Fintech in Malta 2024

Fintech in Malta 2024

Fintech in Malta 2024

FINTECH 2024

MALTA

Leonard Bonello, James Debono

(Ganado Advocates)

FINTECH LANDSCAPE AND INITIATIVES

General innovation climate

  1. What is the general state of fintech innovation in your jurisdiction?

Malta’s reputation as the ‘blockchain island’ is a testament to its positive approach to the fintech industry. Malta was a pioneer in regulating distributed ledger technologies and cryptocurrencies through the enactment of:

  • the Virtual Financial Assets Act, Chapter 590 of the Laws of Malta;
  • the Malta Digital Innovation Authority Act, Chapter 591 of the Laws of Malta (MDIAA); and
  • the Innovative Technology Arrangements and Services Act, Chapter 592 of the Laws of Malta.

Other prominent fintech areas attracting investment in Malta relate to e-payment services and insurtech. Further, the Malta Financial Services Authority (MFSA) buttressed this technological revolution by setting up the dedicated FinTech and Innovation function. The MFSA is also driving the long-term fintech strategy targeting both start-ups and industry scale-ups with the aim of establishing Malta as an international fintech hub while promoting the infusion of technology solutions in the financial world.

Government and regulatory support

  1. Do government bodies or regulators provide any support specific to financial innovation? If so, what are the key benefits of such support?

The Maltese government has always given the fintech industry priority in policy formation. The MFSA has launched the standalone FinTech Strategy aimed at providing legal and regulatory certainty and ensuring market integrity and financial soundness while safeguarding investor rights in the fintech sphere. This strategy is based on six main pillars, namely:

  • a suite of regulations to support regulatory efficiency;
  • a holistic all-encompassing ecosystem to enhance access to finance and foster innovation;
  • implementing an open architecture to support the use of application programming interfaces in financial services;
  • fostering international links to enhance bilateral cooperation and cross-border fintech knowledge, adoption and investment;
  • cultivating knowledge by attracting and retaining talent and carrying out extensive research; and
  • security through implementing robust systems, plans and techniques to counteract threats and exposure.

The strategy also features a regulatory sandbox that enables financial service providers to test the viability of their products within the regulatory framework, while keeping in direct contact with the regulators.

The Malta Digital Innovation Authority (MDIA) is a relatively new regulator that was established to act as:

  • a fintech promoter that incentivizes ‘investment’ in ‘innovative technology arrangements’, as such terms are defined under the MDIA; and
  • a supervisory authority that ensures the reliability of these technologies and the integrity of the market.

FINANCIAL REGULATION

Regulatory bodies

  1. Which bodies regulate the provision of fintech products and services?

The Malta Financial Services Authority (MFSA) and the Malta Digital Innovation Authority are the main competent authorities regulating the provision of fintech products and services.

Regulated activities

  1. Which activities trigger a licensing requirement in your jurisdiction?

The local financial services regulatory framework comprises:

  • the Investment Services Act, Chapter 370 of the Laws of Malta (ISA), which outlines the regulatory requirements of operators wishing to set up investment services undertakings and collective investment schemes. It transposes the Markets in Financial Instruments Directive II (2014/65/EU) (MiFID 2) into Maltese law and regulates services outlined therein when they are carried out in or from Malta and in relation to one or more ‘instruments’, as defined therein;
  • the Banking Act, Chapter 371 of the Laws of Malta, which is the law regulating credit institutions that carry out the ‘business of banking’, defined as:
  • accepting deposits of money from the public that are withdrawable or repayable on demand, after a fixed period or after notice;
  • borrowing or raising money from the public with the purpose of using all or some of such money to lend to others; or
  • otherwise investing for the account and at the risk of the person accepting this money; and
  • the Financial Institutions Act, Chapter 376 of the Laws of Malta (FIA), which sets out the licensing and ongoing obligations of non-banking institutions. These can be classified into two categories; namely, institutions that carry out:
  • payment services or the issuance of electronic money; and
  • activities such as lending, financial leasing, the provision of guarantees and commitments, foreign exchange services and money brokering.

The FIA, the subsidiary legislation and the regulations promulgated under the FIA transpose the second Payment Services Directive (2015/2366/EU) (PSD2) and the second Electronic Money Directive (2009/110/EC), are:

  • the Virtual Financial Assets Act, Chapter 590 of the Laws of Malta (VFAA), which regulates services that are provided in relation to distributed ledger technology assets that have been determined to be a virtual financial asset. Such services listed in the VFAA are mostly similar to those listed in the ISA; and
  • the Insurance Business Act, Chapter 403 of the Laws of Malta (IBA), which regulates the business of insurance, namely, effecting and carrying out contracts of insurance for long-term business or general business as defined in the IBA.

Consumer lending

  1. Is consumer lending regulated in your jurisdiction?

Lending is a regulated activity under the Banking Act as it falls under the definition of ‘business of banking’, which requires a license in Malta. Moreover, lending is a regulated activity under the FIA, irrespective of whether it is provided to consumers. Article 5 of the FIA outlines the requirements for the authorization of an institution to carry out lending activities, including:

  • an initial capital in the amount established by the MFSA;
  • at least two individuals effectively directing the business of the institution in Malta;
  • all qualifying shareholders, controllers and all persons effectively directing the institution’s business are suitable persons to ensure its prudent management; and
  • sound and prudent management and robust governance arrangements.

In addition:

  • the Consumer Credit Regulations (Subsidiary Legislation 378.12) implement into Maltese law the provisions of the Consumer Credit Directive (Directive 2008/48/EC), which regulates credit agreements involving a total amount of credit more than €200 or less than €75,000, which are provided to consumers; and
  • the Credit Agreements for Consumers relating to Residential Immovable Property Regulations (Subsidiary Legislation 378.10) of the laws of Malta, which implement into Maltese law the provisions of the Mortgage Credit Directive (Directive 2014/17/EU).

Secondary market loan trading

  1. Are there restrictions on trading loans in the secondary market in your jurisdiction?

There are no particular restrictions applicable to trading loans in the secondary market in Malta.

Collective investment schemes

  1. Describe the regulatory regime for collective investment schemes and whether fintech companies providing alternative finance products or services would fall within its scope.

Collective investment schemes (CIS) are regulated under the ISA. CIS that fall within the scope of the local regulations are:

  • retail collective investment schemes, primarily undertaking collective investment transferable securities;
  • professional investor funds;
  • alternative investment funds (AIFs); and
  • notified alternative investment funds.

Investment-based crowdfunding is regulated under a separate regime.

With respect to peer-to-peer (P2P) or marketplace lenders, it is pertinent to refer to the FIA, which regulates ‘money broking’, defined as the activity of introducing counterparties that wish to deal at mutually agreed terms with respect to wholesale and retail financial products. This regulation may have implications for both marketplace lenders and P2P platforms.

Alternative investment funds

  1. Are managers of alternative investment funds regulated?

An alternative investment fund manager (AIFM) who operates in or from Malta fall within the scope of the ISA and the Alternative Investment Fund Managers Regulations (Subsidiary Legislation 370.23 of the Laws of Malta), which transpose the Alternative Investment Fund Managers Directive (2011/61/EU) (AIFMD) into Maltese law. An AIFM may be subject to a lite regime akin to the regime under MiFID 2 if it qualifies as a de minimis AIFM. This will be the case where the assets under management are worth less than:

  • €100million; or
  • €500million and the portfolio consists of AIFs that are unleveraged and have no redemption rights in the first five years following the date of initial investment.

A de minimis AIFM will be exempt from complying with certain provisions of the AIFMD but does not enjoy the use of EU passporting rights.

Peer-to-peer and marketplace lending

  1. Describe any specific regulation of peer-to-peer or marketplace lending in your jurisdiction.

The FIA stipulates that any person that, as a lender, regularly lends money in or from Malta is carrying out a regulated activity and requires an MFSA license prior to commencing operations. However, there is no specific regulation on P2P platforms or marketplace lending under the local financial services framework.

Crowdfunding

  1. Describe any specific regulation of crowdfunding in your jurisdiction.

While reward-based and donation-based crowdfunding platforms remain unregulated, the MFSA had introduced a framework initially under the ISA applicable to investment-based crowdfunding services and was now replaced by a completely separate licensing and regulatory framework specifically regulating crowdfunding platform service providers in light of Regulation (EU) 2020/1503 of the European Parliament and of the Council of 7 October 2020 on European crowdfunding service providers for business, and amending Regulation (EU) 2017/1129 and Directive (EU) 2019/1937 (ECSP Regulation).

The ECSP Regulation is directly applicable in Malta and requires entities providing crowdfunding services to be authorized by the competent authority. By virtue of the Malta Financial Services Authority Act (European Crowdfunding Service Providers for Business) Regulations (Subsidiary legislation 330.15) of the laws of Malta, the MFSA is the designated competent authority and has issued Crowdfunding Rules to which Crowdfunding Service Providers are subject.

The Parliament of Malta is currently discussing the Crowdfunding Service Providers Bill, which will mainly give effect to the provisions of Regulation (EU) 2020/1503 of the European Parliament and of the Council of 7 October 2020 on European crowdfunding service providers for business, and amending Regulation (EU) 2017/1129 and Directive (EU) 2019/1937. The same bill aims to inter alia establish a regulatory framework for crowdfunding services, particularly focusing on their organization, authorization and supervision of crowdfunding service providers, as well as for transparency and marketing communications in relation to the provision of crowdfunding services in the European Union.

Further, the European Securities and Markets Authority (ESMA) has published the draft technical standards on crowdfunding under Regulation (EU) 2020/1503.

Invoice trading

  1. Describe any specific regulation of invoice trading in your jurisdiction.

Invoice trading falls within the scope of the FIA. Factoring and invoice discounting are listed as two types of lending activity that in turn trigger a licensing obligation under the FIA if and when they are carried out in or from Malta on a regular basis.

Payment services

  1. Are payment services regulated in your jurisdiction?

The FIA includes a list of the payment services that are regulated in Malta and reflects the services outlined in the PSD2. Institutions engaging in these payment activities must obtain authorization from the MFSA prior to the provision of these services in or from Malta on a regular basis.

Open banking

  1. Are there any laws or regulations introduced to promote competition that require financial institutions to make customer or product data available to third parties?

There are no laws or regulations promoting competition among financial institutions through the use of available data. However, the concept of open banking has been locally introduced under the Financial Institutions Act through the regulation of third-party payment service providers, namely, payment initiation service providers and account information service providers.

Robo-advice

  1. Describe any specific regulation of robo-advisers or other companies that provide retail customers with automated access to investment products in your jurisdiction.

No laws or regulations specific to robo-advisers or automated access to investment products have been issued in Malta.

Insurance products

  1. Do fintech companies that sell or market insurance products in your jurisdiction need to be regulated?

Insurance and reinsurance undertakings carrying on the business of insurance in or from Malta including (re)insurance distribution activities or market (re)insurance services in or from Malta are regulated by two legislative instruments, namely:

  • the Insurance Business Act, Chapter 403 of the Laws of Malta; and
  • the Insurance Distribution Act, Chapter 487 of the Laws of Malta.

These Acts impose requirements from or with the MFSA depending on the nature of the insurance business activity being provided in or from Malta. These Acts, which implement EU Directive 2009/138/EC and EU Directive 2016/97/EU respectively, are supplemented by regulations promulgated under these two laws and by rules and guidelines issued by the MFSA.

Credit references

  1. Are there any restrictions on providing credit references or credit information services in your jurisdiction?

‘Credit reference agency’ is defined under the Trading license Act, Chapter 441 of the Laws of Malta and its subsidiary legislation, as any undertaking licensed by the Trade Licensing Unit, whose main business is to prepare, assemble and evaluate credit information and related credit and risk management services concerning legal and natural persons for the purpose of issuing credit scores to be furnished to third parties, provided that the agency is not precluded from carrying out other related tasks. The definition of ‘credit reference agencies’ pursuant to the draft law falls outside the scope of Regulation (EC) 1060/2009 and, therefore, ESMA would not have supervisory powers over these entities. Further, credit reference services are listed under the Banking Act as one of the additional activities exercisable by credit institutions.

The Central Bank of Malta Act, Chapter 204 of the Laws of Malta provides that credit reference agencies must be licensed by the Trade Licenses Unit in terms of regulation 47A of the Trading licenses Regulations, and the Central Bank of Malta is the supervisory authority in this regard solely for the purpose of overseeing and regulating the issuance of credit scores. The Central Bank has issued Central Bank of Malta Directive No. 15 on the Supervision of Credit Reference Agencies, which sets out the requirements to be met by licensed credit reference agencies.

CROSS-BORDER REGULATION

Passporting

  1. Can regulated activities be passported into your jurisdiction?

Regulated activities emanating from EU directives transposed into Maltese law can, subject to regulatory and procedural formalities, be passported into Malta. Credit and financial institutions, investment services providers, collective investment schemes and issuers that are legally established in one member state may passport their services through the establishment of a branch or otherwise, as may be applicable. Conversely, ‘homegrown’ services that are regulated by a standalone legislative framework in EU member states cannot be passported into Malta.

Requirement for a local presence

  1. Can fintech companies obtain a license to provide financial services in your jurisdiction without establishing a local presence?

Fintech companies cannot obtain a license without establishing a local presence in Malta. While local presence and substance requirements vary across the different regulatory regimes applicable to the specific services being provided by a fintech company, a degree of substance in Malta is always required.

SALES AND MARKETING

Restrictions

  1. What restrictions apply to the sales and marketing of financial services and products in your jurisdiction?

The Malta Financial Services Authority (MFSA) has the discretional authority to issue marketing guidelines and restrictions that apply to various financial services sectors and to prohibit or alter any kind of promotional activity carried out by any financial services institution. Specific restrictions apply to license holders that market their services and products to ensure that all information including marketing communications addressed to retail investors or potential retail investors is fair, clear and not misleading. The Investment Services Act states that no collective investment schemes, licensed or otherwise, can issue or cause to be issued a prospectus in or from Malta unless it has been approved by the MFSA. The marketing of retail financial services in Malta also falls within the scope of the Distance Selling (Retail Financial Services) Regulation (Subsidiary Legislation 330.07), which implements EU Directive 2002/65/EC.

CRYPTOASSETS AND TOKENS

Distributed ledger technology

  1. Are there rules or regulations governing the use of distributed ledger technology or blockchains?

The Innovative Technology Arrangements and Services Act (ITAS) outlines the framework of designated innovative technology arrangements (including blockchain platforms and smart contracts) while catering for the Malta Digital Innovation Authority (MDIA) and its regulatory functions with regard thereto. Under the ITAS, any person may, on a voluntary basis, request the MDIA to certify eligible arrangements or services on the basis of a number of conditions, including that, among other things, the arrangement is fit and proper for the purposes for which it was set up and its underlying software has been reviewed by a registered systems auditor.

Cryptoassets

  1. Are there rules or regulations governing the promotion or use of cryptoassets, including digital currencies, stablecoins, utility tokens and non-fungible tokens (NFTs)?

Crypto-assets in Malta are regulated by the Virtual Financial Assets Act (VFAA), which spearheads the implementation of a bespoke financial instrument test, applicable to issuers, agents and license holders, for the purpose of determining whether a distributed ledger technology (DLT) asset qualifies as:

  • electronic money;
  • a financial instrument;
  • a virtual financial asset (VFA); or
  • a virtual token.

If a person provides any of the services listed in the VFAA in relation to a DLT asset that qualifies as a VFA, licensing obligations apply. The issuance of e-money also mandates a Malta Financial Services Authority (MFSA) authorization pursuant to the Financial Institutions Act.

In relation to NFTs, the MFSA has indirectly pronounced itself through a consultation document by saying that it considers that it would be prudent that certain VFAs, which display clear characteristics of uniqueness and non-fungibility, also be excluded from the VFA Framework, and therefore should remain unregulated (reflecting the approach taken under the Markets in Crypto-Assets Regulation.

Token issuance

  1. Are there rules or regulations governing the issuance of tokens, including security token offerings (STOs), initial coin offerings (ICOs) and other token generation events?

The VFAA imposes a licensing requirement on service providers in the VFA space, including VFA exchanges, custodians of VFAs (including wallet providers) and VFA advisers and brokers that are operating in or from Malta. The MFSA has issued a Virtual Financial Assets Rulebook, which is divided into three main chapters. The requirements for a VFA service provider license include:

  • the setting up of a Maltese entity;
  • the holding of minimum capital; and
  • the appointment of various functionaries and undergoing assessments by the MFSA into (among other things) the entity’s ultimate beneficial owners and board of administration.

ARTIFICIAL INTELLIGENCE

Artificial intelligence

  1. Are there rules or regulations governing the use of artificial intelligence, including in relation to robo-advice?

Artificial intelligence (AI) is not yet a regulated area. A Malta AI task force, commissioned by the government launched the Strategy and Vision for Artificial Intelligence in Malta 2030, to put the island among the foremost jurisdictions with the highest-impact national AI program. The strategy rests on three vertical pillars that direct efforts towards investment, innovation and private and public sector adoption; and three horizontal enablers, namely education and workforce, the legal framework and infrastructure.

In the meantime, the European Union issued its Proposal on Artificial Intelligence.

CHANGE OF CONTROL

Notification and consent

  1. Describe any rules relating to notification or consent requirements if a regulated business changes control.

The Investment Services Act imposes a notification requirement for persons who, directly or indirectly, acquire a ‘qualifying shareholding’ (as defined therein) in an investment services license holder or increase their qualifying shareholding to an extent that the proportion of the voting rights or the capital held would reach or exceed 20 percent, 30 percent or 50 percent or so that the investment services license holder would become its subsidiary. The Malta Financial Services Authority (MFSA) can object to such an acquisition. A notification obligation is also triggered in the case of disposal or reduction of such qualifying shareholding. license holders must obtain written consent from the MFSA before acquiring 10 percent or more of the voting share capital of another company before agreeing to sell or merge all or any part of its undertaking.

In the context of credit institutions, Banking Rule 13/2021, ‘Prudential assessment of acquisitions and increase of qualifying shareholdings in credit institutions authorized under the Banking Act’, provides a blueprint of the procedural rules and evaluation criteria for the prudent assessment of acquisitions and holdings increases in the financial sector and determines the criteria to be applied by the MFSA in the assessment process of a proposed acquirer. These rules reflect the Joint Guidelines JC/GL/2016/01, which were issued by the Joint Committee of the European Supervisory Authorities in 2016, and also reflect the updated Appendix 1 in view of the publication of Standards (regulatory technical standards) under article 8(2) of Directive 2013/36/EU (EBA/RTS/2017/08).

Under the Financial Institutions Act, Chapter 376 of the Laws of Malta, changes to the qualifying shareholding of a financial institution licensed by the MFSA, also trigger an approval process akin to that applicable to credit institutions.

FINANCIAL CRIME

Anti-bribery and anti-money laundering procedures

  1. Are fintech companies required by law or regulation to have procedures to combat bribery or money laundering?

The regulatory framework that governs anti-money laundering (AML) procedures in Malta falls under the Prevention of Money Laundering Act, Chapter 373 of the laws of Malta (PMLA) and the Prevention of Money Laundering and Funding of Terrorism Regulations, which implements EU Directive 2015/849/EU. The European Union extended the scope of its AML regime to digital currencies through EU Directive 2018/8432/EU. Entities that must abide by the AML regulations include those that:

  • provide services to safeguard private cryptographic keys on behalf of its customers, or to hold, store and transfer virtual currencies; and
  • engage in exchange services between virtual currencies and fiat currencies.

Malta has acknowledged the risks associated with digital currencies and has taken the initiative to anticipate this framework. The new Implementing Procedures issued by the Financial Intelligence Analysis Unit (FIAU) now also cover issuers of virtual financial assets (VFAs), VFA service providers and the activities of safe custody services, even when provided by any person or institution other than those licensed or authorized under the Banking Act or the Investment Services Act. Digital currency exchanges and issuers of VFAs are deemed to be subject persons and must have measures, policies and procedures in place to address the identified risks. These measures, policies, controls and procedures must include, inter alia:

  • customer due diligence, record-keeping procedures and reporting procedures; and
  • risk management measures.

The FIAU had also issued a consultation paper for the enactment of the Prevention of Money Laundering Act (Transfer of Virtual Financial Assets) Regulations to provide for the information that is to be transmitted simultaneously or concurrently with all transfers of virtual financial assets, in line with FATF Recommendation 16, referred to as the Travel Rule, which provides that virtual assets service providers that transmit digital funds should collect and exchange user information and make this available to relevant authorities if required.

Guidance

  1. Is there regulatory or industry anti-financial crime guidance for fintech companies?

The FIAU has issued a specific rulebook applicable to VFA agents, issuers and license holders with sector-specific guidance on how these issuers and operators can meet their AML obligations under the PMLA. These procedures complement the Implementing Procedures that are applicable across all other sectors, and apply to VFA service providers, VFA agents and issuers of initial VFA offerings, as well as to unlicensed subject persons operating within the VFA space.

DATA PROTECTION AND CYBERSECURITY

Data protection

  1. What rules and regulations govern the processing and transfer (domestic and cross-border) of data relating to fintech products and services?

There is no specific law or guidance regulating fintech companies’ use of personal data. The processing and transfer of data is regulated by the Data Protection Act, Chapter 586 of the Laws of Malta (DPA), which implements the EU General Data Protection Regulation (Regulation (EU) 2016/679), alongside any subsidiary legislation that supplements the DPA, and regulates the processing of personal data with regards to the e-communications sector, thereby implementing EU Directive 2002/58/EC.

The European Commission has issued draft proposals for an e-privacy regulation to supersede the current Directive (2002/58/EC), which would be directly applicable in all member states, harmonizing data protection laws. On 21 February 2020, the revised text of the Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications) was published.

Cybersecurity

  1. What cybersecurity regulations or standards apply to fintech businesses?

Different cybersecurity standards apply across different business sectors within the financial industry. In the digital assets space, which is regulated by the Virtual Financial Assets Act, license holders must establish various management policies within their cybersecurity framework. Further, acknowledging that the financial services industry is experiencing a digital and technological transformation, the Malta Financial Services Authority has issued a new set of guidance notes on cybersecurity, which will apply to key players in this industry, setting out a minimum set of best practices and risk management procedures to be followed to effectively mitigate cyber risks.

OUTSOURCING AND CLOUD COMPUTING

Outsourcing

  1. Are there legal requirements or regulatory guidance with respect to the outsourcing by a financial services company of a material aspect of its business?

In general, the outsourcing of material services or activities of a financial services company would lead to the regulatory intervention and oversight of the Malta Financial Services Authority (MFSA). For example, the Banking Act provides that no credit institution shall outsource its material services or activities, unless the outsourcing service provider is granted recognition by the MFSA. To obtain this recognition, the outsourcing service provider must make a written request providing information on, inter alia:

  • its name and address;
  • the material services or activities to be outsourced;
  • the reasons for outsourcing the service or activities; and
  • the regulatory status, if any, if it is authorized or licensed in a foreign jurisdiction.

The MFSA has issued Banking Rule 14 on Outsourcing by Credit Institutions Authorized under the Banking Act (which is applicable both to credit and financial institutions). The MFSA has also issued Guidance on Technology Arrangements, ICT and Security Management, and Outsourcing Arrangements that are applicable to all license holders and set out the requirements for internal governance arrangements on ICT and security risk management as well as outsourcing requirements.

Cloud computing

  1. Are there legal requirements or regulatory guidance with respect to the use of cloud computing in the financial services industry?

Various initiatives at both a local and European level seek to govern the evolution of cloud computing. However, these are not necessarily specific to the financial services sector. Locally, the Malta Communications Authority has issued a guidance document titled ‘Cloud Computing Guidelines for SMEs and Microenterprises’ that highlights considerations to be taken by small and medium-sized enterprises and microenterprises when assessing the suitability of the use of cloud computing in their firm. This guidance document provides further details as to the contractual implications that may arise between small and medium-sized enterprises, microenterprises and cloud computing service providers. Transposing EU Directive 2016/1148/EU, Subsidiary Legislation 460.35 sets out cybersecurity standards and establishes a Critical Information Infrastructure Protection Unit (CIIP Unit). In Malta, the CIIP Unit falls under the remit of the Critical Infrastructure Protection Directorate, which also oversees the National Computer Security Incidence Response Team.

The MFSA Guidance on Technology Arrangements, ICT and Security Management, and Outsourcing Arrangements sets out requirements in relation to the adoption of cloud computing resources and services and has also issued Guidance on Software-as-a-Service as an Outsourcing Arrangement, providing practical guidelines as to the approach to be adopted by license holders in this regard. The European Securities and Markets Authority Guidelines on Outsourcing to Cloud Service Providers have been implemented in various MFSA Rulebooks.

INTELLECTUAL PROPERTY RIGHTS

IP protection for software

  1. Which intellectual property rights are available to protect software, and how do you obtain those rights?

Software constitutes literary work, which enjoys automatic copyright protection under the Copyright Act, Chapter 415 of the Laws of Malta. A copyright is a non-registrable right that arises as soon as a work considered eligible for copyright protection (which under Maltese law, includes artistic works, audiovisual works, databases, literary works and musical works) is created. No formal registration of copyright (voluntary or otherwise) in Malta is required. Further, in accordance with the Patents and Designs Act, Chapter 417 of the Laws of Malta (PDA), schemes, rules and methods for doing business and computer programs are not considered to constitute inventions that are capable of patent protection.

IP developed by employees and contractors

  1. Who owns new intellectual property developed by an employee during the course of employment? Do the same rules apply to new intellectual property developed by contractors or consultants?

In terms of works that are eligible for copyright protection, the Copyright Act dictates that such protection shall vest initially in the author or joint authors of the particular work. Particularly in the case of computer programs and databases, however, where a work is made in the course of the author’s employment, the economic rights arising therefrom will be deemed to be transferred to the author’s employer – subject to an agreement between the parties to the contrary. Other works eligible for copyright (namely, barring computer programs and databases) shall always vest in the author or joint authors of the particular work, provided that an agreement to the contrary has not been entered into.

With reference to patentable inventions, the PDA holds that any invention occurring under a contract of employment belongs to the employer; however, the creator of that work (namely, in this context, the employee) would have a right to equitable remuneration for their invention. In the absence of an agreement between the parties as to the remuneration due, this must be ascertained by the Maltese courts.

In view of the various nuances highlighted above, it is always advisable to incorporate a clause regulating the ownership, or otherwise, of intellectual property into a company’s standard contract of employment and service agreements with its contractors or consultants. However, when developing or making use of intellectual property in the course of employment or engagement, there is an argument to be made that the employee or the contractor or consultant engaged to render a particular service must be considered a fiduciary in accordance with article 1124 et seq of the Civil Code Chapter 16 of the Laws of Malta and must therefore abide by the various obligations specified therein.

Joint ownership

  1. Are there any restrictions on a joint owner of intellectual property’s right to use, license, charge or assign its right in intellectual property?

The Trademarks Act, Chapter 597 of the Laws of Malta, states that where a registered trademark is subject to co-ownership, each joint owner is entitled, subject to an agreement stating the contrary, to an equal undivided share in the registered trademark. Each co-owner is also entitled, personally or otherwise, to perform for their own benefit, without the other co-owner’s consent, any act that would otherwise amount to an infringement of the registered trademark. A co-owner may not grant a license over the registered trademark or assign or cede control of their share in the trademark without the other co-owner’s consent.

The aforementioned is also applicable in the case of co-ownership of a registered design under the PDA. Conversely, in the case of joint proprietors of a patent, the law specifies that either party may separately assign or transfer by succession their share of the patent with or without the other patent owner’s agreement. However, to surrender the patent or conclude a licensing agreement with third parties, the co-owners must act jointly.

In terms of copyright, a joint author can assign or license copyright unilaterally, provided that where any other joint author is not satisfied with the manner in which this assignment or license has been granted, they can resort to the Copyright Board within three months from the day on which the terms of the assignment or license have been communicated to them in writing.

Trade secrets

  1. How are trade secrets protected? Are trade secrets kept confidential during court proceedings?

The Trade Secrets Act, Chapter 589 of the Laws of Malta (TSA) provides for measures to be taken against the unlawful acquisition, use and disclosure of trade secrets. The TSA allows the competent court to issue precautionary acts against the alleged infringer for the cessation or prohibition of the use or disclosure of the trade secret on a provisional basis.

The court may also issue precautionary acts to prohibit the production, offering, placing on the market or use of infringing goods or the seizure of these infringing goods to prevent their entry into or circulation on the market. Once the court has determined that there has been unlawful acquisition, use or disclosure of a trade secret, it can order the cessation of the unlawful behavior, apply injunctive and corrective measures or impose damages that are appropriate to the actual prejudice suffered as a result of the unlawful acquisition, use or disclosure of the trade secret. The TSA also states that should an application be submitted by an interested party, it shall be unlawful for any of the parties participating within the legal proceedings to disclose the nature or any details relating to the trade secret in question. This obligation shall remain in force even after legal proceedings have ended.

Branding

  1. What intellectual property rights are available to protect branding and how do you obtain those rights? How can fintech businesses ensure they do not infringe existing brands?

Trademarks create a distinctive brand and can be obtained by lodging an application with the Malta Intellectual Property Rights Directorate outlining the trademark name or image (or combination thereof), as well as the goods and services that this trademark will protect. It is also possible to apply for an EU trademark, which will grant pan-EU protection over the trademark. On an international level, it is also possible to lodge an application with the World Intellectual Property Organization, designating the countries in which trademark protection is sought.

Remedies for infringement of IP

  1. What remedies are available to individuals or companies whose intellectual property rights have been infringed?

The remedies available are enshrined in the acts that regulate specific IP rights. The Trademarks Act provides that a person found guilty of trademark infringement under this act may be liable for:

  • imprisonment for up to three years;
  • a fine of up to €23,293; or
  • both.

This liability attaches to any person who, with a view to gain for themselves or another, or with intent to cause loss to another, uses or applies without the consent of the trademark owner an infringing sign or else has in their possession or control or offers for sale, hire or distribution goods that bear infringing marks. The Enforcement of Intellectual Property Rights (Regulation) Act, Chapter 488 of the Laws of Malta, provides for measures that may be requested by intellectual property rights holders to enforce their intellectual property rights or to preserve evidence and request information from alleged infringers.

COMPETITION 

Sector-specific issues

  1. Are there any specific competition issues that exist with respect to fintech companies in your jurisdiction?

There are no competition issues that specifically affect fintech companies in Malta. However, in 2019, the European Commission published its Competition Policy for the Digital Era, which tackles competition issues that arise from the digital industries and states how regulations should be tailor-made to cater for the specific issues that might arise. The report identified the following characteristics of the industry that might give rise to incentives for dominant digital firms to act in an anti-competitive manner:

  • the extreme returns to scale that the industry brings with it;
  • the convenience of the product being dependent on a large user base; and
  • the pivotal role of data.

TAX

Incentives

  1. Are there any tax incentives available for fintech companies and investors to encourage innovation and investment in the fintech sector in your jurisdiction?

While the Maltese corporate tax environment is very attractive to businesses establishing a local presence, there do not seem to be tax incentives specifically available for fintech companies. Malta offers several fiscal schemes and incentives in the form of tax credits to companies deemed as being innovative enterprises according to the rules and regulations set out by Malta Enterprise.

Increased tax burden

  1. Are there any new or proposed tax laws or guidance that could significantly increase tax or administrative costs for fintech companies in your jurisdiction?

Without prejudice to the regulatory fees payable to the competent authorities in relation to any new licensing obligations imposed on fintech companies, there are no new or proposed tax laws or guidance specific to fintech businesses that will amplify tax and administrative costs.

IMMIGRATION

Sector-specific schemes

  1. What immigration schemes are available for fintech businesses to recruit skilled staff from abroad? Are there any special regimes specific to the technology or financial sectors?

At present, in Malta, there are no immigration regimes specifically targeting fintech businesses aspiring to recruit skilled staff from abroad, which means that the immigration schemes that are available to fintech businesses are no different from the schemes that are available to other business sectors.

There are two regimes available, distinguishing EU, EEA and Swiss nationals from non-EU nationals. EU, EEA and Swiss nationals aspiring to work in Malta’s fintech business must apply for residence via CEA Form A submitted on the basis of employment or self-employment pursuant to the Free Movement of EU Nationals and their Family Members Order (LN 191/2007) and the Immigration Regulations (LN 205/2004). The non-EU, EEA and Swiss regime grants two applications to third-country nationals; namely, CEA Form B and the key employee initiative, which is a single work permit for managerial or highly technical posts.

UPDATE AND TRENDS IN FINTECH IN MALTA

Current developments

  1. Are there any other current developments or emerging trends to note?

The main current development in Malta is the drive and effort with which the Malta Financial Services Authority, as a proactive financial services regulator, is promoting the idea of Malta becoming a global fintech hub. Throughout its long-term fintech strategy, the regulator is not only supporting the financial services industry to harness the opportunities presented by innovation and technology, but is also geared up to harness as much legal and regulatory certainty as possible for industry players to operate in an environment with effective investor protection, market integrity and financial soundness.

* The information in this chapter was accurate as of June 2022.

If you need more consulting, please Contact Us at TNHH NT International Law Firm (ntpartnerlawfirm.com)

You can also download the .docx version here.

Rate this post

“The article’s content refers to the regulations that were applicable at the time of its creation and is intended solely for reference purposes. To obtain accurate information, it is advisable to seek the guidance of a consulting lawyer.”

NT INTERNATIONAL LAW FIRM