DLA Piper’s recently published ‘AI Laws of the World’ guide provides a 2025 Q3 snapshot of AI laws and proposed regulations across more than 40 countries (including all 27 EU Member States), highlighting key legislative developments, regulations, proposed bills, and guidelines issued by governmental bodies. The guide also includes a contribution made by Mamo TCV Advocates which illustrates the legal position in Malta. The guide underscores significant geographical variation in regulatory approaches and attitudes, yet also reveals numerous common concerns, with lawmakers and AI-focused organisations worldwide adopting and exchanging a variety of strategies. Whilst some jurisdictions have established their own…
The Malta Digital Innovation Authority (“MDIA”) and the Information Data Protection Commission (“IDPC”) have been identified as the Maltese Market Surveillance Authorities (“MSA”) under EU Regulation 2024/1689 (the “AI Act”), albeit the process of designation has yet to be formally concluded. It is expected that this will take place shortly in the coming days. The MSAs will be tasked with overseeing the responsible use of AI systems in Malta and with having the competence to carry out investigations and issue fines and penalties where necessary. They will have a diverse set of responsibilities that may be categorised as follows: Maintaining…
As of today, 8 July 2025, the Regulatory Technical Standards (RTS) on Threat-Led Penetration Testing (TLPT) are now effective, including in Malta, following their publication in the Official Journal on 18 June 2025. These RTS supplement Article 26 of the Digital Operational Resilience Act (‘DORA’) and lay down a framework for the execution of TLPT. The RTS specify the criteria used for identifying the financial entities which are required to perform threat-led penetration tests and lay down organisational arrangements for financial entities. The RTS also include provisions on risk management and specify criteria for engaging TLPT providers. Moreover, the RTS…