Technology Arrangement and Services Bill

Home \ VFA Legal \ Technology Arrangement and Services Bill

A BILL entitled

AN ACT to provide for the regulation of designated innovative technology arrangements referred to in the Act, as well as of designated innovative technology services referred to in the Act, and for the exercise by or on behalf of the Malta Digital Innovation Authority of regulatory functions with regard thereto.

BE IT ENACTED by the President, by and with the advice and consent of the House of Representatives, in this present Parliament assembled, and by the authority of the same, as follows:

 

ARRANGEMENT OF THE ACT

Articles
Part I Preliminary 1-2
Part II Principles of Recognition 3-6
Part III Certification of Innovative Technological Arrangements 7-8
Part IV Registration of Service Providers 9-11
Part V Miscellaneous Provisions 12-20

 

First Schedule.            Innovative Technology Arrangements

Second Schedule         Innovative Technology Services

Third Schedule            Term of Validity of Authorisations

Fourth Schedule          Provisions relating to article 8(4)(a)

 

1. (1) The short title of this Act is the Innovative Technology Arrangements and Services Act, 2018.

(2) This Act shall come into force on such date as the Minister for Digital Economy may by notice in the Gazette establish, and different dates may be so established for different provisions and different purposes of the Act.

2. (1) Unless the context otherwise requires, terms and phrases not defined in this Act shall have the same meaning as the said terms and phrases are given in the Malta Digital Innovation Authority Act, 2018.

(2) In this Act, unless the context otherwise requires –

“this Act” means the Innovative Technology Arrangements and Services Act, 2018, and includes any regulations made, and rules and guidelines issued thereunder unless the context otherwise requires;

“administrator” means an officer or any person who is appointed to carry out representative and fiduciary functions in the control and administration of a legal organisation, and any person who carries out such functions even if under another name, but shall not include a technical administrator or a resident agent under this Act or a VFA agent under the Virtual Financial Assets Act, 2018, and the term “board of administrators” shall be construed accordingly;

“auditor” means a systems auditor of innovative technology arrangements and related smart contracts recognised under this Act;

“Authority” means the Malta Digital Innovation Authority established by the MDIA Act and any reference to the Authority shall, unless the context otherwise requires, be construed as including a reference to any person authorised by the Authority to act for or on its behalf;

“innovative technology arrangement” means an arrangement listed in the First Schedule;

“innovative technology service” means a service listed in the Second Schedule, and “innovative technology service provider” shall be construed accordingly;

“the MDIA Act” means the Malta Digital Innovation Authority Act, 2018, and includes any regulations made, and rules and guidelines issued thereunder, unless the context otherwise requires;

“Minister” means the Minister responsible for Digital Economy;

“national competent authorities” are authorities, departments, agencies or divisions of the Government or government entities which carry out supervision, regulatory or assessment functions of persons applying for any form of recognition under applicable law;

“systems auditor” means a person who, upon a written engagement accepts to review and, or audit innovative technology arrangements and smart contracts or parts thereof who may not necessarily be an accountant or auditor with a practicing certificate under the Accountancy Profession Act;

“technical administrator” means the person who, upon a written engagement accepts to carry out specific functions relating to the operation, of the whole or a designated part, of the system as are established in this Act, in guidelines issued by the Authority, as the same may be supplemented by the conditions applicable to the certification of the particular certified innovative technology arrangement.

  1. (1) The Authority shall administer the provisions of this Act in line with the guiding principles and in furtherance of the regulatory objectives established by MDIA Act. All the provisions of the MDIA Act shall apply in relation to persons who are recognised under this Act, including without limitations in so far as relates to the powers vested in the Authority regarding recognition and authorisations or refusal thereof, investigation, and enforcement and also with regard to regulatory actions which may be taken.

(2) This Act provides for various methods of recognition which the Authority may extend to varied types of innovative technology arrangements and innovative technology services as are referred to in the Schedules and this in accordance with the provisions of this Act.

(3) Unless having the functions and, or the characteristics referred to in the Schedules, it shall be presumed that the type or class of innovative technology arrangement or service shall not be eligible for recognition by the Authority under this Act.

(4) In the event of reasonable doubt as to whether –

(a) an innovative technology arrangement or innovative technology service has the functions and, or the characteristics referred to or is within the type or class of arrangements or services referred to in the Schedules; or

(b) the arrangement is sufficiently similar in scope and functionality to an innovative technology arrangement as defined in this Act; or

(c) the arrangement includes but does not consist solely of an innovative technology arrangement,

the Authority may, on a written application for a ruling regarding any particular innovative technology arrangement or innovative technology service, issue a ruling confirming or denying the application, in part or in full.

In case of confirmation, the relevant innovative technology arrangement or innovative technology service shall thereby be considered to have the functions and, or the characteristics referred to or be of the type or class of arrangements or services listed in the Schedules and the applicant may proceed with an application for recognition under the provisions of this Act.

(5) The decision by the Authority to deny an application under this article shall be subject to review or appeal by the Tribunal under the provisions of the MDIA Act and in case of a negative determination of the appeal, the particular innovative technology arrangement or innovative technology service shall not be eligible for recognition unless such particular innovative technology arrangement or innovative technology service is modified to fit within the scope of the Schedules or until such time as the Schedules are amended to include such type or class.

  1. Unless expressly stated in a provision of this Act or other special law, nothing in this Act shall be considered as exempting any innovative technology arrangement or any innovative technology service provider from the provisions of any other law, including other regulatory laws requiring authorisations or similar approvals:

Provided that, on the basis of the principles of simplification and avoidance of duplication, in the event that a requirement under this Act is similar in scope to that under another law and has been satisfactorily met by an applicant, the Authority shall, if necessary with the written consent of the applicant, co- ordinate with the other national competent authorities and rely on the submissions and processes being carried out by the other authorities in carrying out its duties under this Act.

  1. (1) Any person who desires to obtain recognition for any innovative technology arrangement or any innovative technology service as stated in the Schedules may apply to the Authority by making use of the relevant prescribed forms issued by the Authority for the purpose or in the absence of a prescribed form, by an application in writing providing the information required by the Authority for such purpose with reference to the subject matter of the application.

(2) An applicant shall provide all information, documentation and assurances as may be required by the Authority to permit the Authority to consider any application and determine the suitability of the applicant to be recognised, depending on the innovative technology arrangement or the innovative technology service being the subject of the application.

(3) Once recognised, the applicant, or if different, the person to whom the recognition has been issued, shall be bound to fulfil all the conditions prescribed by this Act and the MDIA Act, any regulations as well as any rules or other regulatory instruments in force for as long as the recognition remains in force.

  1. (1) The Authority shall maintain an electronic register, hereinafter referred to as ”the Register”, of all recognitions issued or obtained under this Act and this in accordance with article 27(5) of the MDIA Act.

(2) The Register shall be divided into such parts, and each part with such classes, as the Authority shall from time to time determine, so as to represent the different types of recognition granted to applicants.

(3) The Register shall provide all such details as the Authority shall consider necessary to identify the relevant applicant and the activities being carried out.

(4) The Register shall be available to the public on the website of the Authority.

  1. (1) The Authority may certify different innovative technology arrangements for one or more specified purposes and with reference to one or more specified –

.        (a)  qualities;

.        (b)  features;

.        (c)  attributes;

.        (d)  behaviours; or

.        (e)  aspects,

as may be determined by the Authority, and which shall be stated in the certification.

(2) The issue of a certification for one purpose, quality and feature, attribute and behaviour or other aspect shall neither operate as a certification for different purposes, qualities and features, attributes and behaviours or aspects nor shall it bar the issue of other certifications for other purposes, qualities and features, attributes and behaviours or aspects.

(3) The Authority shall from time to time establish guidelines on the purposes, qualities and features, attributes and behaviours or aspects for which it will and, or will not issue certifications and in so doing shall also establish the basis for the particular certifications or refusals.

It shall also establish guidelines on other matters such as the review processes and the timing of such reviews for the purposes of maintaining in place any certifications it may issue.

(4) The Authority may designate, and make public, any international or other standards of certification it may rely on when issuing its own certification under this Act.

(5) The Authority may amend the guidelines referred to above from time to time including to enhance the qualitative standards of its reviews but such amendments shall not, except with the consent of any applicant with a pending application or the holder of the certification, come into force prior to the lapse of at least six (6) months after the publication of such amendments and, in any case, shall only apply from the next review due under the relative guidelines immediately after the lapse of the said six (6) months.

(6) Once certified, an innovative technology arrangement shall be granted a Certificate under this Act which shall state the details of how the innovative technology arrangement is identified, including any public key or a brand name, and the Certificate shall be given a unique number for purposes of identification.

 

(7) The certified innovative technology arrangement shall post the Certificate on the arrangement, in a specific location which shall be notified to the Authority, in an easily accessible and legible format so it can be viewed and understood by all users of the innovative technology arrangement.

(8) When a Certificate is issued in favour of an innovative technology arrangement it shall be presumed to refer to all parts of the arrangement which are described as constituting the arrangement in the application unless expressly stated otherwise, in which case, it shall refer only to the specific parts designated as the subject of the certification.

  1. (1) Any innovative technology arrangement which is referred to in the First Schedule, or in relation to which the Authority has issued a written ruling on eligibility under article 3, may at any time be the subject of an application to the Authority for certification.

(2) The Authority may certify any innovative technology arrangement when it is satisfied that the general and the specific requirements of this article have been satisfied.

(3) The general requirements are intended to meet the standards of legality, integrity, transparency, compliance and accountability generally established for innovative technology arrangements by the Authority reflecting the principles of the MDIA Act and this Act, and confirmation that none of the circumstances referred to in article 29 of the MDIA Act arise, and shall be assessed by the Authority based on its own reviews of all persons involved, all documentation available and the software it may access as would any user thereof.

(4) The specific requirements shall establish to the satisfaction of the Authority that:

(a) the innovative technology arrangement is fit and proper for the purposes for which it declares to have been established and having the qualities, attributes, features, behaviours or aspects also declared; and when controlled by a legal organisation:

(i) any administrator of such organisation, if any, is a fit and proper person to carry out his functions as administrator; and

(ii) if there are shareholders in any legal organisation which owns or controls the innovative technology arrangement, any shareholder holding more than twenty-five per cent (25%) of the shares or ownership interests in the said legal organisation or who, through provisions of the statute, has special voting or other rights permitting him to exercise effective control over the activities of the legal organisation, (hereafter referred to as a “qualifying shareholder”) shall be a fit and proper person subject to the more detailed provisions of the Fourth Schedule;

(b) the software comprising the innovative technology arrangement, or such parts of it as are designated in applicable rules or otherwise in writing by the Authority, has been reviewed by a registered systems auditor, or registered systems auditors, who are independent from all persons owning, administering, operating or otherwise involved in the innovative technology arrangement, and the Authority has been provided with positive assurance by the systems auditor, or when more than one, each systems auditor, in relation to the matter of audit and review on which he has been engaged.

The systems auditor shall confirm that the innovative technology arrangement meets reasonable standards with reference to –

(i) the specific purposes, qualities, features, attributes, behaviours or aspects of innovative technology arrangements;

(ii) all authorisations or powers granted to –

(A) the Authority or other national competent authority, if any; or

(B) the technical administrator; or

(C) the innovative technology arrangement itself,

exist as stated and operate as intended; and

(iii) compliance with any rules and regulations made under this Act and any guidelines issued by the Authority applicable to the particular type of innovative technology arrangement, as well as any conditions established by the Authority in the particular case.

The Authority may at its discretion, cumulatively or alternatively, require a high level review or audit on the

 

characteristics of the innovative technology arrangement when the specific purposes, behaviours or aspects of the relevant innovative technology arrangement:

(i) need to be considered holistically in view of its complexity; or

(ii) are not susceptible to specific review or assurances for reasons acceptable to the Authority, to the review and assurance described above;

and in such cases the level of the review or audit and the relative assurances shall be expressly stated in the certification and prominently reflected in the website of the applicant, if any, the innovative technology arrangement and in the Register of the Authority.

(c) the innovative technology arrangement has a registered technical administrator in office at all times, and who is able to demonstrate to the Authority the ability of the innovative technology arrangement to satisfy –

(i) all pre-requisites for the certification which may be granted to it under this Act;

(ii) its ability to meet standards on a continuing basis and to address critical matters as are stated in guidelines, if any, by the Authority in the event they occur;

(iii) its ability to vary parameters or functionalities where the objective of the system is to address mandatory legal requirements which may reasonably be predicted to change over time; and

(iv) with reference to matters, if any, upon which –

.       (A)  the technical administrator;

.       (B)  the Authority or other national competent

authorities; or

(C) any other designated person,

may be given the discretion or may be required to intervene and which are addressed by the software, all authorisations or powers required to carry out such interventions exist and operate as intended;

(d) the innovative technology arrangement is in a position to –

(i) comply with and observe any innovative technology authorisation rules and regulations applicable to it, any guidelines issued by the Authority as well as any conditions established by the Authority in the particular case; and

(ii) carry out any obligations imposed upon it by applicable law, including those relating to the prevention of money laundering and the financing of terrorism, the protection of personal data, the respect of the rights of consumers and other mandatory laws; and

(iii) has in-built technology features, to enable the technical administrator to intervene in a transparent and effective manner in the event of –

.       (A)  a material cause of loss to any user; or

.       (B)  a material breach of law,

so as to ensure that the cause of loss or breach of law is satisfactorily addressed to the best of his abilities and to ensure it does not occur or re-occur, and in case of unjustifiable failure by the technical administrator, on the intervention of the Authority;

(e) the specific purposes, qualities, features, attributes, limitations, conditions, terms of service and behaviours or aspects of the relevant innovative technology arrangements and on the basis of which a user is invited to participate or rely on or use the innovative technology arrangement are stated in the English language in an easily accessible and intelligible format. On such matters as are stated, in case of conflict between the English language and the underlying code of the innovative technology arrangement, the English language shall prevail. Where the applicant wishes to use multiple languages for this purpose, in case of conflict between languages, the English language version shall prevail.

(5) In the case of –

(a) DLTs or other innovative technology arrangements which are in operation, or at a very advanced stage of development, on the date of the coming into force of this Act;

 

and

(b) open, decentralised, public and permission-less DLTs, and other similar innovative technology arrangements,

where compliance with one of the requirements stated in this article is not practicable within short time frames due to technical challenges as shall be confirmed by a systems auditor registered under this Act, if the Authority considers the circumstances of the case appropriate, the Authority may, on the basis of the recommendation of the said systems auditor and the agreement of the applicant identify –

(a) the issues on which there is non-compliance with the legal requirements stated in this article;

(b) the matters which need to be overcome for such issues to be addressed;

(c) the manner in which such issues may be addressed as would satisfy the Authority of compliance with this article; and

(d) the time frame within which the issues are to be addressed,

and proceed to issue a certification of the said innovative technology arrangement conditionally upon compliance within the time frames agreed with the applicant and subject to the additional condition that a systems auditor who has been registered under this Act and who maintains such recognition at all relevant times issues a positive assurance that the necessary actions and modifications have been made to the innovative technology arrangement to achieve the agreed outcomes and compliance with this article.

The condition shall be recorded in the certification.

(6) When the Authority proceeds to certify the innovative technology arrangement under this Act it shall enter its name in the Register of recognised innovative technology arrangements, under such category as it may determine.

(7) The innovative technology services providers referred to above shall be appointed by any person who is an applicant, developer or owner of the innovative technology arrangement or in case the innovative technology arrangement is held within a legal organisation, by the legal representative of the organisation.

(8) When an innovative technology arrangement is held within a legal organisation, whether with legal personality or not, the certification shall be made in the name of the legal organisation and where it does not qualify as a legal organisation, the Certificate shall be made in the name of a technical administrator, who has been registered under this Act and who maintains such recognition at all relevant times, who has been engaged in respect to the innovative technology arrangement.

  1. (1) The Authority may accept to register persons providing different innovative technology services as shall be stated in the registration. The registration for the provision of one type of service shall not bar the registration of the same person to provide other types of services.

(2) The Authority shall from time to time establish guidelines on the purposes for which it will register innovative technology service providers and in so doing shall also establish the requirements for the particular registrations. It shall also establish other aspects such as the review processes and the timing of such reviews for the purposes of maintaining in place any registrations it may accept.

(3) The Authority may designate and make public any international or other standards of service it may rely on when considering a registration of services providers under this Act.

(4) The Authority may amend the guidelines referred to above from time to time including to enhance the qualitative aspects or purposes of its reviews but such amendments shall not come into force prior to the lapse of at least six (6) months after the publication of such amendments and, in any case, shall only apply from the next review due under the relative guidelines immediately after the lapse of the said six (6) months.

(5) Once registered, a service provider shall be granted a Certificate of Registration which shall state its name and address and have a unique number for purposes of identification and shall list the class or classes of services which the applicant has been registered to provide.

(6) The registered service provider shall post the Certificate of Registration on its website, if it has one, as well as on any innovative technology arrangement to which it renders its services and this shall be posted thereon in an easily accessible and legible format so it can be viewed and understood by all users of the innovative technology arrangement.

(7) The registration of an innovative technology service provider may be made in relation to persons, being individuals or legal organisations, whether having legal personality or not, and may be carried out –

(a) personally;

(b) through the resources of the organisation;

(c) through delegates approved by the Authority;

(d) through technology systems:

Provided that in cases referred to in paragraphs (b) and (c), apart from the name of the registered innovative technology services provider approved by the Authority, the individual who is approved to provide the services shall also be named in the certification.

  1. (1) Any innovative technology service provider who is referred to in the Second Schedule, or in relation to which the Authority has issued a written ruling on eligibility under article 3, may at any time apply to the Authority to be registered under this Act.

(2) The Authority may register any innovative technology service provider when it is satisfied that the innovative technology service provider:

(a) is fit and proper for the provision of the services it declares he is providing or intends to provide and, when organised as a legal organisation, any shareholder holding more than twenty-five per cent (25%) of the voting shares shall be a fit and proper person and any administrator of such legal organisation shall be a fit and proper person to carry out such activities or functions or the role such person has assumed with regard to the legal organisation;

(b) has the qualifications and, or experience which the Authority requires for registration as a provider of services in the particular class applied for;

(c) has sufficient technical resources or third party support, personally, through delegates or through automated systems, and is in a position to comply with and observe any innovative technology authorisation rules and regulations applicable to him, any guidelines issued by the Authority as well as any conditions established by the Authority in the particular case.

(3) The Authority shall not register an innovative technology service provider if the circumstances referred to in article 29 of the MDIA Act arise.

(4) When the Authority proceeds to register the innovative technology service provider under this Act, it shall enter his name in the Register of recognised innovative technology service providers, under such category as it may determine.

(5) When an innovative technology service provider has been constituted as a legal organisation, whether with legal personality or not, the registration shall be made in the name of the legal organisation and where the service is carried out personally by such service provider, the registration shall be made in the name of the service provider himself.

(6) Innovative technology service providers registered under the provisions of this article shall be considered to be professionals who act as fiduciaries in relation to the information submitted to them by any customers and shall also be bound by the provisions of the Professional Secrecy Act and shall act accordingly.

  1. (1) Every innovative technology service provider and every person who may be designated to carry out any role in any innovative technology arrangement, even if not recognised under this Act, shall respect the following principles of best practice in relation to his or its activities.

(2) In carrying on its operations, it shall:

.        (a)  conduct its business with honesty and integrity;

.        (b)  pay due regard to the rights, interests and needs of

each and all its customers and must communicate with them in a way that is fair, clear and not misleading;

(c) manage and control its business effectively, and conduct its business with due skill, care and diligence; and

(d) have effective arrangements in place, through human resources, including third party delegates or contractors, financial resources as well as technology facilities to be able to meet its operational and compliance obligations.

  1. (1)
application under this Act and holds –

Any person who has been recognised following an

(a) a Certificate for an innovative technology arrangement;

(b) a Certificate of Registration as an innovative technology service provider; or

(c) any other form of recognition which is issued by the Authority,

shall provide the Authority with particulars of any material changes in the information provided to the Authority in the application processes under this Act within thirty (30) days of such changes.

For the purpose of this article “material changes” with reference to an innovative technology arrangement shall include:

(a) any alternations of any of the software on which an assurance has been provided by a systems auditor;

.        (b)  any development altering the rights of users;

.        (c)  any development altering the rights, authorisation

and powers of the technical administrator or the Authority; and

(d) any change in the technical administrator.

Furthermore, it shall generally be taken to include:

(a) any change in an administrator of a relevant legal organisation;

.        (b)  any change in a qualifying shareholder;

.        (c)  any change in the person with reference to whom a

certification or a Certificate of Registration has been issued; and

(d) any other matter which shall be declared to be material by the Authority in guidelines issued from time to time.

(2) In so far as an innovative technology arrangement is concerned, the holder of the Certificate shall also provide the Authority with a registered technical administrator that they are aware of the material changes which have been made to the information previously provided to the Authority and that such changes do not affect the content of their review, assurances or declarations provided to the Authority for the purposes of the certification of the relevant innovative technology arrangement or, to the extent that the changes result in additional features which have not been reviewed and do not fall within the parameters of existing assurances and declarations issued by them as required under article 8:

(a) the systems auditor has carried out the review as required under the said article and provides the relative assurances; and

(b) the technical administrator has certified the changes and confirms that continuing validity of his declaration issued for the purpose of the certification of the innovative technology arrangement.

(3) In so far as a Certificate of Registration as an innovative technology service provider is concerned, the holder of the Certificate of Registration shall also provide the Authority with all information which shall be relevant in order to enable the Authority to update the Certificate of Registration with the new information after carrying out such processes as would be applicable as though it were a new application with regard to the new information.

  1. (1) The Authority shall act in a open and transparent manner in considering applications and shall seek to provide reasonable information on the progress of an application and, in case of refusal, reasons for such refusals to accept any application under this Act.

(2) Failure to take a decision on an application within three (3) months of an application shall be deemed to be a refusal and the applicant shall enjoy the rights of appeal under the MDIA Act from such date.

  1. (1) All authorisations under this Act shall be for the periods of validity and effect as stated in the Third Schedule and shall be presumed to expire on the first working day after the relevant anniversary of the date of authorisation as appears on the certificate confirming the authorisation.

(2) It shall be the duty of an innovative technology authorisation holder to ensure that the authorisation is kept valid and effective and will be renewed at least within the last three months of its duration and in any case prior to expiry, by:

 

 

(a) submitting the information assurances, declarations and other materials or taking such actions as are required by the Authority for renewals of the relevant authorisations and in particular to demonstrate that the applicant is still in compliance with the Act and the conditions of its authorisation;

(b) in case of innovative technology arrangements, carrying out the audits and reviews and obtaining the necessary declarations from the registered auditor and the registered technical administrator; and

(c) by paying to the Authority the relevant fees.

  1. (1) When the persons making an application for any form of recognition are not ordinarily resident in Malta, such applicant is required to appoint in writing prior to registration, a resident agent who –

(a) is habitually resident in Malta;

(b) is not interdicted or incapacitated or is an undischarged bankrupt;

(c) has not been convicted of any of the crimes affecting public trust or of theft or of fraud or money laundering or of knowingly receiving property obtained by theft or fraud; and

(d) has satisfied the Authority that he is a person capable of carrying out the functions stated under this Act.

(2) The holder of an innovative technology authorisation shall ensure that it has a validly appointed resident agent at all times when there is no person involved in the administration of the holder who is resident in Malta:

Provided that:

(a) if both the innovative technology arrangement and the technical administrator appointed with reference to it are not resident in Malta, the appointment of a resident agent for the technical administrator shall satisfy the requirement under this article also for the innovative technology arrangement for as long as such technical administrator is engaged and the engagement of the resident agent is made by the technical administrator also for the innovative technology arrangement on being authorised to do so; and

(b) when an innovative technology arrangement is made up of several constituent parts – DLT and smart contracts – which may each obtain a certification under this Act, it shall be lawful for all applicants to designate the main constituent part and thereafter all the ancillary parts shall be deemed to satisfy the requirements of this article if the engagement of the resident agent with reference to the main constituent part names all the ancillary parts and confirms that the applicant is authorised to do so with reference to the said ancillary parts.

(3) Notices of the appointment, resignation or removal of the resident agent shall be filed with the Authority in the prescribed form, and until such form is issued by means of a notification in writing and where a notice of appointment is given it shall be accompanied by the acceptance in writing of the resident agent of such appointment.

(4) The Authority may at any time refuse or reject any notice of an appointment which it considers is not in compliance with this Act and in such case the applicant or the innovative technology authorisation holder, as the case may be, shall immediately appoint another resident agent.

  1. (1) It shall be the function of the resident agent, on behalf of the innovative technology authorisation holder, to –

(a) act as the channel of communication between the innovative technology authorisation holder and the Authority and other Maltese government departments and authorities;

(b) sign and file with the Authority and other Maltese government departments and authorities all declarations and forms required in terms of Maltese law;

(c) act as the judicial representative of the innovative technology authorisation holder for judicial proceedings in Malta, and any notice whether by the Authority or any other authority, sent to the resident agent at his last registered address, shall be deemed to have been duly received by and notified to the innovative technology authorisation holder.

(2) The resident agent shall not be personally liable for non- compliance by the innovative technology authorisation holder with any law, nor for any misrepresentation made in any submissions or documents issued by the applicant, even if authenticated by the resident agent for the purposes of the application or any other law, unless the resident agent has personally undertaken such liability for the compliance in writing or has himself wilfully or recklessly made a false declaration.

(3) The resident agent shall neither be responsible for any court, legal or related costs in the event of any judicial proceedings filed against him in his capacity as judicial representative of the holder of the innovative technology arrangement or any of its officers, by whosoever they may have been filed.

  1. (1) Without prejudice to the express powers enjoyed by an innovative technology authorisation holder in his engagement, the resident agent shall have the power, on behalf of the innovative technology authorisation holder, to –

(a) sign and file applications, declarations, notices, returns and any other document required in terms of Maltese law;

(b) apply for the certification of an innovative technology arrangement or for the registration of an innovative technology service provider under this Act and for the revocation or cancellation of an authorisation, and to perform any ancillary act in relation thereto;

(c) pay all relative fees and taxes payable in terms of Maltese law;

(d) do all other things as may be considered conducive or ancillary for the certification or registration or other form of recognition under this Act or for the maintenance of such recognition;

(e) authenticate documents issued by the innovative technology authorisation holder; and

(f) receive formal notification on behalf of the innovative technology authorisation holder when notifications are required under the provisions of this Act or any other law or any agreement:

Provided that with reference to any written authorisation, certification or registration certificate, while it shall not be prohibited that the resident agent take possession and hold the original for safekeeping, and for amendment or revisions by the Authority, it shall not be lawful for the innovative technology authorisation to be issued in the name of the resident agent, even if he is formally authorised for such purpose.

For the purposes of this article the term “innovative technology authorisation holder” shall be presumed to include also an applicant for such authorisation.

(2) The resident agent shall be deemed to have all the necessary powers to provide binding undertakings to the Authority on matters relating to the recognition by the Authority on behalf of the innovative technology authorisation holder and the Authority is authorised to act accordingly; provided that nothing in this Act shall imply any power of a resident agent to execute any document relating to an undertaking involving liability unless expressly authorised to do so in writing.

(3) The innovative technology authorisation holder may restrict any of the above powers of the resident agent:

Provided that where the innovative technology authorisation holder limits such powers he shall file with the Authority a declaration to that effect in the prescribed form and such limitation shall not have effect with regard to third parties until it is so filed and recorded in the Register held by the Authority with reference to innovative technology authorisations.

(4) Unless expressly prohibited from doing so in the terms of his own engagement, the resident agent may delegate and appoint in writing another person to act in specific matters on his behalf provided that in so doing the resident agent shall not be relinquishing the functions, powers and responsibilities conferred on him under this Part.

(5) The terms of engagement and the appointment or removal or resignation of a resident agent shall be recorded in the Register held by the Authority with reference to the innovative technology authorisations.

  1. (1) A resident agent may resign by giving at least fifteen days’ notice (or such other shorter period as the innovative technology authorisation holder or the Authority may consent to) in writing to the innovative technology authorisation holder and the Authority.

(2) The innovative technology authorisation holder may remove the resident agent by giving at least fifteen days’ notice (or such other shorter period as the Authority may consent to) in writing to the Authority.

(3) The Authority shall have the power to appoint, on a limited and temporary basis, a resident agent on behalf of the innovative technology authorisation holder in case of failure of the innovative technology authorisation holder to appoint such an agent and such resident agent shall seek to establish contact with the persons who have duties in relation to the governance of the innovative technology arrangement so they can appoint a resident agent of their choice:

Provided that in such case and that in sub-article (4), the appointee shall be an advocate with a valid warrant to practice law in Malta.

(4) Where the innovative technology authorisation holder is in default of his obligations under this Act, the Authority may, without prejudice to any other action that can be taken under this Act, apply to the Civil Court, First Hall for the appointment of a curator to act as resident agent until such time as another resident agent is validly appointed or the arrangement ceases to be certified.

  1. Every holder of an innovative technology authorisation shall pay to the Authority such fees on initial application and on renewal thereafter as may from time to time be prescribed.
  2. (1) The Minister may, acting on the advice of the Authority, make regulations to give effect to the provisions of this Act and to prescribe anything which may be prescribed in terms of this Act and to provide for any matter consequential, incidental to or connected therewith.

(2) Without prejudice to the generality of the foregoing the Minister may, on the advice of the Authority, by such regulations:

(a) further regulate certifications of innovative technology arrangements;

(b) further regulate registrations of innovative technology services providers, including the statement of what independence and other qualities, if any, are required for the carrying out of their functions and the definition of such terms;

(c) prescribe any forms relating to any of the applications and processes involved in certification and registration;

(d) prescribe any fees which may be applicable to applications;

(e)  insert and amend any definitions in this Act;

(f)  amend, substitute or revoke any of the Schedules;

(g) issue rules or guidelines in relation to the Register of recognitions kept under this Act;

(h) define the criteria for determining whether a holding is an indirect holding and, or for the purposes of determining whether a qualifying holding exists;

(i) define the criteria for determining whether the systems and security access protocols of applicants or authorisation holders, as applicable, meet or are maintained to the appropriate high international standards that may be established from time to time;

(j) further regulate resident agents and their functions and duties and prescribe how such functions are to be carried out keeping in view the functions and duties of a VFA agent under the Virtual Financial Assets Act, 2018, when such person is appointed under and for the purposes of such Act; and

(k) establish the circumstances in which any persons involved in connection with an authorisation holder, including any systems auditor or technical administrator, are obliged to communicate information to the Authority, prescribe regulations governing the disclosure by systems auditors or technical administrators of information and establish supervisory and disciplinary procedures for system auditors and technical administrators in respect of their duties.

(3) Regulations made under this article may be made subject to such exemptions or conditions as may be specified therein, may make different provision for different cases, circumstances or purposes and may give to the Authority such powers of adaptation of the regulations as may also be so specified.

(4) Where regulations have been made in terms of this article, the Authority may issue guidelines for the better carrying out and to better implement the provisions of the regulations.

Innovative Technology Arrangements

The following shall be considered to be innovative technology arrangements for the purposes of this Act:

  1. software and architectures which are used in designing and

delivering DLT which ordinarily, but not necessarily:

(a) uses a distributed, decentralized, shared and, or replicated ledger;

(b) may be public or private or hybrids thereof;

(c) is permissioned or permissionless or hybrids thereof;

(d) is immutable;

(e) is protected with cryptography;

(f) and
is auditable;

2.
smart contracts and related applications, including decentralised autonomous organisations, as well as other similar arrangements;

  1. any other innovative technology arrangement which may be designated by the Minister, on the recommendation of the Authority, by notice from time to time.

Innovative Technology Services

The following shall be considered to be innovative technology services for the purposes of this Act:

  1. the review services referred to in this Act with reference to innovative technology arrangements provided by system auditors;
  2. the technical administration services referred to in this Act with reference to innovative technology arrangements provided by technical administrators.

Term of Validity of Authorisations Certification of Innovative Technology Arrangements – 3 years

Registration of Systems Auditors – 2 years Registration of Technical Administrators – 3 years

For the purposes of article 8(4)(a), and without prejudice to the manner in which any other rules under other laws, including those relating to the prevention of money laundering, may operate:

(a) the term “shareholder” shall not include the owner of tokenised or other digital assets which may have entitlements such as ownership, voting or rights to participate in any form of income or capital with reference to the innovative technology arrangement unless the powers of such persons are material in relation to value or material in relation to decisions taken with reference to the said innovative technology arrangement;

(b) the term “material in relation to value” shall mean either a nominal value of more than ten thousand euro (€10,000) or the value of two per cent (2%) of the total number of tokens in issue, whichever is the lower in value; and

(c) the term “material in relation to decisions” shall mean the ability to vote on a proposal to amend the software or architecture of an innovative technology arrangement which can modify the rights of the holders thereof other than on inconsequential administrative aspects.

For the purpose of the said article 8(4)(a), the term “shareholder” shall include any holder of shares in a company, any partner in a partnership, any beneficiary under a foundation or any other member in a co-operative or association of persons who has a share in the capital or a share the profits of the legal organisation, and the same shall apply in relation to a token issued by a legal organisation with reference to a innovative technology arrangement, or to tokens generated by the technology arrangement itself.

 

 

If for any reason the shares or tokens are held by an intermediary then the tests in this Schedule shall be applied to the intermediary when he is a regulated person or to beneficial owners of the shares or tokens when the intermediary is not a regulated person.

A “regulated person” means a person authorised to act as a custodian, nominee or trustee under the applicable laws of Malta or the equivalent in any other recognised jurisdiction.

The Authority may issue specific guidelines on the interpretation and application of the provisions of this Schedule.

Objects and Reasons

The object of this Bill is to provide for the regulation of designated innovative technology arrangements referred to in the Bill, as well as of designated innovative technology services referred to in the Bill, and for the exercise by or on behalf of the Malta Digital Innovation Authority of regulatory functions with regard thereto.

RELATED POSTS

One thought on “Technology Arrangement and Services Bill

Comments are closed.