Get in touch by sending us a message or by contacting us directly.
DORA EU Legislation
Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014, (EU) No 909/2014 and (EU) 2016/1011 (Digital and Operational Resilience Act’)
Regulatory Technical Standards
Regulatory Technical Standards (RTS) on ICT risk management framework and on simplified ICT risk management framework
RTS to specify the policy on ICT services supporting critical or important functions provided by ICT third-party service providers (TPPs)
Stay updated with our latest insights
DORA ICT Subcontracting RTS Published
Following the European Commission’s earlier rejection, the Regulatory Technical Standards (RTS) on ICT Subcontracting have been published in the EU Official Journal on 2 July 2025. The RTS will enter into force 20 days after publication, which means that they will come into effect on 22 July 2025. Financial entities and ICT providers must ensure to update their contractual arrangements to fulfil the conditions set out in the RTS to ensure compliance by 22 July 2025. To receive updates on this important development and related news please visit our website and consider subscribing to our newsletter. This document does not purport…
Digital Inclusion: The European Accessibility Act and the Web Accessibility Directive
As the digital economy continues to expand, businesses must ensure that their products and services are accessible to everyone — including persons with disabilities. Two key EU laws are shaping accessibility obligations in Malta: the European Accessibility Act and the Web Accessibility Directive. These legal frameworks place important compliance responsibilities on entities with an online presence, particularly those operating in retail, e-commerce, consumer electronics, financial services, and other industries that rely heavily on websites and mobile applications to serve customers. What is the European Accessibility Act? The European Accessibility Act (Directive (EU) 2019/882) will come into force in Malta on…
ICT Aspects of a MiCA Application
On the 17th of June 2025, the Malta Financial Services Authority (“MFSA”) published a circular titled ‘Follow-Up Circular to the Industry on the Authorisation Process for MiCA Applicants’. The circular concerns the authorisation process for crypto-asset service providers (CASPs) under Regulation (EU) 2023/1114 on Markets in Crypto-Assets (MiCA), as integrated in Maltese law through Chapter 647. This circular supplements the Authority’s communication of the 10th December 2024 which was explained in a previous legal update. The June 2025 circular introduces two additional annexes that are now required as part of a complete MiCA application file. These are Annex AX05 (Digital…