The introduction of this Act continues to solidify Malta’s position as one of the world’s friendliest jurisdictions for a sector that has caused concern among other regulators. Through the Innovative Technology Arrangements and Services Act (ITAS), regulation will be provided for innovative technology arrangements (ITAs) and designated innovative technology services providers (ITSPs). It will also make reference to an official Authority emanating from the Malta Digital Innovation Authority Act, known as the Malta Digital Innovation Authority (MDIA), whose role is to function as a regulator.

The Authority will be handling any applications for innovative technology arrangements or services through the relevant prescribed forms issued by the same Authority, along with all documentation required. Once an applicant is recognised, he shall be bound to fulfil all the conditions prescribed both by the ITAS and the MDIA Act, along with any other relevant laws, unless expressly stated otherwise.

What are Innovative Technology Arrangements and Service Providers?

The Act defines the following as ITAs:

• Software and architectures which are used in designing and delivering DLT;
• Smart contracts and related applications, including decentralised autonomous organisations;
• Any other innovative technology arrangement which may be designated by the Minister, on the recommendation of the Authority.

On the other hand, ITSPs are defined as follows:

• Review services referred to in this Act provided by system auditors;
• Technical administration services referred to in the Act provided by technical administrators.

Principles Relating to Registration

The principles relating to registration found in the Act for ITAs and ITSPs are rather similar. For instance, the issue of a certain certification for one purpose shall not operate to serve as a certification for another purpose, nor shall it bar the issue of other certifications. Both certifications also require that upon registration, the applicant displays the certificate in a publicly accessible location to be viewed and understood by all potential users. Lastly is the impossibility to register a certificate if any of the circumstances in Article 29 MDIA arise.

Innovative Technology Arrangements

An Innovative Technology Arrangement may be certified for one or more of the specified purposes, these being:

1. Qualities;
2. Features;
3. Attributes;
4. Behaviours; and

When an innovative technology arrangement is held within a legal organisation, whether with legal personality or not, the certification is made in the name of the legal organisation.

It shall also carry out any obligations imposed upon it by applicable law, including those relating to the prevention of money laundering and the financing of terrorism, the protection of personal data, the respect of the rights of customers and other mandatory laws.

Innovative Technology Service Providers

Registration for the provision of services may be made in relation to persons, being individuals or legal organisations, whether having legal personality or not, and may be carried out:

• Personally;
• Through the resources of the organisation;
• Through delegates approved by the authority; or
• Through technology systems.

Points 2 and 3 require the individual who is approved to provide the services to also be named in the certification. When an ITSP has been constituted as a legal organisation, whether with legal personality or not, the registration shall be made in the name of the legal organisation, and where the service is carried out personally by such service provider, the registration shall be made in the name of the service provider himself.

Key Figures

The Act focuses on certain roles which are of the utmost importance for its functioning.

First off, the Registered Technical Administrator is to be in office at all times, and able to demonstrate to the Authority the ability of the ITA to satisfy:

• All pre-requisites for the certification;
• Its ability to meet standards on a continuing basis and to address critical matters;
• Able to intervene through in-built technology features in the event of:
  • A material cause of loss to any user; or
  • A material breach of law.

Second is the Systems Auditor, whose role is to confirm that ITAs meet reasonable standards with reference to:

• The aforementioned specific purposes;
• All authorisations or powers granted to the Authority, the technical administrator and the ITA itself, exist as stated and operate as intended;
• Compliance with any rules and regulations made under the Act and any guidelines issued by the Authority.

The Authority may require the auditor to conduct an audit on the characteristics of the ITA when its purposes or behaviours need to be considered holistically in view of its complexity.

Lastly is the Resident Agent, a habitual resident, whose role is to act on behalf of a person who is not resident in Malta and is applying for certification. A validly appointed resident agent is at all times necessary for a holder of an innovative technology authorisation.

The resident agent’s function is to act on behalf of the innovative technology authorisation holder, to:

• Sign and file any necessary documentation and forms required in terms of Maltese law;
• Act as the judicial representative in case of judicial proceedings in Malta;
• Apply for certification of an ITA or ITSP.

Periods of Validity

Any certification issued in favour of Innovative Technology Arrangements shall be valid for a period of 2 years. This period also applies to the registration of Systems Auditors and Technical Administrators.

For more information on Innovative Technology Arrangements and the Certification Mechanism, or if you have any questions, please feel free to contact Dr Ian Gauci on igauci@gtgadvocates.com and Dr Gabriel Fenech on gfenech@gtgadvocates.com.

Disclaimer: This article is not intended to impart legal advice and readers are asked to seek verification of statements made before acting on them.