Malta Financial Services Authority finds improved compliance functions at company service providers and calls for gap analyses via Dear CEO letter

The Malta Financial Services Authority published the results of a thematic review of the compliance function across 49 authorised local Company Service Providers (CSPs), noting a marked improvement in effectiveness and governance. The review also identified specific weaknesses and set out supervisory expectations and recommended practices in a Dear CEO letter, with CSPs expected to assess alignment through a gap analysis. Board-level engagement featured strongly in the findings, with 93% of CSPs reporting that the Compliance Officer attends board meetings and all respondents confirming the board follows up on compliance report recommendations and action points, alongside indications that Compliance Officers typically report directly to the board. Operational indicators included 82% of respondents having written compliance procedures, 92% maintaining a documented Compliance Monitoring Programme and testing methodology, 80% conducting client file reviews with findings generally documented, and 90% of compliance officers having attended staff training in the past year. Areas requiring further improvement covered written procedures for alternative arrangements when the Compliance Officer is absent, broadening the scope of client file reviews, and the frequency of testing to detect breaches. The Authority communicated its main findings and expectations to authorised CSPs through the Dear CEO letter, and expects firms to undertake a gap analysis against those expectations and recommendations.