The Malta Financial Services Authority (“MFSA” or “Authority”) has published its Supervisory Priorities for 2026, outlining a clear regulatory direction centred on financial crime compliance, consumer protection, operational resilience and enhanced cross-border supervision.
The 2026 priorities continue to build on the MFSA’s Compliance Outcomes-Based Supervision framework, which has now been embedded across all sectors. This supervisory approach focuses on testing measurable compliance outcomes rather than purely procedural adherence, reflecting a more data-driven and risk-based methodology. The Authority has confirmed that it will once again focus on seven core pillars: resilience of supervised entities, sustainable finance, digital finance, governance, risk and compliance, financial crime compliance, consumer protection and education, and cross-border supervision.
A particularly strong emphasis has been placed on financial crime compliance. The MFSA has intensified its scrutiny of AML/CFT frameworks, with supervisory attention directed towards the effectiveness, independence and resourcing of the MLRO function, as well as the adequacy of transaction monitoring systems, sanctions screening tools and governance oversight. The Authority has signalled further thematic exercises and supervisory outreach in 2026, especially in higher-risk sectors such as financial institutions and crypto-asset service providers. This focus is aligned with the broader implementation of the EU AML legislative package and reflects the growing expectation for demonstrable effectiveness in financial crime controls.
Consumer protection also remains a central supervisory priority. The MFSA will continue assessing whether marketing communications are fair, clear and not misleading, whether complaints handling frameworks are effective and whether retail products offer genuine value for money. Supervisory engagement will also consider the fair treatment of vulnerable consumers and the transparency of disclosures across sectors. In parallel, the Authority is strengthening its financial literacy initiatives and aligning Malta’s framework with international best practices, further reinforcing the link between market integrity and informed consumer participation.
Cross-border supervision also features as a key theme for 2026. Given the significant number of Malta-licensed entities operating across EU jurisdictions, the MFSA continues to enhance cooperation with European supervisory authorities and participate actively in convergence initiatives.
Digital finance and technological innovation feature prominently within the 2026 agenda. The MFSA will oversee the transition of virtual asset service providers into crypto-asset service providers under the Markets in Crypto-Assets framework, while also monitoring preparedness for PSD3 and broader digital operational resilience requirements. Artificial intelligence remains under supervisory focus, with the Authority assessing how firms are integrating AI into governance and control frameworks, particularly in areas affecting consumer outcomes. ICT risk management, DORA compliance and engagement with ICT third-party providers will form part of continued supervisory activity, demonstrating the Authority’s intention to ensure that innovation is accompanied by robust safeguards.
Taken together, the Supervisory Priorities for 2026 point to a regulatory environment characterised by increased thematic reviews, deeper scrutiny of governance effectiveness, heightened expectations around financial crime controls and stronger cross-border oversight. Firms should consider undertaking proactive gap analyses of their governance structures, AML/CFT frameworks, reporting quality, outsourcing arrangements and digital resilience capabilities to ensure alignment with supervisory expectations.
If you would like to explore how these supervisory priorities may affect your organisation’s regulatory strategy, governance framework or risk profile, we would be pleased to discuss this with you.
