MITA Annual Report 2024

01

CHAIRMAN’S STATEMENT

As we reflect on the achievements of the past year, it is with pride and gratitude that I acknowledge the dedication, efforts, and exceptional commitment of our employees. Your contributions have not only propelled MITA to new heights but have also ensured the delivery of excellence in our service to the public.

MITA’s progress in 2024 was marked by strong service delivery, positive client feedback, and a continued commitment to enhancing digital services for the Public Administration. The dedication of MITA’s employees ongoing investment in customer care and operational efficiency underpin the Agency’s achievements and reputation for excellence.

MITA has also strengthened its approach to cybersecurity and business continuity while maintaining a strong sense of social responsibility through various initiatives. Looking ahead, MITA aims to build on these successes to further support the Public Administration and make a meaningful impact on the community it serves.

Thank you for your commitment and exemplary service.

Tony Sultana

THE BOARD OF DIRECTORS

Chairman

As we reflect on 2024, it is clear that this year has been defined by remarkable service, collaboration, and resilience. The projects and initiatives undertaken by MITA are a testament to our commitment to driving digital transformation and strengthening Malta’s public sector infrastructure. Our role in implementing the digital wallet, AIdriven taxation, and cybersecurity, as well as our contribution to retaining leading e-government services, all reflect our dedication to operational excellence and forward-thinking governance.

Our commitment to support the public administration in aligning with European Union (EU) regulations and initiatives, be it the Single Digital Gateway (SDG), the European Blockchain Services Infrastructure (EBSI), or the implementation of the Interoperable Europe Act, demonstrates our resolve to position Malta as a leader in the digital landscape. Moreover, initiatives such as those forming part of the MyHealth and MySocialSecurity portals, along with the implementation of enhanced digital security, have empowered both citizens and businesses, ensuring trust and accessibility in public service delivery.

This report captures not only our progress but also the collaborative spirit and adaptability that drive our vision. As we move forward, we remain committed to agility and responsiveness, ensuring we deliver value to

CEO’S FOREWORD

our stakeholders.

As we reflect on the progress made in 2024, we are proud that MITA has made significant strides in enhancing service delivery to the public administration. During this year, we conducted a client survey with over 1,700 participants, which yielded a mean rating of 4.14 out of 5 for overall service delivery. Such positive feedback is a testament to our employees’ hard work and dedication.

In response to a more complex digital environment and rising cyber threats, MITA has remained steadfast in its mission to deliver robust and reliable services. The Agency is pursuing various key initiatives to enable the public administration to work more effectively and deliver stronger public services to citizens and businesses. Integrating AI into its solutions has enhanced its capabilities and introduced advanced technology to clients.

This report also highlights our good progress in achieving the goals set out in Strategy 2024–2026. We have continuously analysed feedback and implemented service improvements to meet the public administration’s evolving needs.

I would like to extend my heartfelt thanks to all MITA employees for their dedication, commitment, and support. Your contributions are invaluable in our ongoing efforts to provide client-centric digital services.

Emanuel Darmanin CEO

THE EXECUTIVE COMMITTEE

Priscilla Bugeja Head – eGovernment Services Department (EGSD

The EGSD enhances the digital government landscape by providing shared eGovernment services, web engineering platforms, document management and corporate solutions, as well as related consultancy services. This ensures the efficient, innovative, and seamless delivery of government services to both citizens and businesses.

Throughout 2024, the Executive Committee met regularly to guide the Agency in delivering projects and services that support the public administration in implementing and managing digital solutions for public service delivery. In collaboration with the MITA Board of Directors, the Executive Committee has taken measures to enhance and safeguard the Agency’s infrastructure and digital assets, using relevant technologies and tools to ensure service continuity and protection against cyber threats. The Agency has reached several milestones as a result of its collective efforts and shared responsibility towards achieving strategic goals.

Together, we will continue to work towards improved service delivery and benefits for the public administration.

Ivan Alessandro Chief Financial Officer – Finance & Contracts Department (FCD)

The FCD ensures the Agency’s long-term financial health, investing in intellectual property, technology and human resources. It maximises procurement value while complying with Public Procurement Regulations, promoting sustainable financial practices and efficient resource management.

DESD supports the client in areas such as Identity Management, including the creation of a Person Register and the Address Register. It provides consultancy and drives digital transformation services to support the client implement the Digital Europe Programme, focusing on areas such as Digital Identity, the Single Digital Gateway, Digital Wallet, amongst others.

Ian Bonello Head of Department – Service Management Department (SMD)

The SMD integrates advanced IT services management practices, monitoring operations, incident handling and ensuring seamless IT services. It is organized into units like the Service call Centre, Workstation Management, and Network Operations Centre, enhancing service delivery and stakeholder collaboration.

Jonathan Cassar

Chief Information Security Officer - Information Security and Governance Department (ISGD)

The ISGD oversees cybersecurity through six units, including the Security Operations Centre, Cyber Threat Intelligence, and Cyber Defence Operations, and is responsible for the National Cyber Security Coordination Centre.

Robert Galea Head – Infrastructure Services Department (ISD)

The ISD supports government IT needs by ensuring continuous system operations and overseeing new projects. It is organised into Platform Engineering Services, Network Engineering Services, and Technology Projects, facilitating collaboration and maintaining a robust IT infrastructure.

Keith Aquilina Chief Technology Officer

The Chief Technology Office (CTO) focuses on technology direction, enterprise architecture, and data governance, ensuring robust IT infrastructure and strategic innovation.

Jesmond Mizzi Head – Executive Office

The Head Executive Office supports the CEO in achieving the Agency’s strategic vision and operations, focusing on Human Resources, recruitment, staff management, and PR & Communications for effective information dissemination and stakeholder engagement.

Wayne Lee Valentine Head – Facilities Management Department

(FMD)

The FMD ensures efficient operation and maintenance of infrastructure, security, and logistics. It manages certification, corporate transport, housekeeping, front office, building services, infrastructure projects, and business continuity, promoting a green environment and supporting organisational efficiency and safety.

Pierre Vella Head – Programme Management Department (PMD)

PMD is dedicated to delivering top-tier digital services by leveraging innovative solutions and fostering close collaboration. This approach ensures modern, mission-critical systems that meet evolving government needs and high expectations, positioning PMD as a cohesive, forward-thinking team.

CELEBRATING EXCELLENCE AND TEAM SPIRIT

05.1 THE MITA AWARDS FOR EXCELLENCE

On Friday, 15 November 2024, MITA hosted the prestigious MITA Awards for Excellence at the Westin Dragonara Resort in St Julians. This annual event brought together the Board of Directors, the Executive Committee, all MITA employees, the Chief Information Officers (CIOs), and all their partners to celebrate outstanding achievements within the Agency.

The evening commenced with inspiring speeches from the MITA Chairman and Chief Executive Officer (CEO), followed by the presentation of several awards by the Chairman, Board of Directors, and CEO. Prior to the event, MITA employees had the opportunity to nominate their colleagues and teams for various awards. The final winners were determined through a voting process, where employees cast their votes for the nominees with the most nominations.

05.1.1 THE MITA VALUES AWARDS

The MITA Values Awards recognised six employees who exemplified MITA’s core values. The recipients of these awards were:

05.1.2 THE MITA TEAM AWARD

The MITA Team Award honoured the team that demonstrated exceptional teamwork. The winning team was the CloudFlare team, which included:

05.1.3 THE MITA ICT FELLOW AWARD

The prestigious MITA ICT Fellow Award was presented to the following individuals for their significant contributions to the field of ICT:

05.1.4 RECOGNITION FOR CONTRIBUTION AND TENURE

MITA also recognised employees for their long-term commitment and contributions to the Agency. The following individuals were honoured for their years of service:

25 YEARS RECOGNITION

05.1.5 THE MITA CHAIRMAN AWARD

The MITA Chairman Award was conferred to Owen Grixti and Richard Schembri in recognition of their outstanding contributions and long-standing service to the Agency.

30+ YEARS RECOGNITION

05.1.6 CONCLUSION

The MITA Awards for Excellence 2024 was a resounding success, showcasing our employees’ dedication, hard work, and exceptional talent. The event not only celebrated individual and team achievements but also reinforced the core values and collaborative spirit that drive the Agency forward. As we look ahead to the future, MITA remains committed to fostering a culture of excellence, innovation, and continuous improvement.

05.2 FOSTERING A CULTURE OF CAMARADERIE

Team building is crucial for fostering a collaborative and productive work environment. At MITA, we recognise the significance of strengthening relationships among employees and enhancing teamwork to achieve our organisational goals. In 2024, we organised 27 team-building events, which saw the participation of approximately 86% of our employees. These events were designed to encourage communication, trust, and cooperation among team members, ultimately leading to improved performance and job satisfaction. By engaging in various activities, employees had the opportunity to connect with colleagues to share experiences and develop a sense of camaraderie. The positive impact of these events was evident in the increased morale and motivation observed across the Agency. Team building helps build stronger teams, making resolving conflicts and breaking down barriers easier while promoting creativity and innovation by bringing diverse perspectives together. As we continue to invest in team-building initiatives, we are committed to nurturing a supportive and inclusive workplace where every employee feels valued and empowered to contribute to MITA’s success.

05.3 MITA’S PARTICIPATION AT PUBLIC SERVICE EXPO 24

MITA took part in the Public Service Expo 24, held from 15 to 19 May 2024 at MFCC, Ta’ Qali. The event showcased the services and achievements of Malta’s public administration to employees, students, and the wider community. At our stand, MITA demonstrated how network connectivity operates across government departments, using a replica cabinet to engage visitors and explain the Malta Government Network’s (MAGNET) role in government-wide IT infrastructure. MITA staff also provided information about e-government forms and the processes behind online service applications.

The Agency’s participation, in collaboration with other entities, emphasised its importance in Malta’s digital transformation and public service delivery. Notably, Principal Permanent Secretary Mr Tony Sultana launched the Malta GeoHub portal, developed by MITA and partners from various government authorities, to centralise and enhance stakeholders’ access to geospatial data.

MITA’S SERVICES SURVEY

In Q3 of 2024, MITA conducted a client survey to gauge perceptions of the Agency’s service delivery. This initiative formed part of our continuous improvement efforts, as client feedback is essential to delivering excellent services. The survey targeted both technical users and end users. Technical users utilise the various platforms and technology-related services offered by MITA, most of whom work in the offices of ministry CIOs and technical teams across the different government officially appointed bodies. On the other hand, end users are consumers of services used by public officers, such as government emails, the modern workplace, and laptop provisioning. Such services enable the use of digital tools on a day-to-day basis.

The response from over 1,700 participants was overwhelmingly positive, with a mean rating of 4.14 out of 5 for the overall service delivered by MITA. Such a positive perception is very encouraging and demonstrates the efforts made by the different service teams to ensure services remain in line with business needs, user expectations, and current technologies.

The participants were asked to rate the individual services that they use. All MITA services were highly rated, with the mean of each individual service ranging between 3.57 and 4.45 out of a maximum score of 5. Notwithstanding the very positive ratings, the internal committee responsible for service management analysed the respondents’ feedback and recommended service improvements that are currently being implemented by the respective service teams.

This initiative further highlights the Agency’s commitment to listening to our clients’ feedback and providing client-centric digital services to the public administration.

COMMITMENT TO SERVICE, COLLABORATION, AND FUTURE-READY SOLUTIONS

07.1 ENHANCING DATA QUALITY AND INTERGOVERNMENTAL DATA SHARING

The Government’s commitment to delivering high-quality services to its citizens is highlighted by its strategic focus on enhancing data quality and fostering intergovernmental data-sharing mechanisms. Recognising the paramount importance of accurate, accessible, and secure data, the Government has implemented comprehensive measures to fortify its data exchange platforms and solutions. A key component of these initiatives is the establishment of base registers, particularly the Person Register, as mandated by Legal Notice 439 of 2021 under the Re-Use of Public Sector Information Act. The register was developed and officially launched for government use in May 2024.

The Person Register serves as a fundamental component in enabling the standardised and efficient exchange of personal data across public sector entities and eAgents, with explicit authorisation of the data owner. Promoting interoperability and adherence to stringent data governance standards ensures the responsible handling of personal information while maintaining full compliance with the General Data Protection Regulation (GDPR). Furthermore, this initiative represents a significant milestone in the modernisation of the Common Database (CdB), leveraging cutting-edge technologies to enhance its functionality, security, and resilience.

Through seamless integration with modern digital systems, the Person Register strengthens datasharing capabilities and enables the practical implementation of the once-only principle. This principle minimises redundant administrative burdens on citizens and businesses by ensuring that public bodies can securely access and exchange necessary data without requiring repetitive submissions. Such an approach not only enhances operational efficiency but also reinforces transparency, trust, and regulatory adherence in public service delivery.

In essence, the Person Register exemplifies the Government’s unwavering commitment to innovationdriven governance, optimised citizen experiences, and continuous service delivery improvement through advanced data management strategies.

07.2

THE EUROPEAN DIGITAL WALLET

IN MALTA

In 2024, MITA signed an agreement with the Malta Digital Innovation Authority (MDIA) to provide technical consultancy services for the European Digital Wallet project in Malta. Our primary objective is to draft the technical specifications for procuring the wallet and its supporting solutions and infrastructures. This will be complemented by developing a prototype to verify the proposed architecture, helping to de-risk the procurement and consequently benefit the delivery time frames.

The European Digital Wallet is a groundbreaking initiative aimed at providing secure, reliable, and user-friendly digital identification for all citizens, residents, and businesses across Europe. This wallet will enable users to securely identify themselves when accessing public and private services, store and display digital documents like mobile driving licenses and education credentials, and even access cross-border electronic services offered by other EU member states. The transformational potential of this wallet lies in its ability to streamline access to digital services, enhance user experience, and ensure the protection of personal data, thereby fostering a more connected and efficient digital ecosystem in Europe.

MITA has been nominated to represent Malta in the newly formed technical subgroup of the European Digital Wallet Coordination Group. Additionally, we are supporting MDIA in the comitology meetings, where various implementing acts are being reviewed and approved.

Our involvement in this project underscores our commitment to advancing digital innovation and ensuring that Malta remains at the forefront of technological advancements in Europe. By contributing our expertise and resources, we aim to help create a secure and efficient digital identification system that will benefit all European citizens and businesses.

07.3 THE SINGLE DIGITAL GATEWAY – STEP 6 IN THE ACCELERATORMETER

One of our most significant achievements in 2024 was reaching the topmost spot (Step 6) on the SDG’s Acceleratormeter for Malta. The Acceleratormeter is a grading system for EU member states, maintained publicly by the European Commission, to show all member states’ status in terms of the SDG. The achieved milestone indicates that the infrastructure in Malta has reached the highest level of readiness for the Once-Only Technical System.

This achievement was the result of a highly successful participation in the Projectathon event in November. A group of exceptionally talented engineers from MITA clocked the highest number of test cases and performed mock live transactions with other member states using the demo service and evidence providers, built in collaboration with a leading education institution in Malta.

The Projectathon itself was a specialised marathon emphasising peer-to-peer interoperability and compliance testing within a structured framework. Its goal was to promote collaboration among member states and foster a positive environment. The tests ensured a comprehensive coverage of technical specifications while encouraging participation from as many member states as possible over the three-day event.

This success means that the Government can now look forward with confidence to the next steps of the project, which include the onboarding of service and evidence providers as per Annex II of Regulation EU 2018/1724. This achievement not only highlights the technical prowess and collaborative spirit of our team but also sets a benchmark for future endeavours. It underscores our commitment to excellence and our ability to lead in the digital transformation landscape.

07.4 THE IMPLEMENTATION OF THE EBSI NODE IN MALTA

The implementation of the EBSI Node in Malta in 2024 marked a significant milestone for the country, placing it among a select group of member states hosting this innovative infrastructure. The EBSI is a decentralised network designed to enhance cross-border public services within the EU by ensuring data integrity through blockchain technology. Each member state hosts one or more nodes, creating a robust infrastructure that promotes secure and transparent data sharing, streamlined administrative processes, and enhanced citizen engagement.

The Malta EBSI Node is hosted on the MITA Azure Cloud infrastructure, utilising distinct virtual machines for pilot, pre-production, and production environments. The EBSI operates on a mesh network topology, allowing multiple nodes to connect directly and dynamically with as many other nodes as possible. It employs a Proof of Authority (PoA) consensus mechanism, relying on the identity and reputation of a select group of validators vetted by the European Commission. This model offers significant advantages in terms of scalability, efficiency, and reduced energy consumption, despite the risk of centralisation.

The EBSI is a closed network, and any applications proposed by service providers must undergo rigorous quality assurance before gaining access. One of the most transformative services available on EBSI is the European Self-Sovereign Identity Framework (ESSIF), which empowers individuals to manage their own digital identities. The project has provided an excellent opportunity for Malta to implement unique infrastructure and develop new skills and knowledge, ensuring the country remains at the forefront of digital enabling services.

07.5 TRANSFORMING GOVERNMENT DOCUMENT MANAGEMENT: THE CEDMS PROJECT

The Corporate Electronic Document Management System (CeDMS) project has made significant strides since the tender was awarded in April 2024. This ambitious initiative aims to transform document management processes across government ministries and departments, enhancing efficiency and collaboration. The project caters for licenses covering up to 12,000 users and is being implemented in phases to ensure a smooth and effective rollout.

In July 2024, MITA signed a 10-year contract with the successful bidder for system delivery and support, alongside a back-to-back agreement with the Office of the Prime Minister (OPM), for MITA to operate the solution on the OPM’s behalf over the same period.

By August 2024, a dedicated project board approved both the project plan and the comprehensive solution architecture, laying the groundwork for the system’s implementation. The first phase involved deploying and configuring the solution on MITA’s Azure Cloud and providing technical training to 11 participants, equipping them with the knowledge required to perform provisional user acceptance testing (UAT) in late November. This critical testing phase ensured that the solution met the specifications and requirements outlined in the tender. By the third week of December, the testing was successfully completed.

These early efforts have set the stage for the next phase, which is the deployment of the CeDMS in two pilot ministries, these being the OPM and the Ministry for Transport, Infrastructure, and Public Works (MTIP). Implementing the project in phases ensures more effective project management and lays a strong foundation for successful solution implementation across government bodies.

ENHANCING SERVICE DELIVERY 08

08.1 CUSTOMER CARE TRAINING

In 2024, MITA invested in enhancing customer care awareness throughout the organisation. The initiative began with a thorough assessment of existing customer-focused policies and procedures, ensuring that the new guidelines are built on a solid and relevant foundation. To foster a customercentric culture, MITA articulated a client service charter and a corporate communications policy and procedure that aligned with its goals and values. The cornerstone of this initiative was a comprehensive customer care training programme designed for all employees. This programme was thoughtfully structured to include a blend of customised in-person training sessions delivered by expert trainers and engaging interactive online content. The training programme covered several key areas essential for effective customer service, including:

Effective communication skills: Employees learned how to communicate clearly and effectively with customers, ensuring their needs and concerns were understood and addressed.

Building positive relationships: Training emphasised the importance of fostering strong relationships with customers, encouraging loyalty and long-term engagement.

Empathy: Participants were trained to see things from the customer’s perspective, which helped them better understand their emotions and create a more responsive service.

Customer feedback and improvements: The training encouraged a proactive approach to gathering customer feedback and acting on it, fostering a culture of continuous improvement.

Dealing with different types of customers: Participants learned strategies for effectively engaging with a diverse range of customers, adapting their service approaches to meet varying needs and expectations.

This initiative was crucial for enhancing individual employee skills while simultaneously fostering a culture of outstanding customer care, ultimately leading to sustained improvements in customer satisfaction and loyalty.

In response to a survey on the training offered, 95% of the sampled employees reported being satisfied with it, 91% considered it relevant to their work, and 89% felt that they gained new knowledge from it.

08.2 THE FUTURE OF WORK: MITA EMBRACES DESKTOP AS A SERVICE

As organisations embrace digital transformation, the need for secure, flexible, and cost-effective computing solutions is growing. Desktop as a Service (DaaS) provides a cloud-based virtual desktop that can be accessed remotely, as an alternative to traditional desktops installed on the workstation.

MITA’s DaaS offers Windows 11 virtual desktops as a Software-as-a-Service (SaaS) solution, ensuring secure, resilient, and controlled access. Data remain protected in the cloud, minimising data loss risks from device faults or theft. Users experience a seamless, personalised Windows environment without the need for high-specification physical hardware. Two versions of this service are available: Windows 365 Frontline, ideal for shift workers, or Windows 365 Enterprise, ideal for knowledge workers.

Key benefits of DaaS include:

Security and data protection: Centralised cloud storage reduces data breach risks, with MITA’s enforced policies enhancing security.

Cost savings and efficiency: Thin clients replace costly desktops, lowering hardware and energy expenses while providing access to high-performance virtual desktops. On the backend, MITA is avoiding investing in expensive on-prem virtual desktop infrastructure hardware and support, as well as the ongoing effort required to operate and maintain such a solution.

Remote work and flexibility: Secure access from any location supports seamless transitions for mobile workers in the government, healthcare, security, and legal sectors while maintaining the security context of a MITA-secured and managed desktop.

Simplified IT management: Centralised administration allows quick provisioning, extends hardware lifespan, and reduces maintenance efforts.

Work on integrating Microsoft’s Azure virtual desktop infrastructure into the government’s IT ecosystem started in 2024. By the end of that year, the government’s DaaS was launched, making virtual desktops available to government CIOs across ministries, departments, and entities, marking a shift from traditional “fat” physical desktops to thin clients enabling access to cloud-based virtual desktops.

08.3 THE NETWORK OPERATIONS CENTRE

The Network Operations Centre (NOC) at MITA operates around the clock, ensuring continuous oversight of government services and promptly responding to any incidents. In the year 2024, the NOC managed an impressive total of 17,580 incidents. These were meticulously logged from over 300,000 monitoring tool alerts, with only 8.5% necessitating escalation to the main service teams for further assistance. Additionally, the NOC handled 6,200 after-hours telephone calls as part of Service Call Centre (SCC) operations, playing a crucial role in maintaining service availability. Their efforts contributed to an average uptime of 99.97% across 37 critical services tracked in the Daily Report, effectively minimising unplanned downtime.

As the gatekeepers of MITA’s Data Centres, the NOC team ensured the optimal operation of the three corporate Data Centres. They adeptly addressed various hosting requests and maintained the infrastructure in top condition. In preparation for AI-driven operations in 2025, the NOC actively gathered insights and hands-on experience with AIOps tools, laying the groundwork for future automation. Key automation initiatives in 2024 included automating the Daily Service Availability Report mechanism and implementing a new Backup Checking Tool to monitor 330 daily backup jobs automatically. These initiatives enhanced operational efficiency by automating various internal NOC processes.

Collaboration remained a key focus for the NOC, with team members actively supporting other departments by assisting with tasks arising from both existing and new services and taking on operational responsibilities, particularly after office hours. These efforts reflect the NOC’s ongoing commitment to operational excellence and the unwavering dedication to ensuring service availability.

08.4 EMAIL SERVICES

Throughout 2024, MITA continued to invest and work towards ensuring the maximisation of value for all consumers of the email service. Email and calendar remain among the most widely used services across government bodies, permitting around-the-clock communication at different times and places.

Various initiatives were performed throughout the year. These included planning and redesigning the on-premises email architecture, for which a preliminary market consultation was carried out to understand the market offerings at the time, followed by an invitation to tender for the eventual adjudication and subsequent refresh of the hardware. Notwithstanding this, 2024 was a remarkable year for MITA, as an important milestone, that of migrating email services to the cloud, gained exponential thrust. This involved moving a high percentage of mailboxes, a notable task that required extensive coordination, communication, testing, and collaboration.

Apart from various other initiatives in support of the services, such as researching signature management solutions and options for backing up cloud mailboxes, the Email team remained committed to day-to-day operations. These include acting as the subject-matter expert for email services across government bodies, which involves participating in various client initiatives related to email, supporting internal projects such as security solutions, and managing daily operations.

Throughout the year, over 230 million emails are estimated to have been delivered to government mailboxes, of which over 8 million were classified as spam.

08.5 THE CALL CENTRE

The Call Centre is the main interface between the Agency and the end-user. Therefore, an ongoing effort is being made towards ensuring the required service levels.

The Call Centre function is supported by a third party whose purpose is to handle all first-line support received via telephone. This requires ongoing management to ensure continual collaboration, quality checks, improvements, and operational communication.

While the telephone remains the primary, most sought-after channel, together with the Internal Systems Support team, the Call Centre has started working on implementing an automated chatbot to provide a faster channel for accommodating user demand.

In parallel, at a more strategic level, the Call Centre has embarked on various initiatives, including automating the handling of emails received, structuring leadership roles within the team, enhancing continuity with the outside-office-hours function enablers (the NOC team), developing tools for improved user management, and consolidating operational direction, among others.

The following figures present high-level statistics for the Call Centre through 2024:

Phone calls received (including third party): 52,839

Tickets logged (including third party): 55,728

Approximate number of emails received in the Call Centre’s mailbox: 200,000 (received) / 20,000 (sent).

Throughout the year, the Call Centre received over 93% positive feedback on tickets completed by the team.

INITIATIVES FUNDED THROUGH THE RECOVERY AND RESILIENCE FACILITY

Financed by the Recovery and Resilience Facility (RRF) under NextGeneration EU’s digital transition, MITA is driving forward a €16.7 million Digital Backbone programme. This initiative is focused on modernising and reinforcing core infrastructure to boost resilience, security, and service standardisation across government bodies through shared and “as-a-Service” components. The upgraded environment offers greater security and flexibility, supporting digital transformation and ensuring business continuity. In addition, new devices and tools are enabling proof-of-concepts for improved services, enhanced user experience, and advanced data analysis. User-identity verification is also being introduced to ensure that government services are delivered safely and efficiently.

A second RRF-funded investment of €5.8 million is supporting the Modern Digital Workplace programme, which builds on the Government Modern Workplace initiative by strengthening services, infrastructure, and licensing. Through this programme, MITA is piloting innovative technologies and software to extend the Modern Workplace platform, including replacing desktops with laptops equipped with modern tools for flexible working, collaboration, telephony, and communication.

In 2024, MITA completed three key Modern Digital Workplace projects: procuring laptops, securing Microsoft Teams licences, and implementing an online identity verification service. Work on the programmes will continue through 2025 and conclude in early 2026.

OUR COMMITMENT TO CYBERSECURITY

10.1 CYBER ROOT 2024: ADVANCING CYBERSECURITY THROUGH STRATEGIC COLLABORATION

The year 2024 saw the sixth edition of CYBER ROOT, reaffirming its position as Malta’s premier cybersecurity conference by driving thought leadership and industry engagement at the highest level. With over 450 attendees, the event brought together international experts, industry leaders, and policymakers for high-impact discussions and strategic networking.

CYBER ROOT 2024 focused on enhancing the cybersecurity resilience of the public sector’s supply chain through strategic public–private collaborations. Key discussions highlighted the importance of sustained investment in cybersecurity, fostering innovation while addressing emerging threats through cross-sector cooperation.

Building on its legacy of excellence, CYBER ROOT 2024 attracted high-calibre professionals from across the cybersecurity landscape. The event, once again, reached full capacity, reinforcing its status as Malta’s foremost cybersecurity forum.

The conference featured six distinguished international speakers from globally recognised institutions, including Moody’s, the European Commission, the BBC, and WIRED Magazine. They addressed critical topics such as decision-making during cyberattacks, enhancing collaboration, and strengthening defences on a limited budget. Discussions also explored the impact of AI advancements and the challenges they pose in an evolving geopolitical landscape, along with the crucial roles of communication, negotiation, and crisis management in cybersecurity.

Additionally, 15 expert panellists led in-depth discussions on public sector resilience, evolving cyber threats, and the role of strategic alliances in fortifying cybersecurity frameworks.

CYBER ROOT continues to serve as a vital platform for shaping the future of cybersecurity, fostering innovation, and driving actionable insights for both the public and private sectors.

10.2 MITA’S CYBER THREAT INTELLIGENCE COMMUNITY PROGRAMME

The MITA Cyber Threat Intelligence (CTI) community programme underscored the importance of collaboration in tackling cyber threats. Entities can no longer afford to operate in isolation, and this initiative provided a platform for government bodies, private enterprises, and international partners to share intelligence on emerging risks, vulnerabilities, and attack methods. This collective effort significantly bolstered cyber resilience across various sectors.

Establishing a CTI community enhances early threat detection by consolidating intelligence from multiple sources. This real-time insight allows organisations to take pre-emptive action, mitigating potential attacks before they escalate. Such an intelligence-led approach reduces response times and minimises possible damage.

Information sharing fosters collective defence. Cybercriminals often employ similar tactics across multiple targets within a sector. By learning from each other’s experiences through initiatives like the MITA CTI community, organisations strengthen their security postures, recognise attack patterns, and implement effective countermeasures.

Having a CTI community in place promotes cost efficiency. Cybersecurity requires substantial investment, but collaboration reduces duplication in research and threat analysis. Moreover, shared intelligence and best practices enable organisations to allocate resources more effectively.

Additionally, the programme helped cultivate trust and cooperation among stakeholders. Open dialogue between public and private sector entities, government agencies, and cybersecurity experts reinforces the overall security ecosystem.

The MITA CTI community played a crucial role in safeguarding Malta’s cyberspace. Its legacy offers a strong foundation for future cybersecurity initiatives. Ongoing investment in intelligence sharing, advanced detection techniques, and cross-sector collaboration is vital in addressing evolving threats. By strengthening international partnerships and embracing cutting-edge technologies, Malta can maintain its cybersecurity resilience in the years ahead.

ISO AND BUSINESS CONTINUITY

MITA began its ISO certification journey in 1998, initially pursuing ISO 9001 (Quality Management), obtaining organisation-wide certification in 2003. Since then, a strategic ISO certification roadmap was developed, with the ultimate goal of achieving certifications in ISO 27001 (Information Security), ISO 14001 (Environmental), ISO 22301 (Business Continuity), and other relevant ISO standards.

Currently, MITA is enhancing its management system to comply with the 2022 version of ISO 27001. A key change in this version is the heightened focus on business continuity and resilience, particularly the introduction of a control for ICT readiness, emphasising proactive risk management and the capacity to recover from disruptions.

This update, along with the EU’s recent directives (in particular the Network and Information Security Directive 2 [NIS2] and the Critical Entities Resilience Directive [CER]), aims to bolster business continuity and resilience across sectors, emphasising the increasing importance of MITA being certified under ISO 22301.

In 2024, MITA reinforced its commitment to implementing a business continuity management system (BCMS) with a top-down approach to establish and maintain effective continuity practices. This initiative aligns with local and EU legislative frameworks, ISO 22301 standards, and industry best practices.

Key milestones include:

developing and approving the business continuity policy in line with ISO 22301; conducting a business impact analysis, which identified 37 prioritised activities; carrying out a corporate risk assessment;

the ongoing drafting and onboarding of business continuity plans; and officially launching the BCMS and the Business Continuity Portal.

Work will continue into 2025 to ensure the effective implementation of the BCMS. The focus will be on finalising key components, conducting thorough testing, and ensuring all necessary documentation is in place. The goal is to achieve full certification, ensuring MITA’s BCMS meets the requirements of ISO 22301.

ICT SUMMER TRAINEESHIP SCHEME

The ICT Summer Traineeship Scheme is an annual, government-funded initiative managed by MITA in conjunction with the Institute for the Public Services (IPS), which aims to provide practical summer work placements to students studying ICT subjects. Placements are offered in public administration, state schools, and non-governmental organisations (NGOs), helping to bridge the skills gap in Malta’s ICT sector.

Each year, the Government covers student salaries for up to 300 hours of work over 10 weeks. The programme’s main goal is to give students hands-on experience, allowing them to apply classroom knowledge, observe industry professionals, develop additional skills, and connect with potential employers through mentoring.

Having run the programme for over a decade, MITA sees it as essential in nurturing future ICT professionals. Each summer, the scheme supports students aspiring to roles such as software developers, call centre agents, security analysts, and technical services officers, contributing to the ongoing growth of Malta’s ICT industry.

Students eligible for the traineeship must be enrolled in ICT-related courses at the post-secondary level. In 2024, around 350 students were accepted to participate in the scheme.

MITA CARES

A new MITA Cares Committee was elected in 2024. The renewed Committee immediately regrouped and started working to ensure MITA’s corporate social responsibility deliverables were maintained and improved, in line with its statute.

The Committee’s main initiatives include supporting three major television fundraisers, organising blood donation drives, creating initiatives for children residing in homes, providing financial support to various organisations, offering food collection and donation, hosting internal social activities (fundraisers), running awareness campaigns, arranging well-being information sessions, and more.

All support provided, financial transactions, and Committee decisions are recorded for transparency and visibility purposes.

Working entirely on internally raised funds, the Committee has collaborated with a large number of NGOs and voluntary organisations to assist in their venture through different means. In 2024, MITA Cares supported various entities, including Puttinu Cares, ALS Malta, the Malta Community Chest Fund, Caritas, the Karl Vella Foundation, the Malta Foundation for the Wellbeing of Society, the Malta Trust Foundation, and the St Jeanne Antide Foundation, among others.

In the same year, the Committee was awarded the Inspiring Social Responsibility Award as part of the Public Service Awards.

From a financial perspective, the Committee started the year with a balance of €11,073.35. Throughout the year, it raised €17,293.40. The outgoing figure for 2024 amounted to €24,474.20.

FINANCIAL STATEMENTS

BOARD MEMBERS’ REPORT

Board Members Mr Tony Sultana - Chairman

Mr Joseph Noel Agius

Ing. Saviour Baldacchino

Mr Anthony Borg

Dr Helen Borg Muscat

Ms Rossana Piscopo (resigned on 18 July 2024)

Board Secretary Mr Brian Micallef

Registered Address Gattard House

National Road

Blata I-Bajda HMR 9010

Malta

The board members of the Agency present their annual report and the audited financial statements for the year ended 31 December 2024.

Overview

Malta Information Technology Agency (MITA) is the public entity vested with the responsibility to provide ICT infrastructure, systems, and services to the Government that leverage a modern digital ecosystem and contribute towards the definition and execution of the Government’s digital strategies that sustain a modern digital economy.

MITA, through the direction of the Office of the Prime Minister, collaborates with the Office of the Principal Permanent Secretary and Ministry CIOs to attain its mandated strategies and assigned projects.

The Agency is dedicated in assisting the Government in transforming technological innovations into real business solutions. Its unique approach combines an innovative array of ICT and project management services with focused delivery capabilities using tried and tested methodologies to help fulfil the Government’s strategies and projects and maximise the benefits of investment in technology.

ICT Services to Government

Throughout 2024, the provision of ICT Services to Government, detailed by means of contractual agreements between MITA and the Office of the Prime Minister, as well as specifically with the various Government Ministries and Entities, continued to provide the basis for the provision of the core ICT infrastructure to Government.

14.1 PROGRAMMES, PROJECTS & SERVICES

The delivery of specific projects and services provided a significant portion of the Agency’s business during the year. These included:

Digital Wallet

MITA partnered with MDIA to provide technical consultancy for Malta’s European Digital Wallet, drafting specifications and creating a prototype to validate the architecture. MITA also represents Malta in the European Digital Wallet Coordination Group and supports MDIA in Comitology meetings for approving Implementing Acts.

Single Digital Gateway

Malta achieved the highest preparedness level for the Single Digital Gateway through MITA’s team’s successful participation in the Projectathon event. Engineers completed the most test cases and mock transactions with Slovenia, utilising demo services built collaboratively with a local institution, showcasing excellence in infrastructure development for the Once-Only Technical System.

European Blockchain Service Infrastructure

Malta, through MITA’s effort, implemented the European Blockchain Service Infrastructure (EBSI) Node across staging, pre-production, and production environments. This decentralised blockchain network enhances cross-border public services, ensuring data integrity, transparency, and citizen engagement. The project provided a unique opportunity to develop infrastructure, skills, and knowledge, promoting innovation in public service delivery.

Person Register

The Person Register was launched at Public Service EXPO 2024, with plans for wider implementation across Ministries and integration with relying parties. Progress on the Address Register includes a proposed ESRI-enabled solution presented to the Electoral Office, with ESRI drafting technical specifications for the project.

EU eGovernment Benchmark

The annual EU eGovernment Benchmark assesses the digital maturity and transformation of public services across European Member States. This exercise complements ongoing improvements in Government online services for Maltese and cross-border citizens and businesses, which is reflected in Malta’s consistent top ranking, scoring 97% in 2024, 21% above the EU average.

ERP Reporting & Automation Enhancements

MITA enhanced ERP reporting by integrating SharePoint Online with Power Bl, thus improving data accessibility and security. Key developments include migrating reports to production, automating notifications via Power Automate, refining critical reports, and implementing data validation reports. Additionally, security roles and permissions were optimised to ensure efficient and secure report management.

PROMPT

The Agency developed a project monitoring platform (PROMPT) that is a scalable digital solution designed for the Office of the Prime Minister to monitor national budget measures and evaluate ongoing progress. It provides tools, workflows, and reports to automate this process, as well as integration with other systems.

Notifications two-way communication

The Notifications platform was enhanced to facilitate two-way SMS conversations between Government entities and citizens through the feature called Conversations. This feature enables Government entities to engage in real-time chats with citizens by sending and receiving text messages. Consequently, citizens can conveniently reschedule appointments via text and receive automated responses, enhancing interaction and service delivery.

Health Programme

MITA maintains the myHealth portal, which saw significant advancements in 2024. Key features introduced include a Personal Health Journal, Patient Summaries, Clinical Notes, and more, enhancing patient care and healthcare continuity. The portal’s user base grew significantly, reaching over 346,000 users by the end of 2024, showcasing the success of its continuous upgrades and migration to the cloud.

VISA Programme

The National VISA system was upgraded to meet EU Entry Exit System (EES) standards, passing EU tests and enabling Malta to commence operations. This upgrade supports the Schengen zone’s EES implementation, facilitating data sharing on third-country nationals and maintaining detailed traveller records for enhanced border management.

Funding ecosystems

In 2024, key advancements in the funding ecosystem included modernising the Funding Entities system, launching a welcome portal and Financial Identification Form, and re-engineering the payment module for Central Bank alignment. Additionally, a new Enablina Conditions module and unified Technical Assistance streamlined compliance and improved operational efficiency.

Tax and Customs Administration Solutions

In 2024, MITA continued with the modernisation, implementation of enhancements, and operational support on the following domains in the Taxation area, including Individual Tax Return, Company Tax Return, VAT, Property Tax (Capital Gains and Stamp Duty), International Exchange (OCED, CRS, FATCA and the various DACs), Data Providers, Horizontal, Automation, and AI.

In the area of Customs, MITA was involved in preparing for the upgrade and alignment of Malta’s national Import and Export declaration systems to ensure full compliance with the Union Customs Code (UCC) and the European Union Customs Data Model (EUCDM). The goal was to modernize and harmonize the systems with EU-wide customs requirements, enhancing interoperability, data accuracy, and legal compliance.

AI in Taxation

In 2024, MITA collaborated with MTCA to implement AI in taxation as part of the “Delivering Transformation Strategic Plan 2023-2025.” This initiative improved non-compliance detection, taxpayer interventions, and audits across VAT, income tax, customs, and sanctions lists, supported by advanced infrastructure and data integration.

Social Security Programme

Key updates to Social Security included budget measures like pension and allowance increases, €500 student grants, and COLA bonuses for service pensioners. MySocialSecurity introduced simplified repayment for overpayments and a Life Certificates service, alongside major system migrations ensuring benefit delivery and ongoing modernisation efforts.

Cybersecurity Lab

Through its ongoing collaborations, particularly with academic institutions, the MITA-NCC has played a key role in launching a Master’s program in Cybersecurity at the University of Malta. Additionally, it has invested in establishing a state-of-the-art cybersecurity lab, providing invaluable resources for research and learning, and ensuring that, by the end of the course, the students will be industry-ready.

National Cybersecurity Challenge 2024

The National Cybersecurity Challenge, held in May 2024, aimed to identify local cybersecurity talent and promote information security among youth. Participants completed individually in a Jeopardystyle format, solving diverse challenges. Top performers received exclusive training sessions from international professionals, fostering education, skill development, and a competitive spirit in the cybersecurity domain.

Web Application and API DDoS Protection solution

In 2024, a Web Application and API DDoS Protection solution was introduced to counter the growing sophistication of cyber attacks, which rose significantly globally. This measure strengthens defenses for Government web applications, ensuring resilience against threats while maintaining security and operational continuity.

DDoS Protection Solution for Networks

In 2024, an advanced DDoS Protection solution for Networks was implemented to counter the rising sophistication and volume of network-based attacks, which had increased b y 120%. This initiative reinforced cybersecurity, safeguarding the Government’s digital infrastructure and ensuring uninterrupted service provisioning amid a rapidly evolving threat landscape.

Interoperable Europe Act

The interoperable Europe Act aims to enhance public sector interoperability by harmonising processes, improving IT infrastructure, and facilitating seamless information exchange. MITA, as the national authority, collaborates with EU bodies to implement enterprise architecture, focusing on data governance, cost efficiency, and compliance for better services across EU administrations and citizens.

Cloud Services Policy & Generative AI Tools Policy

MITA introduced two key policies for the Public Administration: the Cloud Services Policy, promoting secure EU/EEA cloud services, and the Generative AI Tools Policy, ensuring ethical AI use. Both prioritise data security, accountability, and responsible innovation, supporting government operations through compliance, transparency, and resilience measures.

Digital Public Certificates Management

In 2024, MITA streamlined digital public certificate management by reengineering the entire process and introducing a self-service portal. Users can now easily request, renew, and revoke certificates online, reducing manual processes and enhancing efficiency through automated notifications, creating value for both MITA and clients.

Self-service for Automation

A new service was launched by MITA - Self-service for Automation. This innovative service enables internal clients to automate their processes effortlessly without requiring complex coding, as the service performs the task seamlessly. Key features include Azure integration for single sign-on, granular access control, dynamic job forms, extensive logging, and seamless integration with various automation tools, enhancing operational efficiency and user experience.

Core Data Centre Firewall Tech Refresh

MITA revamped the firewall infrastructure in its Data Centres by introducing four new firewall clusters over a ten-month period. This project enhanced security, scalability, and redundancy, ensuring robust protection and efficient operations for the years ahead.

MITA Offices Wired and Wireless LAN Upgrade

MITA upgraded office LAN switches and wireless equipment nearing end-of-life. Enhanced security features, improved functionality, and faster speeds were introduced at the Head Office, Data Centre, and Gozo Office. The refresh, spanning several months, ensured minimal disruption while significantly improving network reliability and operational efficiency.

MITA Client Service Charter

MITA introduced a Client Service Charter to improve service quality, guided by principles of responsiveness, quality, professionalism, and empathy, aligning with Public Service standards to enhance user and client experiences.

RFS system

MITA’s 2024 innovations included automating 418 daily RFS requests, reducing manual effort by over two FTEs. Key services included user account management, access provisioning, and system integration. The RFS system enhanced efficiency, enabled real-time reporting, and automated complex processes like mailbox migrations, significantly improving service quality and reducing delays for government users.

Change Management

Change Management oversees IT system changes, ensuring minimal risk and disruption. In 2024, it handled 14,826 total changes, including 760 normal, 50 urgent, 13,978 standard, and 38 emergency requests. Additionally, 30 CAB meetings ensured smooth coordination, particularly during critical periods like elections, improving service alignment and operational reliability.

Fuel Storage System

The implementation of a fuel storage system at the MITA Data Centre involves the removal of old tanks and the installation of upgraded ones, ensuring full compliance with safety and environmental regulations. The project includes the decommissioning phase of the old tanks and the implementation of the new tanks. This initiative is designed to enhance operational efficiency and provide a dependable fuel supply for MITA’s crucial infrastructure.

Fire Suppression System

The fire suppression system installation at Mater Dei Data Centre was completed successfully. It includes a panel, detectors, alarms, interface units, piping, and extinguishing cylinders. The project finished in 21 working days with minimal impact on MITA’s operations, enhancing safety and efficiency, and reinforcing our commitment to high safety standards and operational excellence.

Supply and Installation of Fiber Optic Cables

The project is designed to enhance connectivity between the MITA Data Centre at Santa Venera and the Data Centre at Mater Dei Hospital by supplying and installing fiber optic cables. This initiative will bolster the data transmission infrastructure, ensuring reliable and efficient communication between these two critical locations.

CORPORATE GOVERNANCE

Enterprise Risk Management

The Enterprise Risk Management (ERM) function is responsible for the governance of MITA’s ERM Framework, ensuring it is in line with the requirements of the international standards that MITA is certified against. It encourages risk identification and management via the Risk Register System (RRS) and holds regular ERM Committee meetings to review critical risks. In 2024, the Third-Party Risk Management policy was introduced, alongside awareness sessions, to assess MITA third-party engagements. Regular induction sessions also familiarize new employees with risk management practices and with the ERM framework.

Internal Audit Office (IAO)

The Internal Audit Office (IAO) plays a crucial role in enhancing corporate governance by ensuring independent evaluations of the Agency’s controls. With the adoption of mandatory Global Internal Audit Standards by the International Internal Audit Standards Board, the IAO is set to implement these standards by January 2025. Reporting to the Board Audit Committee, the IAO develops a Risk-based Audit Plan to monitor key risks and improve internal controls. Adhering to ethical principles, the IAO collaborates with external entities to support risk management and internal audit functions, fostering a disciplined approach to governance.

14.2 FINANCIAL REVIEW

The overall financial performance of the Agency for 2024 shows a net surplus before tax of €1, 162,111 (2023: €748,718). Revenue from the provision of projects and ICT services to Government reached €53,932,729 (2023: €47,762,045), up by 13% from 2023 results.

14.3 STATEMENT OF BOARD MEMBERS’ RESPONSIBILITIES FOR THE FINANCIAL STATEMENTS

The Agency’s statute requires the board members to prepare financial statements for each financial year which give a true and fair view of the state of the affairs and profit or loss of the Agency for that year, in accordance with the requirements of International Financial Reporting Standards as adopted by the European Union.

In preparing these, the board members are responsible for: adopting the going concern basis unless it is inappropriate to presume that the Agency will continue in business as going concern; selecting suitable accounting policies and applying them consistently; making judgements and estimates that are reasonable and prudent; accounting for income and charges relating to the accounting period on the accrual basis; valuing separately the components of asset and liability items; and reporting comparative figures corresponding to those of the preceding accounting period.

The board members are responsible for keeping proper accounting records which disclose with reasonable accuracy, at any time, the financial position of the Agency. They are also responsible for safeguarding the assets of the Agency and hence for taking reasonable steps for the prevention and detection of fraud and other irregularities.

Auditors

RSM Malta, have expressed their willingness to continue in office and a resolution for their reappointment will be proposed at the Board Meeting.

This report was approved and authorised for issue by the Board Members on 28 August 2025, and signed on their behalf by:

Mr Tony Sultana Chairman

Mr Anthony Borg Board

Member

14.4 INDEPENDENT AUDITOR’S REPORT

To the Members of Malta Information Technology Agency

Report on the Audit of the Financial Statements

Opinion

We have audited the accompanying financial statements of Malta Information Technology Agency (“the Agency”), set out on pages 11 to 36, which comprise the statement of financial position as at 31 December 2024, the statement of profit or loss and other comprehensive income, statement of changes in accumulated fund and statement of cash flows for the year then ended, and notes to the financial statements, including a summary of material accounting policy information.

In our opinion, the financial statements give a true and fair view of the financial position of the Agency as at 31 December 2024, and of its financial performance and its cash flows for the year then ended in accordance with International Financial Reporting Standards (IFRS Accounting Standards) as adopted by the European Union (EU).

Basis for Opinion

We conducted our audit in accordance with International Standards on Auditing (ISAs). Our responsibilities under those standards are further described in the Auditor’s Responsibilities for the Audit of the Financial Statements section of our report. We are independent of the Agency in accordance with the ethical requirements of both the International Ethics Standards Board for Accountants’ International Code of Ethics for Professional Accountants (including International Independence Standards) (IESBA Code) and the Accountancy Profession (Code of Ethics for Warrant Holders) Directive issued in terms of the Accountancy Profession Act (Cap. 281) in Malta that are relevant to our audit of the financial statements, and we have fulfilled our other ethical responsibilities in accordance with the IESBA Code and the Code of Ethics for Warrant Holders in Malta. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion.

Other Information

The board members are responsible for the other information. The other information comprises the board members’ report, but does not include the financial statements and our auditor’s report thereon. Our opinion on the financial statements does not cover the other information, and we do not express any form of assurance conclusion thereon.

In connection with our audit of the financial statements, our responsibility is to read the other information identified above and, in doing so, consider whether the other information is materially inconsistent with the financial statements or our knowledge obtained in the audit, or otherwise appears to be materially misstated. If, based on the work we have performed on the other information that we have obtained prior to the date of this auditor’s report, we conclude that there is a material misstatement of this other information, we are required to report that fact. We have nothing to report in this regard.

Responsibilities of the Board Members for the Financial Statements

The board members are responsible for the preparation of financial statements that give a true and fair view in accordance with IFRS Accounting Standards as adopted by the EU, and for such internal control as the board members determine is necessary to enable the preparation of financial statements that are free from material misstatement, whether due to fraud or error. In preparing the financial statements, the board members are responsible for assessing the Agency’s ability to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of accounting unless the board members either intend to liquidate the Agency or to cease operations, or have no realistic alternative but to do so.

The board members are responsible for overseeing the Agency’s financial reporting process.

Auditor’s Responsibilities for the Audit of the Financial Statements

Our objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditor’s report that includes our opinion. Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with ISAs will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these financial statements.

As part of an audit in accordance with ISAs, we exercise professional judgement and maintain professional scepticism throughout the audit. We also:

Identify and assess the risks of material misstatement of the financial statements, whether due to fraud or error, design and perform audit procedures responsive to those risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for our opinion. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal control.

Obtain an understanding of internal control relevant to the audit in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the Agency’s internal control.

Evaluate the appropriateness of accounting policies used and the reasonableness of accounting estimates and related disclosures made by the board members.

Conclude on the appropriateness of the board members’ use of the going concern basis of accounting and, based on the audit evidence obtained, whether a material uncertainty exists related to events or conditions that may cast significant doubt on the Agency’s ability to continue as a going concern. If we conclude that a material uncertainty exists, we are required to draw attention in our auditor’s report to the related disclosures in the financial statements or, if such disclosures are inadequate, to modify our opinion. Our conclusions are based on the audit evidence obtained up to the date of our auditor’s report. However, future events or conditions may cause the Agency to cease to continue as a going concern.

Evaluate the overall presentation, structure and content of the financial statements, including the disclosures, and whether the financial statements represent the underlying transactions and events in a manner that achieves fair presentation.

We communicate with the board members regarding, among other matters, the planned scope and timing of the audit and significant audit findings, including any significant deficiencies in internal control that we identify during our audit.

This copy of the audit report has been signed by

Conrad Borg (Principal) for and on behalf of

RSM Malta

Registered Auditors 28 August 2025

14.5 STATEMENT OF PROFIT OR LOSS AND OTHER COMPREHENSIVE INCOME FOR THE YEAR ENDED 31 DECEMBER

14.6 STATEMENT OF FINANCIAL POSITION

OF FINANCIAL POSITION - CONTINUED AS AT 31 DECEMBER

Mr Tony Sultana Chairman Mr Anthony Borg Board Member