We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners. Read More

Log in

Log in

The Implementing Procedures Part II for Company Service Providers - Paula Galea Farrugia

28 Jun 2021 08:56 | Anonymous

The Accountant – Issue 2 of 2021 (MIA Publication)

On 16 December 2020 the FIAU issued sector specific Implementing Procedures (IPs) for CSPs1. This article provides sector-specific guidance on the implementation of particular Anti-Money Laundering/Countering Funding of Terrorism obligations, that warrant further elaboration at an industry-specific level. Paula Galea Farrugia holds a Doctorate in Laws and a Masters in Financial Services from the University of Malta.She began her career in 2004 by joining the Company Compliance Unit of the MFSA and is now the Head of Compliance at Alter Domus Malta.Paula Galea Farrugia holds a Doctorate in Laws and a Masters in Financial Services from the University of Malta.She began her career in 2004 by joining the Company Compliance Unit of the MFSA and is now the Head of Compliance at Alter Domus Malta.

The Implementing Procedures give detailed information on Money Laundering/Terrorist Financing (ML/FT) risks to assist CSPs in formulating a better understanding of the ML/FT risks they face, ensuring that they are better equipped to detect and report ML/FT suspicions. These sector-specific IPs should be read in conjunction with the IPs Part I2.

CDD on Intermediaries and Agents

These IPs guide CSPs in distinguishing between Introducers, Intermediaries and Agents and between Intermediation and Reliance.

An Introducer is defined as a person who typically would have a business relationship with a third party, the Introducer’s client, and who introduces that third party to a CSP. The intention would be for the third party to form a business relationship or conduct a one-off transaction directly with the CSP, thereby becoming a customer of the CSP directly.

When an Introducer introduces a third party to a CSP, and remains actively involved in carrying out the occasional transaction or in the business relationship established with the CSP, they become an Intermediary. Besides carrying out customer due diligence (CDD), the CSP must also carry out further due diligence measures on the Introducer. The IPs provide guidance on the basic checks required for all intermediaries and also as to further checks required for higher risk intermediaries.

An Agent is a person who acts on the customer’s behalf and has the authority to bind the customer with his or her actions. Company directors who are vested with the legal and judicial representation of the Company who, within the context of an occasional transaction or a business relationship, act on behalf of the Company, are likewise considered to be agents who purport to act on behalf of the respective company. They need to be identified and verified, and the CSP is expected to ensure that they are authorised in writing to act on the customer’s behalf.

A CSP can deal with an Agent/Intermediary without placing reliance on that Agent/Intermediary. A CSP may also rely on another subject person/third party in terms of Regulation 12 of the Prevention of Money Laundering and Funding of Terrorism Regulations (PLMFTR)without that other subject person/third party being an Agent/Intermediary regarding the CSP. In certain circumstances, an Introducer/Intermediary/Agent could be another subject person/third party subject to AML/CFT obligations in another jurisdiction, on whom the CSP is permitted to place reliance to carry out some aspects of CDD.

Purpose & Intended Nature: Establishing the Customer’s Business and Risk Profile

CSPs that solely provide company formation services, without any additional company services, are considered to be carrying out an occasional transaction and not establishing a business relationship, since the CSP’s services end with the setting up of the company. Nevertheless, CSPs are still expected to understand and, as appropriate, obtain information on the intended purpose of the company or other legal entity being set up.

CSPs who are requested to provide services, such as a registered office (RO), a correspondence address, directorship or secretarial services to or within companies/partnerships which the CSP itself incorporates or which are already incorporated, would be establishing a business relationship since these services are offered over a span of time and hence denote an element of duration. Accordingly, these CSPs are required to assess, and, as appropriate, obtain information on the purpose and intended nature of the business relationship being established. Relevant information in this context includes the rationale for the setting up of the company/partnership in Malta and/or for the provision of the requested services.

The commercial/trading activity that is to be carried out by the company should be understood. When the company is not set up to carry out commercial/trading activity but to hold assets, it would not suffice to simply determine the purpose of that company. The CSP providing services to that company would be expected to gather information on the commercial/trading activity carried out directly by the holding company’s subsidiary or subsidiaries.

The CSP is expected to assess whether the profile of the shareholders or beneficial owners’ tallies with the company’s/partnership’s activity or purpose. CSPs are expected to obtain information on the value of the share capital or assets, and, depending on any identified ML/FT risks, obtain documentation evidencing the source of funds and/or assets forming the capital of the company/partnership.

Ongoing Monitoring of Business Relationships

CSPs providing directorship services and who would be empowered to legally represent and bind the company, are expected to carry out ongoing monitoring of the transactions that the company undertakes. Transactions should be scrutinised to ensure that they are in line with the CSP’s knowledge and understanding of that corporate customer. If transactions are complex, unusually large in amount or conducted in an unusual pattern or have no apparent economic or lawful purpose, CSPs are expected to examine their background and purpose.

CDD data, information and documentation should also be kept up-to-date. The extent of monitoring should be commensurate with the risk profile established by the customer risk assessment.

Timing of CDD Procedures

CSPs are not expected to initiate CDD procedures upon first enquiry by a prospective customer, but when the customer takes active steps to seek the services of the CSP. CDD measures are then to be completed prior to setting up the business relationship or the carrying out of an occasional transaction.

Termination of Business Relationships for the Purposes

of AML/CFT Obligations

In certain cases, the relationship with the customer cannot be officially terminated. In the case of the provision of RO services, if the CSP lost contact with the client, has exhausted all possible means to contact the customer and has documented the actions taken to do so, the termination date of the business relationship for the purposes of the PMLFTR would be considered to be the date when the CSP informs the Malta Business Registry that it has lost contact with the customer and is no longer willing to continue providing them RO services.

Sanctions Screening

CSPs are also subject to sanctions screening, freezing of assets and the reporting obligations envisaged under the National Interest (Enabling Powers) Act, Cap 365. All CSPs are expected to subscribe to the sanctions list, which is constantly updated by the Sanctions Monitoring Board (SMB), by sending an email to sanctions.mfea@gov.mt (or any other procedure that may be initiated by the SMB), and to screen their clients against this list on a regular basis or, alternatively, deploy software that autonomously performs that function.


Paula Galea Farrugia holds a Doctorate in Laws and a Masters in Financial Services from the University of Malta.She began her career in 2004 by joining the Company Compliance Unit of the MFSA and is now the Head of Compliance at Alter Domus Malta.


Contact Us

Suite 4, Level 1, Tower Business Centre, Tower Street, Swatar, BKR 4013, Malta 

E-mail: info@miamalta.org

Tel. +356 2258 1900

© MALTA INSTITUTE OF ACCOUNTANTS, 2023                                                                                         Privacy Notice