Matthew Agius Mamo, CEO of Diligex, appeals to business leaders to slow down so as to reconnect with the deeper mission of their organisations. By doing so they can get behind how and why risk management, trust and business ethics are central to this. This should lead us to answer questions of purpose around compliance and risk management.
This article was first published in the 2025 issue of the Malta Stock Exchange Business Review.
Compliance isn’t about ticking boxes, jumping through hoops or pleasing regulators – it’s about protecting people, preserving trust and reputation, enabling businesses to thrive sustainably. According to Matthew Agius Mamo of Diligex, when we reduce compliance to a bureaucratic chore, we miss its real purpose. When we reconnect with the why, we unlock its power to inspire, unite and elevate.
For Diligex, this means delivering peace of mind and greater efficiency, freeing up team members to focus on the business – what they know best – and allowing the technology, including AI, to do all the rest. “We are protecting people,” Mr Agius Mamo affirmed.
He went on to call for “a human-centric reset”, ensuring better communication across the organisation and going into the thinking of the policies staff members have to implement, the training required and the objective of the regulation, be it AML, DORA, ESG or anything else for that matter.
“Compliance is a strategic asset (that) safeguards reputation, market access and long-term value.”
Giving AML as an example, Mr Agius Mamo said: “We are not collecting a passport copy to please an authority, a compliance officer or an international body. The regulation that compels me to certify a document or to understand the source of funds for a transaction is there because there is a ‘why’ behind it.
“If compliance is to thrive, it must be understood and owned, not simply followed.”
“We are doing it to disrupt real criminal networks – trafficking, corruption, terrorism financing – that harm real victims. These aren’t distant problems. They may well be operating through structures just down the road. When teams understand that they are helping protect the system from exploitation, their work becomes meaningful – and stronger.”
The business case for compliance, according to Mr Mamo, is even more compelling: “Compliance is a strategic asset and the more a compliance culture is embedded in the organisation, the more it safeguards reputation, market access and long-term value.
“Risk management is not about avoiding risk altogether. It’s about knowing which risks are worth taking – and how to take them responsibly. We cannot simply dictate that a business unit must comply. We need to show them why it matters, how they benefit from it and how it aligns with their goals, values and future success.”
Moving on to AI, Mr Agius Mamo said: “Today there’s no discussion that these are tools for empowerment (and) enablement. Their role is to reduce duplication, highlight what matters and streamline the process – without replacing human judgment. Let’s not stack technology for technology’s sake. Let’s deploy it to sharpen focus, support better decisions, and make compliance smoother and smarter.”
Diligex ran a live interactive survey during the GRC and ESG Summit, organised by the Malta Stock Exchange, earlier this year to better understand what local professionals in compliance and risk are truly grappling with. The top two challenges, he said, were Pressures on compliance and risk (35%) and HR and talent shortages (30%), mirroring the global sentiment highlighted in the KPMG 2023 Chief Compliance Officer Survey.
“This reinforces the need for clarity, tools that enable – not overwhelm – and a renewed focus on purpose,” Mr Agius Mamo said. “If compliance is to thrive, it must be understood and owned, not simply followed.”
He went on to stress the need to ensure that, with all the compliance and risk management function is tasked to perform, we are not trying to solve things by overwhelming the system. By focusing on purpose, we need to make sure that compliance is there to help us thrive. “But it must be understood and owned across the board.”
As part of Diligex’s efforts to reconnect with the purpose of compliance, it organised a business breakfast earlier this year on the CSP framework update of Act X of 2025 with the participation of the MFSA and the FIAU. Another business breakfast with the Sanctions Monitoring Board is planned in Q4 of this year.
Along with its main offerings, the full suite of advisory services – AML100 – and its AML/CFT management platform, KYCMATIC, Diligex has continued to build on its strategic partnerships, including;
• Resolver by Aspida, a GRC platform solution backed with advisory, training and officer roles;
• an ongoing threat intelligence platform, in collaboration with Thomas Murray, backed by an advisory practice made of professionals with decades of experience in the field assisting and treating high level risks and threats globally; and
• Due Diligence with global intelligence leader Cedar Rose to equip decision-making and risk mitigation measures. Through the CRiS Intelligence Platform, clients can instantly access compliance data from over 230 jurisdictions and for over 400 million corporate entities through reliable sources consolidated at the tip of their fingers.
There are also two new offerings: Practice Management and a Counterparty Risk Management Platform. The first, Zygos, is a solution that can do billing, time keeping, AML, contract management and centralise all these tasks with a single tool at an affordable rate. The second covers relationships and aids in understanding the risk behind them consolidating efforts around AML, sanctions and cyber under one holistic monitoring tool.
“Compliance done right is a business advantage, an ethical foundation and a cultural asset. Let’s not forget that every rule we apply is a reflection of a principle,” Mr Agius Mamo said. “Every policy is a statement of values. Every process is a chance to do good – intentionally and intelligently.”
“When we reconnect with the why, compliance becomes more than a task – it becomes a shared purpose that protects, enables and empowers us all,” he concluded.
Access the article on the MSE Business Review here.
