Reforms at national and EU levels, including the creation of the EU Anti-Money Laundering Authority (AMLA) and the EU Single Rulebook, are raising standards. The Malta Financial Services Authority (MFSA) is also tightening supervision, moving away from reactive compliance.

Six key compliance trends for 2025 and beyond

1. Enhanced supervision and risk-based classification

The MFSA’s three-tier regime for CSPs, introduced in 2021, remains central to Malta’s risk-based regulatory model, with TCSPs facing the highest scrutiny. In its Supervisory Priorities for 2025, the MFSA outlines the Authority’s continued commitment to fostering market integrity, consumer protection, and financial stability. MFSA will build on its outcomes-based approach, focusing on governance, internal audit processes, and real-time compliance monitoring. It is also revising rules for individuals providing directorship services and refining the framework for the different classes of CSPs.

“The CSP sector has made notable improvements in its compliance posture; however, further strengthening of risk governance frameworks and internal reporting remains a priority.” MFSA, 2025.

Inspections are becoming more detailed, requiring a greater emphasis on accurate data and timely reporting.

2. The role of AMLA: Centralised EU supervision and EU-wide AML consistency

AMLA will begin preliminary operations in mid-2025 and is expected to be fully operational by 2028.

AMLA will:
• Directly supervise high-risk cross-border financial institutions
• Coordinate oversight between national FIUs
• Enforce the EU-wide Single Rulebook on AML/CFT by ensuring harmonised application of AML rules and reducing regulatory arbitrage between member states.

For Maltese TCSPs, especially those servicing non-resident clients or cross-border structures, this signals increased EU-level visibility and scrutiny.

3. 6AMLD: Expanding the scope of liability

The sixth Anti-Money Laundering Directive (6AMLD) has broadened the compliance remit for CSPs by:
• Including new predicate offences such as cybercrime and environmental crime
• Introducing criminal liability for legal persons, including CSPs
• Mandating stronger cooperation between EU member states’ law enforcement agencies.

This is especially relevant in Malta, where CSPs often act as intermediaries in international structures. Failure to report suspicious activity can now lead to criminal charges, not just administrative fines. The directive reinforces the shift from compliance as a tick-box exercise to a legal and ethical governance obligation.

4. EU single rulebook: Harmonisation and standardisation

Effective from 10th July 2027, the EU Single Rulebook will unify AML/CFT requirements across all member states. It aims to include improved transparency in beneficial ownership and limit the misuse of anonymous financial instruments.

It will include:
• Uniform due diligence requirements across jurisdictions
• Standardised beneficial ownership registry formats
• Common thresholds and timelines for reporting suspicious activities
While CSPs in Malta are well positioned following reforms in 2021, the Rulebook will reduce room for interpretation and increase expectations further.

5. Embedding a culture of compliance

A February 2025 MFSA circular, following a thematic review of 49 CSPs, found that most have adopted structured compliance frameworks. Key findings included:

• Compliance officers attending and reporting to board meetings
• Written compliance procedures in place
• Monitoring programmes actively followed and documented
• Regular and documented client file reviews

This marks a shift in culture, with compliance now viewed as a core part of risk management and value creation.

6. Technology and talent: The compliance imperatives

Digital tools supporting onboarding, UBO checks, sanctions screening, and transaction monitoring are no longer optional. At the same time, Malta faces a shortage of experienced compliance professionals, increasing pressure on firms to build stronger internal capacity to ensure the appropriate compliance culture is present for a key advantage to do business.

By 2025, CSPs are expected to:
• Conduct thorough risk assessments during onboarding and reviews
• Use automated tools for screening sanctions, adverse media, and PEP connections
• Ensure accuracy in UBO reporting, which remains under close review
• Trust structures must be fully documented, with clear audit trails and easy access to relevant deeds and data for inspections.

In the future, TCSPs who treat compliance as a strategic focus, not just a regulatory requirement, will be best placed to compete in a transparent, rules-based EU market, while early adoption of the AML package and Single Rulebook will separate market leaders from followers. In a trust-based sector, strong compliance is vital to building credibility.

“At Finco Trust Services Limited, our focus is on long-term client success,” says Steve Cuschieri, MLRO Finco Trust Services. “We go beyond onboarding by remaining proactive and accountable throughout the relationship. From accounting and audit support to tax consultancy, banking, and regulatory navigation, we act as your business partner. Our expertise, tailored approach, and strong links with institutions and regulators ensure our clients are not only compliant, but resilient and confident.”