Answer ... In 2018 the Maltese Parliament enacted three acts that seek to regulate the provision of technical services, as well as the issue of initial coin offerings, crypto-exchanges and other service providers:

• The Innovative Technologies and Arrangements Act (Cap 592) sets out the regime applicable to the registration of technology service providers and the certification of innovative technology arrangements (ITAs). ITAs include software and architecture which are used in designing and delivering distributed ledger technology (DLT), smart contracts and related applications, including decentralised autonomous organisations.
• The Malta Digital Innovation Authority Act (Cap 591) establishes the Malta Digital Innovation Authority (MDIA), a new authority which is responsible for the regulation of innovative technology and facilitates communication between national competent authorities.
• The Virtual Financial Assets Act (Cap 590) regulates offerings of virtual financial assets, which are generally crypto-assets that do not qualify as virtual tokens (ie, utility tokens which are not placed on exchanges), e-money or financial instruments in terms of the EU Markets in Financial Instruments Directive (‘MiFID II’). The act also regulates service providers in relation to virtual financial assets, including wallets, brokers and crypto exchanges.

In order to supplement the Virtual Financial Assets Act, the Malta Financial Services Authority (MFSA) has also issued a Regulation and a Rulebook with three chapters, regulating virtual financial asset agents, issuers and service providers.

Other noteworthy pieces of legislation in the fintech sphere include:

• the Financial Institutions Act, which regulates payment institutions and e-money institutions;
• the Investment Services Act, which has been extended to investment-based crowdfunding; and
• requirements issued by the MFSA.

Changes have also been made to the Second Schedule to the Civil Code (Cap 16), and entities such as foundations have been widened in scope to better cater for the diverse requirements of fintech players.

Answer ... The Virtual Financial Assets Act has created a home-grown classification of crypto-assets and provides for a bespoke regime for assets which cannot be pigeonholed into any one of the existing regimes.

The act captures all blockchain-based assets under the category of DLT assets and identifies four types of DLT assets: virtual tokens, financial instruments, e-money and virtual financial assets. In order to assist issuers, their legal counsel and service providers, the MFSA has introduced the financial instruments test and guidance, which facilitates the processes by which DLT assets are categorised.

Virtual tokens are assets whose value or utility is limited to the acquisition of goods or services and whose utility is limited to the platform or limited platforms on which they are issued, and thus remain unregulated.

If a DLT asset qualifies as e-money, the issuer will require a licence as an e-money institution.

If a DLT asset qualifies as a financial instrument, various EU frameworks will be applicable to the offering, depending on the type of financial instrument being offered.

By way of elimination, if a token does not qualify as any one of the above DLT assets, it will be considered a virtual financial asset and the Virtual Financial Assets Act will apply. Issuers of virtual financial assets are required to appoint a virtual financial asset agent, money-laundering reporting officer, statutory auditors, systems auditors (if required) and custodians.

Service providers including crypto-exchanges must be licensed under the Virtual Financial Assets Act.

Answer ... The MFSA, the sole regulator for financial services in Malta, is the authority in charge of issuers seeking to offer virtual financial assets. White papers issued by issuers must be drafted in conformity with the Virtual Financial Assets Act and registered with the MFSA. The MFSA is also the sole regulator and supervisory authority with respect to service providers licensed in terms of the act.

The MDIA is a newly established authority for digital innovation that shall receive all applications for the registration of systems auditors and technical administrators. It is also responsible for the certification of ITAs, which include software and architecture used in designing and delivering DLT, smart contracts and other related applications such as decentralised autonomous organisations and any other innovative technology arrangement as seen fit by the minister for digital economy upon recommendation of the MDIA.

Answer ... Malta has consistently demonstrated a proactive approach towards the regulation of fintech, particularly blockchain technology and its potential uses which can disrupt traditional market incumbents. Malta is striving to establish itself as the ‘blockchain island’. In January 2019 the MFSA published a consultation document entitled “MFSA FinTech Strategy – harnessing innovation through technology”, which proposes a wide, cross-sectoral approach towards the promotion of the fintech industry. The document sets out six strategic pillars to catalyse innovation, growth and competition in the financial services sector, while ensuring robust investor protection market integrity and financial soundness:

• Regulations: Adopt regulatory and supervisory initiatives to support innovation and improve regulatory efficiency.
• Ecosystem: Foster community, demand and collaboration, and enhance access to finance.
• Architecture: Encourage collaboration through the adoption of open application programming interfaces and shared platforms.
• International links: Build international links across jurisdictions to foster collaboration and trust.
• Knowledge: Cultivate deep talent pools and stimulate research and collaborative ideation.
• Security: Establish an environment that is resilient to cybersecurity threats.

Answer ... The Blockchain Malta Association has been set up by some of the main stakeholders within the industry with the aim of promoting Malta’s digital economy through research and cooperation with governmental authorities, international organisations and taskforces in this field.

In October 2018 the Times of Malta reported that fintech stakeholders are set to form the Capital Markets and Digital Asset Association, in order to promote Malta as a centre of excellence for digital assets and blockchain. The founding members include some of Malta’s largest players within the digital asset sector, such as digital asset exchanges Binance, OKEx, Malta Digital Exchange, Bitbay, ABE and the Malta Stock Exchange. Details on the Capital Markets and Digital Asset Association are yet to be released.

Other trade associations which are interested stakeholders within the fintech industry include:

• the Institute of Financial Services Practitioners;
• the Financial Institutions Malta Association; and
• the Malta Institute of Taxation.

Answer ... Malta has become a popular jurisdiction for the issuing of crypto-assets bearing a currency, utility or security function, due to its bespoke taxonomy and regulation.

The country is also gearing up to implement blockchain technology within its capital markets infrastructure. The Malta Stock Exchange has recently established the MSX, a subsidiary to operate its fintech arm, which has entered into memoranda of understanding with a number of industry incumbents. It is currently collaborating with Neufund to create the first end-to-end primary issuance platform for security tokens. It has entered into a separate agreement with crypto-giant Binance, which shall act as a secondary market for such platforms. It is also collaborating with OKEx in relation to the trading of institutional grade security tokens. Technology firms offering supporting services to the industry are also setting up in Malta to service this fast-growing economy.

In light of the attractive environment, several cryptocurrency exchanges as well as other service providers, including brokers and custodians, are setting up shop in Malta.

Interest has spiked in respect of payment institutions and e-money institutors, which are seeking to provide banking solutions to fintech companies struggling to open trading accounts with traditional banks.

Answer ... Persons wishing to carry out a service as set out in the second schedule of the Virtual Financial Assets Act – including receipt, transmission and execution of orders, dealing on own account, portfolio management, custody and nominee services, investment advice, placing on virtual financial assets and operation of a virtual financial asset exchange – must be legal persons established in Malta. Commonly, the limited liability company is the entity of choice for such business; however, other vehicles such as foundations are also used for such entities, depending on the needs and intended activity of the company. Any entity that applies for a licence to operate an activity under the Virtual Financial Assets Act may carry out that activity and others ancillary to providing that service only; it may not carry out any other unrelated activity. As an example, a crypto portfolio manager must necessarily hold and control client assets; however, if it also wishes to act as portfolio manager on traditional assets, this must be carried out through a separate entity.

Prior to the submission of an application for licensing, applicants will be subject to a fitness and properness assessment to ensure their integrity, competence and solvency.

Answer ... Some fintech investors are successful entrepreneurs or businesses that are expanding to a new venture and may be self-financed. However, the majority of fintech players are entrepreneurs or start-ups with innovative business models, but which lack the necessary capital to launch their own business – particularly in view of the fact that the provision of certain services, such as the operation of a cryptocurrency exchange, are licensable activities subject to the obligation to maintain own funds as a guarantee of liquidity. Most of these fintech players generally resort to initial coin offerings in order to raise finance from the public prior to launching their companies. Indeed, this approach was followed by some of the major fintech companies, which offer ‘coins’ or ‘tokens’ that can be redeemed for goods or service, can be traded on secondary markets for a profit and/or represent some sort of financial instrument. Additionally, groups of investors have clubbed together to form a network of financiers to this emerging industry, which is seen as having high growth potential.

Answer ... Most fintech companies are start-ups seeking to carve out a niche within this nascent industry, although a number of large technology corporations are already well established in the market. The presence of these ‘bigtech’ firms has significantly affected traditional incumbents in the financial services sector. Globally, several financial services incumbents have joined forces with fintech and bigtech firms in fruitful collaborations that combine years of experience in traditional financial services and vast amounts of data with bespoke technologies that promise to significantly reduce cost, speed up transactions and convert data into useful information that can help the business to better connect with clients and other stakeholders. Such arrangements further the advancement of innovation by assisting tech companies that lack access to the necessary resources and funding which are available to traditional incumbents. Financial services firms have already recognised that their business stands to gain from the infusion of technology in product and service offerings to drive innovation.

Answer ... Until operations take off, start-ups commonly outsource back-office and other operational functions. Nonetheless, the market is still growing and developing, and is expected to increase in sophistication in order to meet the growing needs of the market.

The Malta Financial Services Authority (MFSA) has also published rules on the outsourcing of operational functions within its rulebook for virtual financial asset service providers. The MFSA explicitly states that the ultimate responsibility for the proper management of the risks associated with outsourcing or the outsourced activities lies with the licence holder itself. Activities which directly impinge on senior management’s responsibility cannot be delegated. The MFSA must be satisfied that the outsourcing of operational functions will not hinder monitoring for compliance purposes or affect the quality and orderliness of the conduct of the outsourcing licence holder’s business. An outsourcing policy is also needed.

Answer ... (a) Internet (e-commerce)

The Electronic Commerce Act (Cap 426 of the Laws of Malta) was enacted in 2002 and provides high-level regulations on the provision of e-commerce in Malta and the processing of electronic communications. It is generally accepted that transactions and electronic contracts which are wholly or partly conducted through one or more electronic communications shall be deemed to be valid. Nonetheless, certain transactions such as wills, trusts, powers of attorney and disposal or registration of rights over immovable property must be carried out as per the formalities set out at law.

(b) Mobile (m-commerce)

M-commerce will generally be regulated under the Electronic Commerce Act. In 2018 the Malta Communications Authority unveiled the ‘FastTrack to Mobile Initiative’, which is aimed at encouraging m-commerce and mobile marketing. Speaking at the launch of this initiative, Parliamentary Secretary for Financial Services, Digital Economy and Innovation Silvio Schembri emphasised the government’s intent to assist small and medium-sized enterprises seeking to tap into the m-commerce market. Local businesses will be guided on how to take the next steps to mobile and implement m-commerce, website optimisation, mobile search and mobile marketing.

(c) Big data (mining)

Privacy concerns remain the biggest inhibitors to the adoption of big data analytics, most notably within the context of the EU General Data Protection Regulation (2016/679). Ensuring compliance with the cornerstone principle of data limitation, which often runs counter to the spirit behind data mining, will be a challenge for regulators, which may require regulatory intervention in order to reconcile the principle with big data or to redefine the principle of data limitation within the big data age.

(d) Cloud computing

Where a financial services licence holder’s IT infrastructure is located in a cloud environment, it shall be incumbent on the licence holder to ensure that data is replicated real time by virtue of a live replication server located in Malta.

(e) Artificial intelligence

In March 2019 the Parliamentary Secretary for Financial Services, Digital Economy and Innovation unveiled a high-level policy document for public consultation entitled “Malta: Towards an AI strategy”, which sets out the foundations for a national strategy towards artificial intelligence (AI).

This national strategy shall seek to widen Malta’s framework for the certification of innovative technology arrangements (ie, distributed ledger technology (DLT), smart contracts and other technologies as designated by the responsible authority from time to time) in order to include AI technologies. Currently, the government of Malta is communicating with stakeholders in order to refine a future AI national strategy, which will need to be aligned with the strategies which are currently being pursued with respect to DLT and the Internet of Things.

Emphasis is being placed on designing a policy which calls for “ethically aligned, transparent and socially responsible AI”. To this extent, Malta has already established an Ethics Committee within the Malta Digital Innovation Authority, the local authority responsible for the certification of innovative technology arrangements. Simultaneously, Malta will stay true to its reputation as a trailblazer through regulatory and fiscal measures which aim to strengthen its appeal as a hub for foreign investment in this sector. The adoption of AI by the public and private sectors will be promoted through cutting-edge use cases of how AI can be deployed in Malta. The Maltese government will seek to address challenges relating to the infrastructure needed and the availability of a skilled workforce to cater to this sector.

(f) Distributed ledger technology (Blockchain, cryptocurrencies)

In 2018 the Maltese government enacted three laws which holistically regulate blockchain technology, cryptocurrencies and service providers offering various services in relation to cryptocurrencies: the Malta Digital Innovation Authority (MDIA) Act, the Innovative Technology Arrangements and Services Act and the Virtual Financial Assets Act.

The MDIA Act establishes the MDIA, an authority which is responsible for the promotion and regulation of innovative technology arrangements. Blockchain, smart contracts and other technologies as designated by the minister for digital economy fall within the category of innovative technology arrangements as set out in the Innovative Technology Arrangements and Services Act. Innovative technology arrangements must be certified, and innovative technology service providers and technical administrators must be registered with the MDIA when offering their services to fintech firms.

Cryptocurrencies are regulated under the Virtual Financial Assets Act. This act was one of the first pieces of legislation worldwide to regulate cryptocurrencies holistically by assessing the features and rights attached to the ‘coins’ or ‘tokens’ being offered. The act establishes a test known as the ‘financial instruments test’, which ascertains whether the assets being offered are virtual tokens (ie, serve a utility function and are not exchangeable), financial instruments regulated under the Markets in Financial Instruments Directive (2014/65/EU), e-money or virtual financial assets (which are defined by exclusion of the aforementioned three types of assets). Finally, the act also provides that service providers offering designated services within the context of virtual financial assets will also need to be licensed by the Malta Financial Services Authority.

Answer ... (a) Crowdfunding, peer-to-peer lending

The only regulated form of crowdfunding in Malta thus far is investment-based crowdfunding, which may qualify as the receipt and transmission of orders and/or handling of clients’ money and/or any other investment services. To this extent, depending on the investment service being provided, a Category 1 or Category 2 licence under the Investment Services Act (Cap 370 of the Laws of Malta) is required.

Investment-based crowdfunding platforms may only offer non-complex instruments, namely:

• shares in companies, excluding convertible shares, shares in collective investment undertakings and shares that embed a derivative; and
• bonds or other debt instruments, excluding those that embed a derivative or incorporate a structure which makes it difficult for the client to understand the risk involved.

There are also caps on investible amounts:

• An investor cannot invest more than €5,000 over a period of 12 months in any issuer listed on an investment-based crowdfunding platform;
• An investor cannot invest more than 20% of his or her net annual income through an investment-based crowdfunding platform over a period of 12 months;
• An offer of securities made on an investment-based crowdfunding platform cannot exceed the value of €1 million over a period of 12 months; and
• An issuer shall only be allowed to place a project on one crowdfunding platform.

(b) Online lending and other forms of alternative finance

Lending by way of business is a regulated activity under the Financial Institutions Act; thus, a licence from the Malta Financial Services Authority (MFSA) is needed in order to provide this service. This licence is also required by those offering online lending services to Maltese clients, irrespective of whether their business is situated outside Malta, as well as by businesses situated in Malta which offer lending services. Such a licence could then be passported across the European Union/European Economic Area.

Through the principle of reverse solicitation, businesses not established in Malta may offer online lending services to Maltese clients without a licence, provided that the business is in no way targeting Malta as a jurisdiction where it offers its services.

Alternative forms of financing, including venture and risk capital, financial leasing and money brokering, are also licensable activities under the Financial Institutions Act.

(c) Payment services (including marketplaces that route payments from customers to suppliers (eg, Uber and AirBnb)

The provision of payment services is regulated under the Second Schedule of the Financial Institutions Act, which transposes the EU Payment Services Directive (2007/64/EC). In order to provide this service, a licence is needed from the MFSA setting out specifically which activities may be carried out by the payment institution. Malta is still in the process of fully transposing the Second Payment Services Directive (2015/2366); therefore, it is expected that further changes to the Financial Institutions Act will be needed in order to accommodate innovations, including changes in the activities which a payment institution may carry out.

Payment institutions and e-money institutions gained popularity in Malta due to its flourishing remote gaming industry, which is heavily reliant on such payment gateways. Interest has spiked in these financial institutions following the rather conservative stance taken by local credit institutions with respect to the servicing of companies carrying out activities in relation to virtual financial assets. The Maltese legislature has acknowledged that this may hinder the development of the fintech industry in Malta; thus, it has sought to provide alternative options to credit institutions and allowed virtual financial asset service providers and subject persons to place clients’ money in payment institutions, e-money institutions and money market funds, provided that clients consent to such placing.

(d) Forex

The provision of foreign exchange services is licensable under the local Investment Services Act (Cap 370 of the Laws of Malta), which transposes the EU Markets in Financial Instruments Directive (2014/65/EU) (MiFID II). The type of licence needed will depend on whether the client intends to act as a market maker, in which case a Category 3 licence will be required. If the applicant does not intend to act as a market maker, a Category 2 licence will suffice.

(e) Trading

With the introduction of ‘tokenisation’, blockchain technology is also promising a revolution in how finance is raised through initial public offerings and trading on secondary markets. Security token offerings are already gaining popularity in Malta and will be one of the areas to be targeted by the MFSA’s fintech strategy. Tokens which bear the qualities of financial instruments as defined in MiFID II will be regulated under the present regimes applicable to various financial instruments. These tokens are often informally referred to as ‘security tokens’. By way of example, where a token represents a share or a debt instrument, it will qualify as a transferable security under MiFID and will thus need a prospectus, unless it qualifies under one of the applicable exemptions in the EU Prospectus Regulation (2017/1129).

(f) Investment and asset management

Malta was one of the first countries to provide a regulatory regime for hedge funds investing in cryptocurrencies. Since early 2018, the Malta Professional Investor Fund Regime allows for cryptocurrencies to be added to a fund’s investments, subject to a number of supplementary conditions to which the fund must adhere, such as having a board which is knowledgeable of cryptocurrencies.

Malta is also attracting interest from companies using technology for wealth management purposes, companies in the business of algo-trading and companies providing investment-based crowdfunding. Although such companies may employ innovative technologies within their business models, this will not exempt them from the need to apply for a licence if they are carrying out a regulated activity. By way of example, algo-trading and investment-based crowdfunding will often qualify as licensable activities under the local Investment Services Act.

(g) Risk management

Financial services entities that carry out a licensable business will generally need to carry out risk management and risk oversight practices to ensure that all decisions are taken in an informed and transparent manner. Risk managers are generally appointed or outsourced by licensed entities.

(h) Roboadvice

Malta has not expressly legislated on the provision of robo-advisory services. Nonetheless, like other interested jurisdictions and stakeholders, it has fostered the ideal conditions for firms seeking to offer robo-advisory services. Until there is greater clarity on the most pertinent issues which should be addressed by the regulator and how these should be tackled from a regulatory perspective, the MFSA’s fintech regulatory sandbox could potentially provide a golden opportunity for firms seeking to operate in a regulated and safe manner.

It is highly probable that the services offered by some robo-advisory firms will fall within the purview of MiFID, the EU General Data Protection Regulation (2016/679) and the Payment Services Directive; nevertheless, regulatory lacunae will emerge with respect to those robo-advisers which use AI.

(i) Insurtech

While no regulations expressly contemplate the use of innovative technologies within the insurance industry, Malta is currently assessing whether regtech solutions can be implemented throughout the insurance industry following the issue of a number of papers by interested stakeholders, such as the International Association of Insurance Supervisors.

Smart contracts are often taken into consideration within discussions involving insurtech, due to the ease of implementing them in straightforward ‘if this, then that’ insurance contracts. Smart contracts are regulated under The Innovative Technologies and Arrangements Act (Cap 592). Insurance firms seeking to implement smart contracts within their systems will need to obtain certification that attests to the stability of the smart contract in question.

Malta is an interesting jurisdiction for insurance, as it is the only jurisdiction to offer insurance and insurance brokerage through protected cell companies or incorporated cell companies. These offer businesses a versatile business model and a relatively rapid route to market.

Answer ... The EU General Data Protection Regulation (2016/679) (GDPR) is the applicable data protection regime in Malta.

Adherence to the cornerstone principles set out in Article 5 of the GDPR will prove especially challenging for certain fintech companies, and it is expected that a number of issues may arise which will require data protection authorities and potentially even the European Court of Justice to provide further guidance. By way of example, the purpose limitation principle may easily be at odds with innovations such as big data analytics and machine learning, since the boundaries of client consent for the processing and reprocessing of personal data become blurred in this context. The right to be forgotten also seems to be at odds with compliance requirements imposed on institutions such as financial institutions, which are required to hold client information for specified minimum periods. The double-edged sword of pseudonymisation will also need to be considered. On the one hand, the GDPR imposes a requirement to pseudonymise data, but this may also become a redundant exercise within the context of powerful machine learning algorithms which can easily re-identify data. On the other hand, compliance requirements will arise where users can operate within pseudo-anonymous environments such as public permissionless blockchains. Issues with outsourcing – which is very common within an industry composed primarily of start-ups – will also need to be configured with the GDPR framework, which may prove challenging.

Answer ... The Malta Financial Services Authority (MFSA) imposes a general requirement on all applicants for a financial services licence to implement an IT and operational set-up where the company’s main servers are located in Malta. The MFSA will generally consider good practice and recommend that the main servers of the company be located in Malta, with the possibility of having mirror servers abroad. The applicant’s cybersecurity policy will generally be included in the application and reviewed by the MFSA in order to ascertain that the proposed entity will have a robust framework in place to mitigate risks such as identity theft and financial fraud. Within the context of banks and certain financial institutions, the MFSA will also request such entities to conduct an online banking questionnaire which sets out in detail the applicant’s cybersecurity protocols.

Within the context of crypto-assets (mainly virtual financial assets and distributed ledger technology), the MFSA has issued a consultation document entitled “Guidance Notes on Cyber Security” which sets out a proposed strategy to mitigate threats and increase certainty within the context of cybersecurity in an increasingly complex digital world. The MFSA highlights that while such innovations bring about several benefits, they also present a number of new opportunities for cybercrime. The proposed guidance notes set out minimum best practices and risk management procedures to be followed in order to effectively mitigate cyber-risks within the context of professional investor funds investing in virtual currencies, issuers of virtual financial assets and virtual financial asset service providers.

Answer ... As an EU member state, Malta has transposed the Fourth EU Anti-money Laundering Directive and will transpose the Fifth EU Anti-money Laundering Directive, which will redefine the obligations placed on financial institutions and, by extension, to fintech companies offering payment services to professionals and those dealing in cryptocurrencies.

In October 2018 the Malta Financial Intelligence Analysis Unit published a consultation document on the application of anti-money laundering and counter-terrorist financing obligations to the virtual financial assets sector. This will establish the basis for sector-specific implementing procedures which provide granular guidance on the application of relevant legislation.

Answer ... The main challenge that fintech companies face in Malta is the conservative attitude of Maltese banks, which have generally refused to open trading bank accounts for companies whose operations involve cryptocurrencies. Since several fintech companies are start-ups seeking to raise capital, often through initial coin offerings, the inability to open a bank account to receive contributions for their projects acts as a significant deterrent and causes significant delays when these companies are trying to take off. Fintech companies are currently using banks outside Malta, and this situation has opened the market for e-money institutions and payment institutions as well as digital banks that are willing to address the needs of this growing market.

In its fintech strategy, the Malta Financial Services Authority (MFSA) has included increasing competition as a goal in its mission statement. In order to achieve this goal, the MFSA refers to the European Commission’s Fintech Action Plan, which posits proportionality as one of three key principles in its approach to the regulation of fintech. The MFSA is cognisant that imposing unduly onerous regulatory burdens on small enterprises and start-ups would counter efforts to promote competition in the industry. It will thus apply the principle of proportionality to any new policies which address the fintech sector where current legislation is insufficient. Market integrity considerations remain paramount to the MFSA; thus, a risk-based approach will be undertaken when applying the principle of proportionality and regulatory sandboxes will be used to allow fintech start-ups to test innovative concepts in a limited controlled environment under the scrutiny of the regulator.

Answer ... The promotion and protection of innovation lie at the heart of Malta’s fintech strategy. In order to promote the sound development of innovative technologies such as distributed ledger technology, Malta has established a new authority, the Malta Digital Innovation Authority (MDIA), whose aim is “to protect and support all users and encourage all types of innovations”. The MDIA will play a crucial role in ensuring that innovation is protected, while safeguarding market integrity and investor protection.

Answer ... As part of its fintech strategy, the Malta Financial Services Authority (MFSA) will be setting up a fintech innovation hub and has also set up a regulatory sandbox to allow operators to test concepts in a controlled environment under its supervision. The MFSA aims to build a holistic ecosystem for fintech to thrive by fostering a strong start-up community and culture, as well as incubators with links to the local financial services ecosystem and the international funding community. The hub will provide various services, including office space, incubation and acceleration spaces, IT infrastructure and shared platforms to build applications and software, and promote innovation and creativity by facilitating networking and connecting participants and industry experts. The MFSA has also proposed the establishment of innovation challenge programmes, which would grant awards to those developing innovative solutions and provide support in various areas, including challenge ideation, programme design, management, assessment and promotion, both locally and internationally. The MFSA is also working on embracing innovation through significant investment in suptech.

The Maltese government has already adopted a pro-business approach which has led some of the biggest names in the industry, including Binance and OKEx, to relocate to Malta. These companies have entered into agreements with the Malta Stock Exchange, which is paving the way towards establishing security token exchanges, further attesting to Malta’s efforts to become the ‘blockchain island’.

Answer ... As an EU member state, Malta is bound to transpose and adhere to the body of EU legislation regulating employment law. In furtherance of the fundamental freedom of movement, EU nationals have the right to work in any EU member state without a work permit. However, this is often not the case for non-EU nationals. Save for those from a number of countries which have entered into agreements with the European Union or have signed bilateral agreements with Malta, third-county nationals wishing to reside and work in Malta will need to apply for a single permit which grants them the right to reside and work in Malta. Acceptance of such third-country nationals will also be subject to labour market testing.

Nonetheless, while the Maltese government is actively seeking to refine the skills of the local workforce in order to meet the demands of this growing industry, it is likely that specialists from the European Union and other third countries will be needed to fill the current gaps in the market. In its FinTech Action Plan, the Malta Financial Services Authority (MFSA) has highlighted that in order to cultivate a robust fintech sector, it is crucial to attract, develop and retain talent within the fields of technology, finance and entrepreneurship. Since the industry is still in its infancy, there is a lack of human resources and a skills shortage, and companies must thus compete for a very limited group of potential candidates. The MFSA shall seek to cultivate the country’s talent pool through national and international initiatives aimed at strengthening the workforce through the provision of academic internships, scholarships, programmes and courses specifically aimed to cater for the fintech sector.

Answer ... In order to address the shortage of skilled employees in various areas, Malta is seeking to foster an optimal environment in which tech-savvy individuals with an interest in the fintech industry can flourish professionally. Malta is an EU jurisdiction which offers a good standard of living within a safe environment, making it an ideal destination for those seeking to relocate. Malta has already attracted a growing number of expats within the remote gaming and financial services sphere, and is seeking to position itself as one of the most attractive hubs for employees keen to work within a dynamic fintech industry.

Moreover, Malta already offers attractive fiscal packages to key officers employed by companies which are licensed or recognised by competent authorities.

Answer ... While Malta has created a bespoke regime for the regulation of crypto-assets which do not fall under existing regulations, there is no common agreement with other EU member states as to the regulatory status of any crypto-asset issued within a particular jurisdiction. Issuers have no guarantee as to how other jurisdictions would classify crypto-assets which have been regulated under Maltese law; it is highly probable that in order to be offered to citizens of other member states, such tokens would need to undergo a licensing or recognition process in those member states. The lack of harmonisation throughout the European Union is the Achilles heel of any kind of regulation which seeks to regulate these highly cross-border assets. Issuers and regulators are expressing interest in security token offerings and new trading venues for such offerings. While their regulation under traditional financial services laws may gain the trust of investors, such offerings may still be unduly expensive for start-ups. This is why we envisage interest increasing in initial exchange offerings, which would be regulated under the Virtual Financial Assets Act.

At the end of October 2019, the grace period available to service providers operating under the notification provisions in the Virtual Financial Assets Act will expire. This means that all operating service providers, including cryptocurrency exchanges, must meet all licence conditions and have submitted their complete formal licence application by this date.

Answer ... Businesses seeking to operate as licensed fintech service providers will need to adhere to the fitness and properness assessments imposed by the local authority, the Malta Financial Services Authority (MFSA). Thus, senior management and ultimate beneficiary owners of prospective applicants must cumulatively prove that:

• there is sufficient solvency;
• the individuals involved in the project are technically competent in their fields; and
• all persons are of good repute.