- Strengthening existing obligations
- Sanctions Risk Assessment (“SRA”)
- Sanctions screening and freezing procedures
- Payment Service Providers (“PSPs”)
Strengthening existing obligations
The new National Interest (Enabling Powers) Act (Cap. 653 of the Laws of Malta) (the “NIA”) was enacted on 14 November 2025. This legislation marks a significant development in Malta’s legal framework as far as restrictive measures (or “sanctions”) are concerned.
The NIA serves to reinforce the pre-existing obligations applicable to Maltese entities and individuals, particularly those classified as “Subject Persons” for anti-money laundering purposes. These obligations relate to compliance with local requirements regarding restrictive measures, as well as those adopted by the European Union (“EU”) and the United Nations (“UN”). These developments re-emphasise the need for heightened vigilance and a comprehensive, well-structured sanctions compliance framework.
Sanctions Risk Assessment (“SRA”)
The revamped NIA brings with it a pivotal requirement for all AML Subject Persons, being the need to conduct and document SRAs. This obligation underscores the importance of demonstrating a thorough understanding and awareness of the specific sanctions-related risks to which a particular Subject Person may be exposed. Furthermore, it necessitates a clear articulation of the internal controls and measures that have been implemented to mitigate these identified risks.
Therefore, an effective SRA must encompass all risk factors relevant to that Subject Person’s operations. While the four primary categories outlined in the FIAU Implementing Procedures Part I, namely Customer Risk, Geographical Risk, Product, Service and Transaction Risk, and Delivery Channel/Interface Risk, are essential, the assessment should not be limited solely to these factors. Instead, it should provide a comprehensive overview of all potential sanctions-related risks faced by the business.
Moreover, the approach to conducting an SRA is expected to be dynamic in nature, evolving in step with the Subject Person’s changing business practices and offerings. It is crucial that Subject Persons demonstrate adaptability in their assessment processes, ensuring that their SRAs reflect and respond to the shifting sanctions compliance landscape. This approach is key to maintaining robust and effective protection against sanctions-related threats.
Sanctions screening and freezing procedures
A critical component of the SRA is the documentation of the measures adopted by the Subject Person regarding sanctions screening, ongoing monitoring, and asset-freezing practices. The SRA should explicitly outline the procedures in place to ensure that effective sanctions screening is conducted and maintained, as well as how asset-freezing measures are implemented and documented.
The NIA highlights the importance of sanctions screening, mandating that client databases must be screened on a regular basis. In addition, screening must be conducted immediately following any amendments to local, EU, or UN sanctions lists. It is also necessary to perform screening whenever awareness of changes to a client’s circumstances, or their business operations arises.
Payment Service Providers (“PSPs”)
PSPs are also subject to specific, additional requirements in terms of the NIA regarding the verification of sanctions status. These entities must confirm whether any of their users are affected by EU sanctions. This verification process is triggered immediately after the imposition of any new EU sanctions and must also take place on a daily basis for the duration of such restrictive measures, thereby maintaining continuous oversight over their user base in line with legislative obligations.
How can we help?
At PwC, our Financial Crime Compliance team is well-equipped to help you navigate the increasingly dynamic nature of the sanctions compliance landscape. We offer support in conducting your SRA, ensuring that it is comprehensive and tailored to your specific operational context. In addition, our specialists can assist in drafting and reviewing your sanctions-related policies and procedures, as well as provide bespoke training, designed to address the unique needs of your enterprise.
This article was written by Justine Xuereb, a senior associate within the Financial Crime Compliance team.
Contact us
