Reforms to the Company Services Provider sector now in force

The Company Service Providers (Amendment) Act, 2020 (the “Amendment Act”) came into force on the 16 March 2021 by virtue of Legal Notice 96 of 2021. It serves to amend the provisions of the Company Services Providers Act, Chapter 529 of the Laws of Malta (as amended by the Amendment Act, the “CSP Act”). The Malta Financial Services Authority (“MFSA”) has also launched the updated Rulebook for Company Services Providers (the “Rulebook”) in this respect.

The revamp which the new CSP Act and Rulebook have brought about cannot quite be fully summarised within a few pages but the result is largely one where the applicable rules cast a much wider net by extending to all types of legal persons and not just companies, removing previously applicable exemptions and de minimis rules, and impose farther reaching ongoing obligations and heftier penalties for non-compliance in a bid to raise standards within the sector.

CSPs already registered with the MFSA as of 16 March 2021 are considered to be authorised under the new CSP Act but will still be classified in accordance with the classes described below and will need to comply with the amended regime. CSPs which were not previously registered, but which are no longer exempt have set time periods within which to apply for authorisation.

Existing CSPs – including the ones who were previously exempt – must therefore take a good and close look at the revised regime to properly digest the new intricacies applicable to their operations. There is a pressing need for all CSPs to regularise their position within the time frames that have been set and this will prove challenging particularly to the smaller CSPs whose systems might not yet be geared to the levels of ongoing compliance now envisaged. Those in doubt as to what their new obligations may be in this regard are encouraged to seek timely legal advice.

While there has been no change to the type of services constituting CSP services in terms of the CSP Act, there has been a shift from a system of registration with the MFSA to a system of authorisation and classification. In terms of the reform, existing CSPs and new applicants for the provision of company services will now be classified by the MFSA into one of the following three classes depending on which of those services are offered:

  1. Class A CSPs are those providing:
    1. formation of companies or other legal entities; and/or
    2. a registered office, business correspondence or administrative address and other related services for a company, a partnership or any other legal entity;
  2. Class B CSPs are those acting as, or arranging for another person to act as director or secretary of a company, a partner in a partnership or in a similar position in relation to other legal entities; and
  3. Class C CSPs are those providing services under both Class A and Class B.

The MFSA will also determine whether the applicant is over-threshold or under-threshold in accordance with the applicable rules included within the Rulebook where ‘under-threshold’ CSPs may benefit from certain lighter-touch rules subject to certain limitations.

In terms of ongoing obligations, the Rulebook reform is detailed but it is worth at least noting here that it introduces, among other concepts, new risk management rules. These extend beyond the traditional focus on money laundering and combatting of terrorist financing risk and require CSPs to conduct appropriate risk assessments, maintain adequate risk management policies, have a risk officer (who must be independent unless certain conditions are met) and keep a risk register vis-à-vis their clients.

As to exemptions, any person in possession of a warrant or equivalent to carry out the profession of advocate, notary public, legal procurator or certified public accountant shall no longer be exempted from the provisions of the CSP Act and must obtain authorisation from the Authority within 8 months from the coming into force of the Amendment Act if they wish to continue to act as CSPs. Exemption regulations have been published which detail the conditions under which certain natural persons are exempt from authorisation and confirm that authorised trustees and registered VFA agents meeting certain conditions are also exempt.

Furthermore, in terms of the Amendment Act, the MFSA is now empowered to revoke any authorisation it has issued where a CSP is found liable by the Financial Intelligence Analysis Unit (FIAU) for a serious, repeated, or systematic breach of the Prevention of Money Laundering Act and, or any regulations issued thereunder. Auditors of CSPs are now to immediately advise the MFSA of any matter they become aware of in that capacity which would, among other things, lead to a serious qualification or refusal of the auditor’s report on that CSP’s accounts or which constitutes a material breach of legal or regulatory requirements.

The maximum administrative penalty which the MFSA may impose for any breach or failure to comply with any measures imposed by it has doubled from €25,000 to €50,000.


This article was first published in the Times of Malta, 29 March 2021.