Skip to main content

Corporate governance a key enabler for the long-term sustainability of FinTech enterprises

Corporate governance is a critical enabler for achieving sustainability and long-term value within FinTech enterprises, both small and large.

For small FinTech start-ups, developing strong foundations of corporate governance is key for transforming a great tech or business idea into a sustainable enterprise that is not dependent solely on the founder. And for larger FinTech enterprises, enhancing corporate governance arrangements is critical for achieving scale in a manner that balances growth with ensuring long-term value.

Robust corporate governance arrangements are essential for organisations to ensure accountability, transparency and compliance. They are a foundational element of smart management, and are a key consideration in regulatory oversight.

Corporate governance at the heart of the revised FIR/03 rulebook


Corporate governance has consistently been a top priority for the Malta Financial Services Authority’s supervision of FinTech enterprises. It therefore comes as little surprise that the recently revised Chapter 3 of the Financial Institutions Rulebook (FIR/03) further expands on sound corporate governance arrangements and regulatory expectations in this space.

The revised rulebook focuses on several fundamental principles of sound corporate governance, including:

  1. Board composition and suitability, including the presence of at least one independent non-executive director, striking a balance between executive and non-executive directors, and ensuring that the Board effectively oversees the implementation of the organisation’s strategic objectives, risk strategy and internal governance.
  2. Enforcement of the three lines model through the allocation of roles and accountabilities to specialised risk, compliance and internal audit functions that are independent from the day-to-day operational management of the business, thereby ensuring a robust control framework and the provision of ongoing independent assurance to the Board.
  3. Ability to demonstrate compliance with regulatory requirements, including forming and maintaining a permanent compliance function. The compliance function must operate independently from first line roles, ensuring objectivity and integrity in its oversight role, and managing an ongoing compliance monitoring plan.
  4. Business continuity arrangements to ensure ongoing operational resilience as well as measures to ensure security of information. Businesses must also implement security mechanisms to safeguard the integrity, confidentiality, and availability of information, including cybersecurity measures.
  5. Prior notification and approval requirements that are intended to ensure ongoing communication with the regulator and effective supervision. Financial institutions must obtain written consent from the MFSA before implementing material changes to their business, appointing key personnel, or addressing significant breaches.

The importance of an effective Board of Directors


The revised FIR/03 rulebook places significant emphasis on the composition and role of the Board of Directors in ensuring the long-term sustainability of payment service providers and e-money institutions. A balanced board is considered a linchpin for a well-managed FinTech enterprise.

The following are some of the key expectations for the Board of Directors:

  1. Strategic oversight: The Board of Directors is responsible for overseeing the business strategy, internal governance and internal control framework, and risk profile and strategy of the business, as well as the adequacy of the policies relating to the provision of services to clients.
  2. Composition: The Board of Directors should be composed of at least three members – potentially larger depending on the nature, scale and complexity of the business, with a healthy mix of executive and non-executive directors and at least one independent director.
  3. Suitability: Directors shall be individually and collectively suitable to oversee all facets of the business, demonstrating knowledge and experience, time commitment, independence of mind and integrity.
  4. Role of the Chair: The Chairperson of the Board of Directors shall ensure the Board meets on at least a quarterly basis, discusses strategic issues, and takes decisions on a sound and well-informed basis through an efficient flow of information from management.
  5. Constructive challenge: Directors are expected to constructively challenge and critically review propositions, explanations and information received when exercising judgement and taking decisions, and that such discussions are documented in the minutes.

How Deloitte can help


Our FinTech team, comprising industry specialists, can help you to understand and navigate these evolving operational challenges and regulatory expectations, and to make sense of them within the broader regulatory landscape. We can support you with:

  • Completion of an independent assessment of your corporate governance arrangements.
  • Development of Board suitability assessments and Board effectiveness reviews.
  • Design of organisational structures, including outsourcing of risk, compliance and internal audit responsibilities.
  • Development of compliance monitoring plans and the annual compliance report.
  • Delivery of internal audit exercises on general or targeted facets of corporate governance, including remuneration, conflicts of interest and business continuity arrangements.
  • Development and implementation of a business continuity management programme.
  • Design of risk appetite statements, risk management framework and internal control frameworks.

FinTech | Strengthening corporate governance

8 May 2025