On 17th February, the MFSA published a Thematic Review on the Compliance Function of Company Service Providers (CSPs) outlining its findings and recommendations from supervisory exchanges with 49 CSPs holding different types of classes of CSP authorisation in terms of the Company Services Providers Act, consisting of both legal and natural persons. While the MFSA identified areas which require improvement, it positively noted that CSPs have been adequately prioritising an effective compliance function.
The main findings of the Thematic Review focus on the following core areas:
- Compliance Function and Role of the Compliance Officer
- Policies and Procedures
- Compliance Monitoring Programme
- Handling of Complaints and Breaches
- Client File Reviews
- Compliance Reporting
- Board Oversight
- Staff Training
The MFSA emphasized that CSPs must ensure that their compliance frameworks align with MFSA’s expectations, with a focus on strengthening the independence of the Compliance Officer, enhancing Compliance Monitoring Programmes, and ensuring proper documentation of compliance efforts. The Board of Directors must remain actively engaged in overseeing compliance matters and ensuring that corrective actions are taken where necessary. CSPs are expected to adopt a proportionate, risk-based approach to compliance while meeting all regulatory requirements under the CSP Rulebook.
CSPs are required to conduct a documented gap analysis exercise of their Compliance Function to assess alignment with the MFSA’s findings and recommendations under this Thematic Review.
Read more about the MFSA’s expectations arising from its Thematic Review on the Compliance Function of Company Service Providers, here.
