Supervision Risks Identified, Weaknesses and Expected Controls – Part III

by , on Mar 13, 2020 01:00:31 AM


The Malta Financial Services Authority (MFSA) published a document on ‘Supervision Risks Identified, Weaknesses and Expected Controls’, which outlines the risks posed by authorized firms, certain weaknesses exhibited in their operation and the controls which are to be put in place to mitigate these risks. This series of three articles will provide an overview of the risks, weaknesses and controls in the areas of Credit and Financial Institutions, Securities and Markets, and Trustees and CSPs.

Part 3 – Trustees and CSPs


Trustees and CSPs are at risk of being misused as vehicles for illicit activities including tax evasion, drug trafficking, fraud, corruption and terrorist financing when setting up or working with trusts and corporate entities. Thus, the main risk posed by trustees and CSPs is ML/FT, and these entities are often unaware of the high-risk nature of their business.


One of the common weaknesses identified among trustees and CSPs by the MFSA is insufficient systems for record keeping, since client records are not being kept in a centralized location and directors and employees do not always have access to such records. The second weakness involves insufficient systems for the segregation of assets, and this issue is particularly relevant with regards to trustees since the segregation of the assets of the trust, the trustee and other trusts is an essential feature. Clients’ money is not always segregated into separate bank accounts, which sometimes leads to the integration of clients’ money with funds pertaining to the trust or CSP.


Trustees and CSPs are expected to put several controls in place to mitigate these risks. AML/CFT measures must be put in place which initially involve analyzing the threats posed by the entity which a trustee or CSP is servicing, and putting in place mitigating measures accordingly. In this regard, reference should be made to the National AML/CFT Risk Assessment and Strategy and other relevant sectoral risk assessments. Entities must also put a risk assessment methodology in place and keep an updated beneficial ownership database. With regards to record keeping, entities must maintain all communication with clients relating to the introduction, onboarding, acceptance and all other ongoing communication in a centralized location. Such records must be made available to the MFSA upon request. Finally, licensed entities must implement systems for the segregation of clients’ assets and reconciliations are kept when pooled clients’ monies accounts are used.  

The MFSA’s Supervision: Risks Identified, Weaknesses and Expected Controls can be accessed here. For more information, please do not hesitate to contact us on [email protected].