The National Coordination Committee (NCC) issued Malta’s 2023 National Risk Assessment, five years after the last NRA was issued in 2018, and eighteen months after Malta was removed from the so-called FATF grey list. The NRA provides the outcome of the evaluation of inherent and residual risk within the financial sector, designated non-financial businesses and professionals sectors (“DNFBPs”) and virtual financial asset sectors (“VFA and VFASPs”).
Overall, the residual risk in most sectors was found to have reduced, primarily due to an improvement in the effectiveness of mitigating measures undertaken by the public and private sectors over the last five years. Ten sub-sectors saw their residual risk reduce, most notable the remote gaming, lawyers, legal arrangements and NPOs, whose residual risk reduced to Medium, from High in 2018 – a two grade reduction.
Three sub-sectors were found to have an unchanged residual risk. Amongst these is the financial institution sector with a Medium-High residual risk classification, where it was found that the growth in this sector was not matched by a corresponding maturity in the effectiveness of AML /CFT frameworks at the level of the licensees. This sector also featured on the higher end of the spectrum in terms of its relative size in the local market as well as its exposure to terrorist financing, proliferation financing and targeted financial sanction risks.
The only sub-sector that saw an increase in residual risk is the land-based gaming sector from Medium-Low to Medium risk; driven primarily by a recalibration of inherent risk.
Subject Persons are encouraged to take into consideration the findings of risk assessments issued by Regulatory Bodies/ Authorities such as Supranational, National and Sectorial Risk Assessments. Understanding the findings of the NRA and evaluating the impact these have on the organisation’s inherent risk, particularly as they relate to sector, jurisdiction and products/services is an important aspect of effective ML/TF risk management. Area of impact may include, BRA, CRA and transaction monitoring rules. Consideration ought to be given to the recommendations provided within the NRA.
As risks associated to financial crime keep evolving, Subject Persons must ensure that their ML/TF risk management framework remains tuned and calibrated to provide those charged with governance an accurate representation of the organisation’s risk exposure. Our financial crime team can assist you evaluating the impact of the latest SNRA on the risk components of your business risk assessment. Speak to us for more information on our solutions.