On 26 September 2025, the FIAU issued a Guidance Note specifically addressed to for limited (registered) company service providers (CSPs) to clarify their responsibilities under the Prevention of Money Laundering and Funding of Terrorism Regulations (PMLFTR) and the amended Company Service Providers Act. This guidance recognizes the distinct category of limited CSPs—typically individuals acting in a personal capacity who handle a restricted number of directorship or company secretary engagements, capped at ten. Due to this smaller scale and reduced activity range, the guidance promotes a proportionate AML/CFT compliance approach that balances regulatory effectiveness with practicalities suited to limited CSPs.
The Guidance Note clarifies that these limited CSPs are not required to perform detailed, documented business risk assessments or maintain complex risk management methodologies. Instead, they must maintain a solid understanding of the money laundering and terrorist financing risks relevant to their business and individual engagements, and be ready to explain their risk profile and mitigating controls during supervisory reviews. The note also lightens documentation burdens and states that written policies, procedures, or controls are not strictly mandated, provided the CSP knows and consistently applies appropriate AML/CFT measures.
Limited CSPs are exempt from direct registration on the FIAU’s CASPAR platform as registration data submitted to the MFSA will be shared with the FIAU. Nevertheless, reporting obligations remain fully binding, including the requirement to register on the goAML platform for suspicious transaction reporting. On the other hand, Registered CSPs must submit an annual return to the MFSA, which will be intended to capture data and information of relevance to both the FIAU and the MFSA for risk understanding and risk assessment purposes. As a result, the requirement to complete and submit the Risk Evaluation Questionnaire (REQ) will no longer apply to these specific categories of CSPs.
This proportionate regime reflects the limited CSPs’ smaller scale and simpler operations without compromising the thoroughness of risk mitigation measures expected under Maltese law.
At Shoulder Compliance, we help CSPs navigate the constantly evolving regulatory environment with tailored compliance and AML solutions. Reach out on info@shoulder.mt to learn more.
