Company Service Providers
The Authority is responsible for the supervision of company service providers, who are entities or individuals providing corporate services, by way of business, including formation of companies, directorship/company secretary services and the provision of registered office, business or correspondence address for businesses. The overall aim is to monitor the supervision of registered company service providers and their level of compliance with the applicable legislative framework so as to ensure an appropriate degree of protection for the clients of persons carrying on such regulated activity. Company Service Providers are deemed to be gatekeepers to the financial system in view of the fact that the structures which they set up may have wide-ranging effects and uses within the financial sector as a whole. In this respect the MFSA’s scrutiny of the company service providers is taken very seriously in view of the heightened risks which these sectors may pose.
The Authority adopts a risk based approach with respect to the supervision of Company Service Providers (‘CSP’). A risk monitoring system is utilised whereby the data collated through the offsite supervision and any other intelligence available is inputted and a risk score is allocated to each company service provider. This risk score will determine the type and frequency of supervision conducted by the Authority.
The Authority adopts a mixture of tools with respect to supervision, with onsite inspections being the most frequently utilised method. This may take the form of either a comprehensive top down review of all the systems and procedures of the authorised person, or a focused inspection on a specific area.
Company Service Providers
Legislation regulating company service providers providing services in Malta, in order to prevent the use of the financial system for the purpose of money laundering and terrorist financing.
Company service providers are defined as natural or legal persons providing services to third parties, namely, the incorporation of companies and other legal entities.
In this section you will find the Rules applicable to company service providers issued by the MFSA, as well as additional guidance notes, Frequently Asked Questions, and other relevant documentation and forms. These Rules and related documents supplement the requirements contained in the Main Legislation and in the Subsidiary Legislation which applies to company service providers. They address in more detail certain requirements including the application process including the fitness and properness criteria, conduct of business, general organization requirements and internal management controls, compliance issues, reporting obligations and disclosure requirements. Company service providers are legally bound to comply with these Rules.
Company Service Providers Rulebook
Guidance Note on the Fulfilment of Post-Authorisation Requirements
Guidance Note on the Application of the Company Service Providers Act
Company Service Providers – Frequently Asked Questions
Company Service Providers – Request From for Risk Management Function Derogation
The Annual Compliance Return (‘ACR’) to be submitted in 2024 has now been uploaded. Kindly also be informed that the Authority has issued a new Circular explaining the changes made to the ACR and to the file upload system to be used when uploading this regulatory submission.
This Annual Compliance Return is to be completed by all Company Service Providers in terms of the Company Service Providers Act.
Annual Compliance Return: All Company Service Providers – Updated on 19/02/2024