The Malta Financial Services Authority (“MFSA”) has issued a new circular on 13 May 2026 providing further guidance to Payment Institutions (“PIs”) and Electronic Money Institutions (“EMIs”) on the safeguarding of clients’ funds through investments in secure, liquid, low-risk assets. The circular focuses on institutions that choose to safeguard client funds through investments rather than holding them solely in segregated accounts.
The guidance gives firms greater clarity on what the MFSA considers acceptable when client funds are invested in financial instruments or money market funds as part of safeguarding arrangements.
Investments in Secure Liquid Low-Risk Assets
Where institutions choose to invest safeguarded client funds directly in assets under Regulation 7(1A)(a)(i) of the Safeguarding of Funds Regulations, the MFSA clarified that these assets should fall within specific categories under the Capital Requirements Regulation (“CRR”). In addition, the assets should carry a specific risk capital charge of no more than 1.6%, excluding certain qualifying items referred to in the CRR.The circular also explains that, for assets to be considered sufficiently liquid, they should qualify as Level 1 or Level 2 assets under the relevant EU liquidity rules.
In practical terms, the MFSA is making it clear that institutions should adopt a cautious and conservative approach when investing safeguarded client funds.
Use of UCITS Money Market Funds
The circular also addresses situations where institutions safeguard client funds through investments in UCITS Money Market Funds (“MMFs”). According to the MFSA, these MMFs should primarily invest in high credit quality money market instruments, such as commercial paper, certificates of deposit, government bonds, corporate bonds, and similar instruments.
Importantly, institutions are expected to conduct their own assessment of the underlying assets held in the MMF to ensure they satisfy the relevant CRR requirements and risk thresholds.
The MFSA also clarified its expectations around liquidity. In particular, redemption proceeds from the MMF should generally be received no later than the end of the business day following the redemption request.
Ongoing Monitoring and Governance
Beyond the initial assessment, the circular emphasises ongoing oversight and monitoring. Institutions are expected to:
- Regularly test the liquidity of the MMF through redemptions;
- Adopt prudent allocation limits supported by historical data;
- Establish clear governance arrangements and assign responsibility for oversight;
- Carry out semi-annual assessments of the MMF’s portfolio holdings; and
- Ensure that the annual safeguarding audit reviews compliance with these requirements.
The circular highlights that safeguarding is not simply a one-time exercise carried out during onboarding or investment selection. Firms are expected to continuously monitor the appropriateness of the arrangements in place.
Documentation Expected by the MFSA
Institutions intending to use UCITS MMFs for safeguarding purposes are also required to submit various documents to the MFSA, including:
- Offering documents relating to the relevant fund or sub-fund;
- Details of the proposed allocation of safeguarded funds;
- Updated safeguarding policies;
- Board approval documentation;
- Assessments of the underlying assets held by the MMF;
- Evidence relating to segregation and ownership of assets; and
- Due diligence documentation concerning the selected custodian or depositary.
The MFSA also noted that additional information may be requested depending on the circumstances of each institution.
Internal Audit Considerations
The circular also has important implications from an internal audit perspective. Institutions should consider whether their safeguarding framework, governance arrangements, and monitoring processes are sufficiently robust to meet the MFSA’s expectations. Areas that may require closer review include:
- Due diligence over MMFs and custodians;
- Ongoing liquidity monitoring;
- Documentation of internal assessments;
- Governance and oversight arrangements; and
- Compliance with safeguarding policies and regulatory requirements.
Looking Ahead
The MFSA noted that the guidance may be updated in the future to reflect further EU regulatory developments, including PSD3. For Payment Institutions and Electronic Money Institutions, the circular provides useful clarification on the regulator’s expectations when safeguarding client funds through investment-based arrangements. Firms using these structures should take the opportunity to review their existing safeguarding frameworks, governance processes, and monitoring controls to ensure they remain aligned with the MFSA’s expectations.
