costs relating to financial products and services. This information should also be provided through appropriate mediums. Irrespective of whether you are purchasing a product or a service through the traditional means for example by visiting a branch or electronically for example via the Bank’s app, the same level of information should be provided to you.

Key tips to protect yourself when choosing online or mobile banking services.

To which information should I have access to when making use of digital or mobile banking?

Firstly, you should have access to information before purchasing a financial product or service. the contract and the remedy procedure.

The presentation and format of the information is also a key factor. For this information to be understood, it should be concise, achieves its objectives and organised in a clear and understandable format. You have every right to contact the bank if you are not understanding the content of the information being provided.

Pre-contractual information should be disclosed on a durable medium.

When providing you with information, banks must also consider the accessibility and effectiveness of it. You should be able to download the information provided so that you may store it for future reference.

You should be provided with pre-contractual information to determine whether that product or service is right for you i.e it meets your needs. This should be easily accessible, and its content and format should be easily understood..

Banks should have complaints handling procedures in place. Information on how to complain should be available even when you make use of banking services through digital means. This shall be on their home page or main menu. Moreover, firms should also inform you on the steps to be followed.

In the case that there is more than one provider involved in the provision of the banking service, the Bank must inform you to which provider(s) you can address the complaint to and with regards to which provision(s) in the contract.

When communicating via digital means, you should consider important post-sale information. Examples include statements of changes to terms, conditions, fees or charges. Omitting this information could be detrimental to you.

If a contract has been signed digitally, the terms of the contract should define the extent to which you can shift to a non-digital provision of the service and, if so, under what conditions.

Which communication tools can be used?

To guarantee that you are sufficiently assisted in their communication and commercial relationship with the company in the digital environment, communication tools should be consistent with the complexity of the product or service. This includes live chats, infographics and guides.

Moreover, advertising of retail banking products and services via digital means should:

Expose the promotional nature of the communication
Present information clearly and in a manner which does not misleading
Not overestimate the benefits of financial products or services; and
Give equal importance to a product’s risks and benefits, particularly in relation to font, size and colour.

Internet Banking

Mobile Banking

Cyber-Security and Other Security Related Information

Internet Banking

Internet banking allows you to carry out a number of banking operations using a computer and internet connection.

How can I access internet banking?

You can access internet banking through the website of your bank. The procedure may vary from entity. Usually you can find an icon on the top corner of the page with the indication of “internet banking” or “personal banking” and access with your username and password. For extra security, entity could also ask you to insert an OTP (One Time Password), usually a code received via messages on your mobile phone.

For the first access, usually you will be required to register to the system. The procedure may vary from bank to bank and it is advisable that you ask your bank or check the information available on the bank’s website.

What can I do from the internet banking?

Internet banking allows the client to carry out a number of banking operations. For example, you can check your bank account information, give the instructions for a bank transfer, check your investments, pay the bills or top-up your mobile phone. The functionalities may vary depending on the bank.

Is it safe to use the internet banking to carry out banking operations?

Yes, banks usually implement security technologies which prevent unauthorised access to the personal internet banking. Furthermore, you might be required to include a code received via SMS in order to access the page.

Always remember to avoid clicking on links which brings to the bank’s website included in emails or SMS if you are not sure about the sender. Also, don’t use the same password that you use for other services, for example Facebook.

Mobile Banking

Mobile Banking allows you to execute banking transactions by using a mobile device such as smartphones and tablets.

Which benefits may I achieve through the use of mobile banking?

One of the main benefits of mobile banking is that it can be performed from any location and at any time, thus making banking more convenient. It reduces the need to go to a branch.

On the other hand, with mobile banking there is associated the risk of fraud. Also, complex transactions require face-to-face discussions with the bank’s staff and hence, cannot be performed via mobile banking.

Prior to engaging in mobile banking, you may need to check with their bank on where you can download the app in order to access to your mobile banking. You may also need to check with the bank on the steps to be followed, for example to create a username and a password. It is important that a secure password is created to reduce the risk of fraud. Remember also to not use the same password that you use for another service, for example Facebook.

Is it safe to use the mobile banking to carry out banking transaction?

In order to ensure more protection, the Payment Services Directive 2 (PSD2) requires payment service providers to use Strong Customer Authentication (SCA) whenever you initiate an electronic payment transaction. SCA is an authentication process through which the banking app verifies that the user submitting the transaction is actually the client in order to execute the payment. The SCA makes electronic payments safer as it reduces the risk of fraud associated with online payments and online banking and protects the confidentiality of the user’s financial data.

The authentication process is carried out through the request of a code (for example a PIN or a password which only you can know), your mobile phone, your fingerprint or face/voice recognition.

The SCA process is used every time that you give instruction for online transactions which exceeds €30, except in the cases when the transaction poses a low level of risks, for example when you only want to consult the balance of the account, with recurring payments of the same amount and to the same payee, for bank transfer to a banking account held by the same person.

Furthermore, SCA does not apply whenever there is a credit transfer between accounts held by the same person.

Cyber-Security and Other Security Related Information

How to ensure your finance and data protection when applying for services?

Before applying for any financial services consider following steps to get the best use of it while keeping your finance and information secured:

Start with identifying your financial needs.
Collect information and compare different offers to find the best fit for your financial objectives. Use ‘Total cost indicator’ to compare options.
When the service provider is chosen – get acquainted to all available pre-contractual information on the rights and obligations of the consumer. Do not hesitate to ask if you do not understand something!
Download all the relevant documentation, to keep it as a proof and to refer to it when necessary.
Get acquainted with the characteristics of the services, contract duration and conditions of your right of withdrawal.
Pay attention to total costs and any additional charges and fees! Review the financial conditions and the whole price list. Check also costs and fees of additional services included.
Think about security! Make sure that your personal information is well-protected and check the provider against fraud:
- Check providers’ identity, contact details and legal status;
- Check whether provider is authorised to provide services by MFSA, via the Financial Services Register.
Do not hesitate to file a complaint if you think your rights were denied. First contact the service provider directly. In case if no or unsatisfying response provided approach Office of the Arbiter. You may also inform relevant national competent authority and take legal actions at court.

How to identify possible Scams?

Think about security before making each financial operation!

Keep an eye on unusual activities! Payment requested earlier than usually? Or its’ mount differs from the one agreed on? Maybe you have been contacted outside the regular office hours and the tone was unusually urgent and demanding? These can be useful whistle-blowers to detect a scam.
Always check email details! Check whether the correspondent email address hasn’t changed, and you are communicating with the same person. Make sure name, email signature and company logo are correct and of the quality you would expect from a legitimate company.
Pay attention to the tone and grammar! Spelling errors and weird sentence structure? Email addressed to you specifically is generic? Pressuring you to make a decision? That can be a worrying sign of being contacted by scam firm.
Do your own checks! If you are not sure – contact the company directly yourself while using publicly available contact information and confirm emails’, calling persons’, etc. legitimacy.

How to keep it safe?

Keep your affairs private:
- Do not disclose your credit card number, PIN number or any other sensitive data;
- Avoid using financial services (signing-in to account, making purchases or making online bank transactions. etc.) when using internet in public areas or while using a public computer.
- Know that you can create a one-time use card number to make a specific transaction. Even if its’ details will be revealed by hackers, this card number will not be valid anymore.
- Look at your bank account and credit card statements regularly to identify any unauthorised activities.
Keep your personal data private:
- Never reveal sensitive information other than you are asked usually. If you are asked to – cancel the deal. If you have given this information to fraudsters, contact your service provider immediately!
- Check the links to be original and legitimate. Even a single character difference is a scam alert!
- Clean up your device before storing or selling it – make sure no sensitive data si left on it.
Keep your device safe:
- Use anti-virus to detect and block possible threats. Download genuine software;
- Keep an eye on software update, if it is not performed automatically, make necessary upgrades manually. You can always contact software support team if help needed.
Keep your access data safe:
- Go beyond the regular password! It must be a mix of upper and lower case letters and symbols, do not make a password of your, your close relatives and even pet names, also avoid birthday dates. Use different passwords for different accounts, change them regularly and never store them on the laptop or phone.
- Use Strong Customer Authentication (SCA) to protect your confidentiality. This implies fingerprint access, owner number or password combined with a code sent to owners phone or a secure PIN code.
Always use your common sense! Never open suspicious links or attachments. It is better to bookmark the website address or type it in each time.

Protection of Deposits

Question: I have funds in a bank in Malta are denominated in euro. A relative of mine, who for many years resided in Australia, has an account denominated in Australian dollar with the same bank. If our bank fails, are we both covered by the same depositor compensation scheme?

The Depositor Compensation Scheme is a rescue fund for depositors of failed banks which are licensed by the MFSA. The Scheme, which has been in force since 2003, can only pay compensation if a bank is unable to meet its obligations towards depositors or has otherwise suspended payment.

The Scheme is managed by a committee appointed by the MFSA and is made up of persons representing the MFSA, the Central Bank, licensed investment firms, the banks and consumers.

The regulations (Legal Notice 369 of 2003) which transpose the EU Directive on Depositor Guarantee Schemes obliges the committee to compensate depositors following a process of due diligence which should not take longer than three months (which may be extended to another six months by the competent authority).

All depositors of Maltese banks are covered up to EUR100,000 (per depositor, per bank) and depositors will no longer have to bear the initial 10% of their losses.

Most types of deposit are covered, including current, deposit and savings accounts. Similarly, most depositors are covered by the Scheme. There are however some depositors who might not be able to claim. Companies which are permitted to draw up abridged balance sheets in terms of the Companies Act are also covered by the Scheme.

Joint accounts are divided equally between account holders where there is no indication of the share of each holder in the account. Each will be covered up to the limits prescribed in the Regulations, subject to eligibility. In respect of deposits held by a person acting as trustee or nominee for one or more beneficial owners, the deposit making up the claim shall be deemed to belong to such beneficial owners equally unless there exists specific information which may otherwise determine the beneficial interests of such persons.

A depositor can only submit one claim for all his deposits taken in aggregate against a failed licensed bank, including the depositor’s share in a joint account or a client account, less any amounts due to the bank (such as loans).

The Scheme covers deposits denominated in euro and deposits in the currencies of EEA countries whose currency is not the euro. This means that deposits in Australian dollar are not covered by the scheme.

In the unlikely event of a bank failure and the Scheme needs to compensate depositors, the payout period is 20 working days that are reckoned from the date when the competent authorities determine that a credit institution is unable to repay its deposit liabilities – with a possible extension of 10 working days in exceptional circumstances.

Credit Institutions are also required to be more transparent with regard to the information that they are obliged to provide to current or prospective depositors in connection with the scheme. The information on the scheme contained in advertising by participants will be subject to certain restrictions in order to prevent adverse repercussions on the stability of the banking system or on depositor confidence.

More information about the Scheme is available from www.compensationschemes.org.mt.

Question: I have been noticing multiple adverts on newspapers and TV advertising very good rates for fixed deposit account by banks which I had never been aware of. All these adverts claim that my deposit is protected under the Depositor Compensation Scheme but I want to make sure that none of these adverts is misleading – such as for example, enticing me to deposit my hard-earned savings with them on the basis that my deposit is covered by the scheme, when in actual fact it is not.

All banks licensed by the MFSA are required to be members of the Depositor Compensation Scheme. The Scheme provides a level of coverage of up to €100,000 for each depositor in the event that a bank becomes insolvent and therefore is unable to honour its obligations towards such depositors.

In light of the new regulations which came into force in August 2009, all banks are required to indicate clearly that they are members of the Depositor Compensation Scheme in Malta. Very shortly, all banks will also be providing information to their depositors (on demand or through their websites) relating to the scheme including the circumstances under which the scheme would pay compensation. This information is already available on the Depositor Compensation Scheme’s website (www.compensationschemes.org.mt) but banks are now also required to provide this information to depositors to enable them to understand better how the scheme works and whether and to what extent their deposits are covered.

In brief, the scheme covers deposits made by individuals and small companies which are allowed to draw up abridged balance sheets in terms of the Companies Act. The scheme covers deposits in the currencies of all EU and EEA (European Economic Area). Other non – EU currencies are excluded. There is no closing date as to the limit of €100,000 (as many depositors continue to think). The limit is per person, per bank so for example, if two banks are unable to honour their obligations at the same time, a depositor is covered for up to that limit for each insolvent bank.

As with diversification, there is absolutely no harm for a depositor to diversify and distribute his/her savings between different banks.

More information on the Depositor Compensation Scheme is available here.

Home Equity Release Scheme

How does it work?

This product offers pensioners the possibility to translate part of the value of their property into a liquid asset.
By entering into this contract, the pensioner will have more cash in hand whilst enjoying their retirement in their own home.
Individuals who subscribe to this scheme will be essentially taking out a loan in exchange for regular income. The loan will be repaid when the property is sold.

Who is offering it and when?

This product can be offered by licensed credit and financial institutions operating in or from Malta.
MFSA is currently working on the regulatory framework that needs to be in place for it to regulate the equity release financial product.
The equity release financial products regulations [Regulations’] will come into force on the 1st of September 2019. After this date no credit or financial institutions can offer such product without being duly authorised.
Any licensed institutions providing such financial products will have one year to comply with the requirements set out in the Regulations published by the Authority.

Any tips?

MFSA encourages interested individuals to seek independent professional advice and weigh their options before entering into an equity release transaction for the first time.
It is your right to receive all the information you need to make an informed decision.
MFSA will issue further updates once the framework comes into force. The public is encouraged to follow the Authority’s channels on Linkedin, Twitter and Facebook, or alternatively visit www.mfsa.mt for the latest updates.

Opening of Bank Accounts

Question: I would like to bring to your attention a problem many parents may be encountering. Once our children are 16 years of age they are told that they can have their own accounts. Knowing my children well, I went over to the bank to request information about my son’s account because I wanted to be certain that he is depositing his pocket-money. However, I was told that I could not be given such access as the account belongs to my son. I informed them that I was the parent and that legally he is still under-age and that my husband and I are still legally responsible for him. However the reply was that this was the practice in banking services and that the parents are consulted only if a request for a loan is made. I find this to be very wrong. At that young age many of them are still irresponsible and still need some guidance from the parents.

Article 188 of the Maltese Civil Code (Of Majority, Interdiction And Incapacitation) states that ‘Majority is fixed at the completion of the eighteenth year of age’. On the other hand, Article 971A of the Civil Code providing with the ability of children over sixteen years to open and operate bank account provides that ‘Notwithstanding any provision of this Code, a child who has attained the age of sixteen years may deposit money in an account opened by the child in his or her own name with any bank, and any money deposited in any such account may only be withdrawn by such child notwithstanding that such money may be subject to the administration, usufruct or authority of any other person. For all purposes of law the child shall with regard to the opening and operation of any such account be considered a major.’

In this respect, paternal authority ceases as soon as a child opens a bank account in his/her name.

Facilities may only be granted to a minor who has attained the age of sixteen years and such minor shall be deemed to be major with regard to obligations contracted by him/her for purposes of trade, if (i) he/she has previously been authorized to that effect by the parent to whose authority he/she is subject, by means of a public deed registered in the Civil Court or, where both parents are dead, interdicted or absent, he has been authorized by the judge of the Civil Court and (ii) a summary of the deed of authorization or of the decree aforementioned has been published by means of a notice in the Government Gazette and in another newspaper.

In this regard, minors who are traders authorized as aforesaid can by reason of their trade charge, hypotheca for personal purposes (home loan).

For instance, banks would not issue a credit card to young adults under 18 years of age. They may only do so if the primary cardholder is either the parent or legal guardian – in that case, the supplementary cardholder may be the young adult. Any debts incurred by suchte and even alienate their property, without any of the formalities prescribed by the civil law. It is important to note that in these instances facilities may only be provided to minors in relation to their trade (business loan) and not supplementary cardholder would be under the responsibility of the primary cardholder.

View All FAQs

Disclaimer | Privacy Statement | Privacy Notice | Useful links | FOI

Internet Banking

Mobile Banking

Frequently Asked Questions

Still have a question?