Skip Navigation
Understanding Compliance Visits and Related Insights for Licence Holders in Malta
A compliance visit is a formal inspection carried out by a regulatory authority to assess whether an organisation is meeting its legal and operational obligations. In Malta, these visits are commonly conducted by the Financial Intelligence Analysis Unit (FIAU), the Malta Financial Services Authority (MFSA) and the Malta Gaming Authority (MGA).
At A2CO, we work closely with licence holders to help them prepare for these inspections, avoid non-compliance, and maintain full alignment with supervisory expectations.
Compliance Visits and Post-Licence Audits in Malta
What Happens During a Compliance Visit in Malta
Regulatory inspections play a key role in monitoring the ongoing compliance of subject persons, licensed entities and businesses that fall under specific legal frameworks. These inspections may be scheduled or unannounced, and often involve:
-
A review of your organisation’s internal policies and procedures
-
Interviews with key personnel such as the MLRO or compliance officer
-
Checks on risk assessments, AML controls and record-keeping systems
-
Inspection of client files, transaction logs and training documentation
Whether you hold a financial, gaming or company service provider licence, you may be selected for a supervisory visit as part of a routine risk-based approach or a thematic review.
If your organisation operates in the gaming sector, MGA inspections may also evaluate your adherence to Malta Gaming Licence conditions, including responsible gaming measures and internal controls assigned to key function holders.
What to Expect from FIAU and MFSA Compliance Visits
The FIAU is responsible for monitoring AML and CFT compliance in Malta. It carries out inspections of subject persons, including company service providers, financial institutions, legal professionals and tax advisors. The MFSA may also carry out compliance inspections on behalf of the FIAU, particularly where financial services providers are involved.
A typical FIAU compliance visit may involve:
-
A review of your Business Risk Assessment and Customer Risk Assessments
-
Evaluation of your AML policies and procedures
-
Interviews with your Money Laundering Reporting Officer and senior staff
-
Checks on how you monitor client transactions and report suspicious activity
-
Confirmation of staff training on compliance procedures
If deficiencies are identified, the FIAU may issue follow-up directives requiring corrective action. A2CO supports clients with responding to FIAU directives, ensuring that remedial steps are completed accurately and within the prescribed timelines.
Post-Licence MGA Compliance Audits and Supervisory Reviews
The Malta Gaming Authority conducts several types of audits to ensure that operators meet their licence obligations. These may include:
-
System audits, typically completed prior to launching operations
-
System reviews, which evaluate ongoing procedures and technology setups
-
Compliance audits, which assess operational conduct, AML procedures and adherence to licence conditions
For gaming operators that also offer blockchain-based products, these reviews may intersect with services such as AML and KYC for crypto firms or token compliance advisory, depending on the structure of your business.
What Happens During a Compliance Visit in Malta
Regulatory inspections play a key role in monitoring the ongoing compliance of subject persons, licensed entities and businesses that fall under specific legal frameworks. These inspections may be scheduled or unannounced, and often involve:
-
A review of your organisation’s internal policies and procedures
-
Interviews with key personnel such as the MLRO or compliance officer
-
Checks on risk assessments, AML controls and record-keeping systems
-
Inspection of client files, transaction logs and training documentation
Whether you hold a financial, gaming or company service provider licence, you may be selected for a supervisory visit as part of a routine risk-based approach or a thematic review.
If your organisation operates in the gaming sector, MGA inspections may also evaluate your adherence to Malta Gaming Licence conditions, including responsible gaming measures and internal controls assigned to key function holders.
What to Expect from FIAU and MFSA Compliance Visits
The FIAU is responsible for monitoring AML and CFT compliance in Malta. It carries out inspections of subject persons, including company service providers, financial institutions, legal professionals and tax advisors. The MFSA may also carry out compliance inspections on behalf of the FIAU, particularly where financial services providers are involved.
A typical FIAU compliance visit may involve:
-
A review of your Business Risk Assessment and Customer Risk Assessments
-
Evaluation of your AML policies and procedures
-
Interviews with your Money Laundering Reporting Officer and senior staff
-
Checks on how you monitor client transactions and report suspicious activity
-
Confirmation of staff training on compliance procedures
If deficiencies are identified, the FIAU may issue follow-up directives requiring corrective action. A2CO supports clients with responding to FIAU directives, ensuring that remedial steps are completed accurately and within the prescribed timelines.
Post-Licence MGA Compliance Audits and Supervisory Reviews
The Malta Gaming Authority conducts several types of audits to ensure that operators meet their licence obligations. These may include:
-
System audits, typically completed prior to launching operations
-
System reviews, which evaluate ongoing procedures and technology setups
-
Compliance audits, which assess operational conduct, AML procedures and adherence to licence conditions
For gaming operators that also offer blockchain-based products, these reviews may intersect with services such as AML and KYC for crypto firms or token compliance advisory, depending on the structure of your business.
How A2CO Supports You
At A2CO, we help you stay on top of your compliance obligations with practical, structured support that reflects the expectations of Maltese regulators.
-
Comprehensive policy and documentation reviews to ensure compliance with current legal requirements
-
Mock audits and inspection simulations to help you prepare and identify any areas of risk
-
Support in developing or updating your AML risk model and CRA
-
Assistance during the visit itself, helping your team present accurate records, explain systems in place, and respond to inspection queries confidently
-
Action planning and support following the inspection, including help with remediation and reporting
-
We also ensure your wider compliance framework remains aligned, including bookkeeping processes, GDPR and data protection practices, and registered office requirements, all of which may be reviewed during supervisory visits.
Why Choose A2CO
-
A proven track record supporting clients through FIAU, MFSA and MGA inspections
-
In-depth knowledge of AML compliance advisory practices and supervisory frameworks
-
Clear, actionable advice tailored to your licence type and sector
-
Practical insights that improve compliance and reduce risk
-
Full alignment with regulatory expectations, from pre-licence to post-licence stages
Frequently Asked Questions
Regulators will inspect your AML framework, request to see internal documents, carry out interviews, and verify whether your organisation is compliant with its licence obligations.
MGA audits may be carried out by the Authority itself or by appointed audit firms. They are generally conducted during the lifecycle of your licence, often as part of post-licence supervision.
A compliance visit may be broader and include supervisory inspections. An audit tends to focus on operational reviews, systems and policies linked to a specific licence.
You will need to prepare an action plan and demonstrate full adherence to the FIAU’s instructions. A2CO can support you throughout this process.
You should review your AML policies, train your key staff, prepare your risk assessments and ensure that your MLRO is ready to lead discussions with officials.
