Malta’s New Tech Authority: Malta Digital Innovation Authority (MDIA)

The Mal­ta Dig­i­tal Inno­va­tion Author­i­ty (the “MDIA”) is reg­u­lat­ed by the Mal­ta Dig­i­tal Inno­va­tion Author­i­ty Act, Chap­ter 591 of the Laws of Mal­ta. It is an inde­pen­dent organ­i­sa­tion hav­ing dis­tinct legal per­son­al­i­ty and  com­plete auton­o­my from oth­er bodies/ per­sons.

It was estab­lished to address the devel­op­ment of all Inno­v­a­tive Tech­nol­o­gy Arrange­ments (“ITAs”) and Inno­v­a­tive Tech­nol­o­gy Ser­vices (“ITS”) in Mal­ta. The MDIA also aims to devel­op reg­u­la­to­ry process­es in rela­tion to ITA to sup­port all nation­al com­pe­tent author­i­ties reg­u­lat­ing dif­fer­ent sec­tors to bet­ter admin­is­ter the laws entrust­ed to their admin­is­tra­tion for the pub­lic ben­e­fit.

It also aims to encour­age the devel­op­ment of inno­v­a­tive tech­nol­o­gy in as wide a man­ner and for as many uses as pos­si­ble to achieve its ben­e­fits in as many eco­nom­ic and social sec­tors as pos­si­ble includ­ing but not lim­it­ed to, in finan­cial ser­vices, health and edu­ca­tion, vol­un­tary organ­i­sa­tions, pub­lic admin­is­tra­tion and trans­port.

The objectives of the MDIA

The MDIA shall endeav­our to:

  • pro­mote the deploy­ment of ITA by the Gov­ern­ment with­in the pub­lic admin­is­tra­tion;
  • fos­ter, pro­mote and facil­i­tate the advance­ment and util­i­sa­tion of ITAs and their design and uses;
  • pro­mote edu­ca­tion on eth­i­cal stan­dards and legit­i­mate exploita­tion of ITA;
  • pro­tect the rep­u­ta­tion of Mal­ta in the use of ITA;
  • pro­tect users includ­ing con­sumers to ensure stan­dards are devel­oped to meet their legit­i­mate expec­ta­tions and pro­tect against mis­use;
  • pro­vide a sound finan­cial basis for the Mal­ta Finan­cial Ser­vices Author­i­ty (“MFSA”) to achieve its pur­pos­es;
  • har­monise prac­tices and facil­i­tate the adop­tion of stan­dards in line with inter­na­tion­al norms, stan­dards, rules or laws and with those of the EU in par­tic­u­lar;
  • assist the com­pe­tent data pro­tec­tion author­i­ties in safe­guard­ing the data pro­tec­tion rights of data sub­jects and assist oth­er com­pe­tent author­i­ties in the pro­tec­tion of vul­ner­a­ble per­sons and the pro­mo­tion of fair com­pe­ti­tion and con­sumer choice;
  • pro­mote and enforce eth­i­cal and legit­i­mate cri­te­ria in the design and use of ITA to ensure qual­i­ty of ser­vices and secu­ri­ty there­in;
  • sup­port and col­lab­o­rate with oth­er reg­u­la­to­ry bod­ies and com­pe­tent author­i­ties to pre­vent mon­ey laun­der­ing and financ­ing of ter­ror­ism and crime in gen­er­al through the use of the ITA;
  • pro­mote trans­paren­cy and auditabil­i­ty in the use of ITA;
  • pro­mote ease of acces­si­bil­i­ty to the facil­i­ties pro­vid­ed by pub­licly avail­able ITA togeth­er with imple­men­ta­tion of the right of exit, with­draw­al or ter­mi­na­tion of such par­tic­i­pa­tion; and
  • pro­mote legal cer­tain­ty in the appli­ca­tion of laws, in a nation­al and cross-bor­der con­text, and the devel­op­ment of appro­pri­ate legal prin­ci­ples for the effec­tive appli­ca­tion of law to ITA.


The affairs of the MDIA are car­ried out by a board com­posed of a Chair­man and its mem­bers (between 4–8 mem­bers) who are con­sid­ered to have rel­a­tive qual­i­fi­ca­tions and expe­ri­ence in mat­ters relat­ing to ITAs and ITS, finan­cial ser­vices, audit and account­ing, law, reg­u­la­tion and oth­er sub­jects. The legal and judi­cial rep­re­sen­ta­tion of the MDIA vests with the Chair­man. Cur­rent­ly the Chair­man of MDIA is Dr. Joshua Ellul. The board mem­bers are appoint­ed for a peri­od of 1 year up to a max­i­mum of 3 years. The board is required to con­vene on a month­ly basis.

The board may also estab­lish com­mit­tees to address par­tic­u­lar issues. It may also estab­lish a Nation­al Tech­nol­o­gy Ethics Com­mit­tee to ensure that (i) prop­er eth­i­cal stan­dards are reflect­ed in the use of ITA and (ii) prop­er guid­ance is giv­en to oth­er author­i­ties in Mal­ta.

The board may del­e­gate or devolve all or part of the exec­u­tive con­duct of the MDIA, its admin­is­tra­tion and organ­i­sa­tion and admin­is­tra­tive con­trol of its offi­cers and employ­ees to a CEO.

Mr. Stephen McCarthy has been duly appoint­ed as the first CEO of the MDIA.

Duties and functions

The MDIA is required to address the devel­op­ment of all ITA in Mal­ta to achieve the objec­tives (referred to above). It shall also exer­cise super­vi­so­ry and reg­u­la­to­ry func­tions in the field of ITA and ITS as it may deem fit or be assigned to it from time to time.

Fur­ther­more, the MDIA is required to car­ry out the func­tions set out in the MDIA Act, includ­ing but not lim­it­ed to:

  • to reg­u­late, mon­i­tor and super­vise the pro­vi­sion of ITA and ITS in and from Mal­ta;
  • review all prac­tices, oper­a­tions and activ­i­ties relat­ing to ITA and ITS;
  • pro­mote fair com­pe­ti­tion, prac­tices and con­sumer choice in the sec­tor;
  • pro­vide the facil­i­ties for the recog­ni­tion, cer­ti­fi­ca­tion, reg­u­la­tion or oth­er­wise of the ITA;
  • estab­lish min­i­mum stan­dards for any ITA and ITS to pro­tect the gen­er­al pub­lic;
  • mon­i­tor the work­ing and enforce­ment of laws relat­ing to ITA and ITS and car­ry out such nec­es­sary inves­ti­ga­tions;
  • pro­vide infor­ma­tion and issue guide­lines;
  • estab­lish min­i­mum qual­i­fi­ca­tions for per­sons engaged or employed in ITA / ITS activ­i­ty;
  • ensure com­pli­ance with inter­na­tion­al oblig­a­tions;
  • advise the Mal­tese Gov­ern­ment through its Min­istry on pol­i­cy for­mu­la­tion and mat­ters con­nect­ed with the devel­op­ment of ITA;
  • sup­port inno­va­tion in the devel­op­ment, use and edu­ca­tion of ITA and ITS
  • review devel­op­ments on rel­e­vant sub­jects relat­ing to ITA and ITS
  • inves­ti­gate alle­ga­tions of prac­tices and activ­i­ties and review trad­ing prac­tices relat­ing to the pro­vi­sion of ITA /ITS.

Pur­suant to its reg­u­la­to­ry man­date and to enforce com­pli­ance, with­out in any way imply­ing lia­bil­i­ty on the MDIA’s part, the MDIA is enti­tled to receive and access infor­ma­tion (except for con­fi­den­tial source codes) on the ITA and its activ­i­ties. To car­ry out this func­tion, the MDIA can be a user and hold any wal­let, account or oth­er facil­i­ty in rela­tion to any form of dig­i­tal assets.

It shall also be able to engage with facil­i­ties or per­sons admin­is­ter­ing or rep­re­sent­ing the same and car­ry out trans­ac­tions which it may con­sid­er nec­es­sary for the car­ry­ing out of its func­tions.  Fur­ther­more, the MDIA may also enter and inspect, and take sam­ples of records, doc­u­ments or oth­er­wise relat­ing to the par­tic­u­lar ITA/ITS.

The MDIA is to car­ry out its func­tions in an impar­tial, trans­par­ent and time­ly man­ner and to ensure com­pli­ance there­with. The Min­is­ter may give the MDIA such direc­tions nec­es­sary in rela­tion to mat­ters which affect the pub­lic inter­est.

Application for Authorisation

An appli­cant desir­ing to have its ITA /ITS autho­rised, is required to pro­vide the MDIA with any infor­ma­tion, doc­u­men­ta­tion and assur­ances as request­ed. The Appli­cant must be a fit and prop­er per­son to pro­vide ITS and that the ITA is fit and prop­er and able to com­ply with the rules and reg­u­la­tions of the MDIA. Tak­ing a risk-based approach, the MDIA will also con­sid­er the pro­tec­tion of the gen­er­al pub­lic; Malta’s rep­u­ta­tion; pro­mo­tion of inno­va­tion, com­pe­ti­tion and choice; and the applicant’s rep­u­ta­tion and suit­abil­i­ty.

This autho­ri­sa­tion may be grant­ed sub­ject to cer­tain con­di­tions which the MDIA shall deem appro­pri­ate. The ITS provider must spec­i­fy the ser­vices to be pro­vid­ed and the MDIA will estab­lish a reg­is­ter of all hold­ers of autho­ri­sa­tion. Any appli­ca­tions which the MDIA shall refuse will also be pub­lished on its web­site togeth­er with the rea­sons for such refusal. Autho­ri­sa­tions are non-trans­ferrable and can be revoked, can­celled or sus­pend­ed by the MDIA at any time it deems fit.

Guidelines of the MDIA

The MDIA has so far pub­lished the fol­low­ing guide­lines to assist ITA appli­cants and ITS providers:

  • Sys­tems Audi­tor Guide­lines reg­u­lat­ing the appoint­ment of the Sys­tems Audi­tor, the reports and con­trol objec­tives.
  • Tech­ni­cal Admin­is­tra­tor Guide­lines
  • Res­i­dent Agent Guide­lines
  • ITA Guide­lines
  • Guide­lines on “in or from Mal­ta”
  • ITA Blue­print Guide­lines
  • Tech­nol­o­gy Stack Nomen­cla­ture.


The MDIA is a new author­i­ty for Mal­ta. It is under­stood that this Author­i­ty will be review­ing any new tech­nol­o­gy com­ing our way, be it DLT, AI, self- dri­ving cars, super com­put­ers, or oth­er­wise. Its effec­tive­ness is high­ly depen­dent upon the knowl­edge of its mem­bers in these areas and on the MDIA’s capa­bil­i­ty of pro­vid­ing clear and prop­er guid­ance in such tech­nol­o­gy.

About Dr. Jörg Werner

Dr. jur. Jörg Wern­er, born 27 May 1971, attend­ed the law school of the Uni­ver­si­ty of Leipzig and passed his first state exam­i­na­tion in the State of Sax­ony in 1996. After suc­cess­ful­ly com­plet­ing his manda­to­ry legal intern­ship, he suc­cess­ful­ly passed the sec­ond state exam­i­na­tion of the State of Sax­ony-Anhalt in 1998 and was admit­ted to the bar and began to prac­tice as a Ger­man attor­ney (Recht­san­walt) before the court of Magde­burg the same year. He worked as an attor­ney at the Law Offices of Prof. Dr. Fre­und & Kol­le­gen until he formed the firm of Wrede & Wern­er. He was also admit­ted to prac­tice before the Supe­ri­or Court of Naum­burg. In 2001, he moved the firm’s offices to Cen­tral Berlin, where he was admit­ted to prac­tice before the Courts of Berlin. Dr. jur. Jörg Wern­er then com­plet­ed his doc­tor­al stud­ies at the Uni­ver­si­ty of Ham­burg and grad­u­at­ed as a Dok­tor der Rechtswis­senschaften (Doc­tor of Laws).

View All Posts

Leave a Reply

Your email address will not be published.