Disclaimer: The content, materials, information and resources provided in the Articles are of a general nature and are intended solely for informational purposes. The information contained herein should not otherwise be construed as the position of the Malta Financial Services Authority on the features of specific operators and/or arrangements, and should not be relied on or treated as a substitute for ad hoc legal advice relevant to particular fintech solutions.

Disclaimer: The content, materials, information and resources provided in the Articles are of a general nature and are intended solely for informational purposes. The information contained herein should not otherwise be construed as the position of the Malta Financial Services Authority on the features of specific operators and/or arrangements, and should not be relied on or treated as a substitute for ad hoc legal advice relevant to particular fintech solutions.

Disclaimer: The content, materials, information and resources provided in the Articles are of a general nature and are intended solely for informational purposes. The information contained herein should not otherwise be construed as the position of the Malta Financial Services Authority on the features of specific operators and/or arrangements, and should not be relied on or treated as a substitute for ad hoc legal advice relevant to particular fintech solutions.

Digital Finance Strategy

The transformation towards a more digitalised EU-wide financial sector is set out in the Digital Finance Strategy (‘DFS’), which consists of (i) the elimination of fragmentation within the Digital Single Market (‘DSM’), (ii) the adoption of EU-wide regulatory frameworks enabling digital innovation, (iii) the support towards data-driven finance, and (iv) addressing digital transformation challenges and risks.

Addressing Market Fragmentation

EU-wide Interoperable Digital Identities | Remote and Cross-Border Onboarding | Technical Standards and GDPR | Harmonised Licensing and Passporting | Cross-Border Testing

Regulatory Frameworks Facilitating Digital Innovation

Markets in Crypto-Assets (‘MiCA’) | Oversight framework on ICT providers | Supporting Cloud Computing and Artificial Intelligence Adoption

Creation of a European Financial Data Space

Standardised and Machine-readable EU-wide legislation | Promoting RegTech and SupTech | Supporting Open Finance

Assessing Digital Transformation Challenges and Risks

Prudential and Conduct Regulation Revaluation | Legislative Proposals on Non-bank Lenders | Digital Operational Resilience Act (‘DORA’)

Crypto-Assets Frameworks

On 24 September 2020, as part of the DFP, the European Commission proposed the Markets in Crypto-Assets (‘MiCA’) framework and the DLT Market Infrastructures Pilot Regime.

Markets in Crypto-Assets (‘MiCA’) framework

This initiative provides a clear framework on crypto-assets regulation at an EU level that supports innovation, fair competition and harmonises cross-border regulation in relation to the issuance and provision of crypto-assets related services. The proposed regulation covers all crypto-assets not falling within the scope of existing financial services legislation, asset referenced-tokens and e-money tokens.

DLT Market Infrastructures Pilot Regime

On 2 June 2022, the proposed regulation on DLT-based market infrastructures was published setting out an EU-wide regulatory sandbox that entities utilising DLT-based securities trading and settlement systems would be exempted from certain existing EU requirements, eliminating regulatory barriers to the issuance, trading and post-trading of DLT-based financial instruments whilst fostering regulatory experience between EU regulators. Under the dedicated DLT Market Infrastructures Pilot Regime, DLT Multilateral Trading Facilities (‘DLT MTF’), DLT Securities Settlement systems (‘DLT SS) and DLT Trading and Settlement Systems (‘DLT TSS’) are allowed to operate.

Retail Payments Strategy

With the aim to enable ‘citizens and companies in Europe to benefit from a broad and diversified range of world-class payment services and instruments’, ‘enable home-grown and pan-European payment solutions’ and ‘support the international role of the euro’, the proposed Retail Payments Strategy focuses on:

Instant Payments and Availability of Central Bank Money

Adoption of EU-Wide Instant Payments | Interoperability between Clearing and Settlement, and Payment Service Providers | Enhancing Consumer Protection | Accessibility and Acceptable of Euro Cash and Central Bank Digital Currency (‘CBDC’)

Innovative and Competitive Retail Payments Markets

PSD2 Review | Strong Customer Authentication | Authorisation Consolidation | Ancillary Services Supervision

Efficient and Interoperable Retail Payments Systems

Payments Ecosystem | Oversight on Access Restrictions

Efficient International Payments and Remittances

Accessible, affordable and transparent cross-border payment and remittances | PSD2 Cross-border transactions review

Digital Operational Resilience Framework

As part of the Digital Finance Package (‘DFP’), the Digital Operational Resilience Act (‘DORA’) was proposed by the European Commission on 24 September 2020, which aims at consolidating and enhancing rules on Information Communication Technology (‘ICT’) risk, creating a single legislative act containing all provisions addressing digital risk in finance. DORA covers various pillars that address ICT and cybersecurity which ultimately provide a comprehensive digital resilience framework.

Setting up and maintenance of robust ICT systems that minimise the consequences from breaches

Continuous identification of potential ICT risks

Establishment of a system that instantaneous detects unusual activities

Development of policies dedicated at business continuation and recovery plans following an incident

Formation of mechanisms with the ability to learn and develop from past incidents

To ensure a safe financial system, authorised persons within the financial services landscape would be subject to the requirements established under DORA, including oversight on critical ICT third-party service providers to mitigate undue operational risks. The scope of DORA is very broad, namely covering credit institutions, payment institutions, e-money institutions, investment firms, crypto-asset service providers, central securities depositories, managers of alternative investment funds, UCITS management companies, administrators of critical benchmarks, crowdfunding service providers and ICT third-party service providers.