X

Home breadcrumb-separator FAQ

Please transfer all your funds from your Ferratum mobile bank account to another bank account by 22 June 2020 at the latest. You can also download your bank statements from the mobile app.

Note that from 22 June 2020 onwards, future dated payments from your account will not be made and any incoming transfers to your account will be returned to the sender’s bank.

Your Ferratum debit card will stop working on the 1 June 2020. Before this, you can use your card normally. After this date, you can destroy it by cutting it in half.

You can transfer your money by logging into your account using a mobile app.

Note that from 22 June 2020 onwards, future dated payments from your account will not be made and any incoming transfers to your account will be returned to the sender’s bank.

You should transfer all savings to another bank account by 22 June 2020. If your savings account or fixed term deposit will terminate earlier than the agreed term, it will be considered as matured and the accrued interest will be paid to you. The savings account interest will be calculated based on your account balance on 1 June 2020.

What is a TIN?

A TIN is your unique Tax Identification Number.

Where can I find my TIN?

You can find your TIN on your tax reports, payslip or on ID document. Your TIN is provided to you by your national tax authority.

Why I need to provide my TIN number?

Governments around the world are adopting a new Automatic Exchange of Information (AEoI) standard between tax authorities in certain countries. This legislation is known as the Common Reporting Standard (CRS) and is viewed a worldwide tool to fight against tax evasion. To date, more than 100 countries, including Malta, have committed to adopting the CRS. As a Maltese bank, Multitude Bank, like all European banks, is obligated to report to tax authorities under this reporting standard.

To comply with the CRS, participating jurisdictions must obtain certain customer information from their Financial Institutions and exchange the information on an annual basis with other participating jurisdictions. This information is required to evaluate customers´ tax statuses in other countries, under the CRS framework.

The TIN number informs us whether a customer may be tax liable in a country participating in CRS.

What information of mine is shared with tax authorities?

Under the CRS, Multitude Bank is required to identify customers who are a tax resident in one country but has financial accounts held in another country for inter-jurisdiction reporting purposes.

To do this, we need to collect and report certain information on the ‘reportable person’ and their financial account(s) to the local tax authorities. We can collect TIN after the onboarding, however it is compulsory information customers have to deliver.

Do you apply withholding tax on interest generated with my savings account?

Currently, we do not withhold any taxes from your saving accounts or fixed term deposit accounts.

Do I need to pay local authorities at the time of my declaration of income?

Depending on your country of residence, you may be required to inform your local tax authorities about interests generated from your Multitude Bank accounts.

Please note, Multitude Bank is unable to provide customers with advice concerning taxation matters. To check your taxation obligations, please consult a tax consultant.

How secure is your Mobile Banking service?

We’re committed to providing you with a secure Mobile Banking experience. We use industry-accepted security practices to safeguard your personal financial information, and we’re constantly assessing our website and mobile app security.

We use a multi-layered security approach (defence-in-depth) to protect all personal data including security controls at the network level (firewalls, intrusion detection services, and network segregation), operating system level (operating systems are patched and kept up-to-date, systems are hardened to reduce vulnerability exposure), and database level (data access is restricted and the principle of least privilege is applied).

How is the communication with your Mobile service secured?

Communication between your computer/phone and the Mobile Banking service is encrypted using a secure Extended Validation (EV) SSL/TLS connection (using 256-bit AES and 2048-bit RSA).

All our servers are monitored by our internal security team and periodically audited by reputable security providers to ensure that any identified risks are dealt with immediately.

How secure is your Mobile Banking server infrastructure?

Our server infrastructure is hosted with an ISO27001-certified reputable third-party co-location provider and access to this infrastructure (e.g. application servers, database servers, networking equipment) is tightly controlled to ensure that access is only granted on a need-to-know basis and separation-of-privilege is implemented. Our server infrastructure is protected by industry-grade firewall services and intrusion detection services to detect and identify any potential intruders and incoming attack attempts.

We back up regularly and these backups are securely stored and protected. All systems accessing your data are also adequately protected using end-point security controls (e.g. anti-virus/malware, firewall, etc.).

What security measures protect my user account?

To access the SweepBank app, you will need to choose a 6-digit PIN Code for each mobile device. Each PIN Code is linked to that specific device for increased security. Your PIN isn’t saved on our servers or on your device.

Which devices are supported?

The SweepBank app is available for both iOS and Android via the App Store and Google Play.

The minimum versions currently supported are:

  • iOS 9.0
  • Android 5.0

Please note the app is not supported on tablet devices

How secure are my accounts and transactions?

The SweepBank app services provide end-to-end encryption to secure transactions while in transit. Your user accountis also protected with a device PIN Code for the App. This PIN code e is known only to you, and only you can access your account and authorise payments. A second level of authentication is required to sign transactions and/or instructions before they are submitted to the Bank.

What can I do to protect my information when using the SweepBank App?

  • If you haven’t already, make sure your device is protected with a PIN or password – this gives you an additional security layer in case your device falls into the wrong hands.
  • Log out of your SweepBank app session via the ‘Logout’ menu option when you’re finished.
  • Don’t share your device PIN Code with anyone, and don’t write it down anywhere.
  • Make sure nobody is watching when you enter your PIN Code.
  • If you think someone may know your PIN Code, change it immediately:
    • Use the ‘Change PIN’ option in the ‘My Card’ option of the SweepBank App menu, or
    • Call Customer Support and request your device to be unlinked.
  • Don’t log into your account on anyone else’s device.

Will customer service ever ask me to provide my Access Code or PIN Code?

No – our Customer Support team will never ask you for your SweepBank app PIN. You should never give that information to anyone – including us!

Can I send payment instructions via email?

No. Email is not a secure channel and, therefore, you should never use it to send payment instructions.

Are my account details stored on my device?

No. SweepBank does not store any account details or customer data on your device or within the App.

When you log in, a secure encrypted connection is made to our servers and your data is downloaded to your App. When you log out, this data is automatically wiped from your version of the App and your device. That’s why it’s important to log out when you’re finished – your log in will timeout eventually, but it’s best to be safe.

How do I know if I am downloading the real SweepBank app?

Only download mobile apps from the official App Store or Google Play, and make sure the official publisher of the app is Ferratum.

The official SweepBank app can be downloaded by visiting https://www.sweepbank.com/app

If you think an app claiming to be ours is suspicious, please get in touch.

What is an Extended Validation (EV) SSL/TLS certificate?

This is a security tool which provides the strongest encryption level available and identifies a website as genuine. It’s what the little green padlock in your browser address bar means – if you see the green padlock, and the ‘Ferratum Bank plc. [MT]’ text before the URL, you’re in the right place!

An EV SSL/TLS Certificate means that the owner of the website (in this case, FerratumBank) has passed a thorough, and globally standardised, verification process. To get this certificate, a website needs to prove it has exclusive rights to use a domain, confirm its legal, operational and physical existence, and prove the entity has authorised the issuance of the Certificate.

What is encryption and how does it protect my information?

Encryption scrambles information being sent across the Internet. It makes sensitive information unreadable while its being sent, then when it arrives at the other end, it is decrypted back into a readable form. It stops malicious hackers reading that information if they can intercept it. It’s pretty cool James Bond-type technology actually!

What is phishing?

Phishing is an email scam that tries to get customers to disclose their sensitive information such as account numbers, passwords, PIN numbers, Social Security Numbers (SSN), etc. An email asking for this information may look authentic but it’s not from your bank. We will never ask you for sensitive information such as this in any emails.

What can I do to protect myself against phishing?

You should always be cautious about suspicious emails. If you don’t like the look of an email don’t follow any links it may contain. If you suspect an email from Multitude Bank isn’t genuine, please let us know and we’ll be able to check if it came from us or not.

What is the Depositor Compensation Scheme?

Important information about the Depositor Compensation Scheme :

Multitude Bank is a member of the Depositor Compensation Scheme (‘the Scheme’) established under the Depositor Compensation Scheme Regulations, 2015 (‘the Regulations’). The Scheme is managed and administered by a Management Committee, which is composed and regulated by the provisions of regulations 3 and 5 of the Investor Compensation Scheme Regulations, 2015. In case we are unable to meet our obligations towards you or have otherwise suspended payment, the Scheme pays compensation up to a maximum amount established by law (currently set at a maximum of euro 100,000 or its equivalent in any currency of a depositor’s total deposits held with us), subject to the limitations imposed by the Scheme. In any such event, our net liability towards you is the aggregate of all accounts in your name in euro or other currency, less any amounts due to us (such as loans).

In addition to the protection described above, deposits may be protected in some cases up to a maximum of €500,000 for six months after the amount has been credited or from the moment when such deposits become legally transferable. In order to qualify for such higher protection, a deposit in excess of €100,000 must meet any one of the following additional criteria:

(A) it comprises: (i) monies deposited in preparation for the purchase of a private residential property by the depositor; or (ii) monies which represent the proceeds of sale of a private residential property of the depositor; or

(B) it comprises sums paid to the depositor in respect of: (i) a separation, divorce or dissolution of their civil union; or (ii) benefits payable on retirement; or (iii) a claim for compensation for unfair dismissal; or (iv) a claim for compensation for redundancy; or (v) benefits payable for death or bodily injury; or (vi) a claim for compensation for wrongful conviction.

For further information about the Scheme (including the amounts covered and eligibility to claim) please call us or refer to the:

Compensation Schemes Management Committee

c/o Malta Financial Services Authority, Notabile Road, Attard BKR 3000, Malta. Tel: (+)356 2144 1155; E-mail: [email protected]

What advice can you give customers to avoid bank account fraud and scams?

At Multitude Bank, we take our customers privacy, security, and data seriously, and we work hard to protect our customers from scams and cases of fraud.

Please read the following link to familiarise yourself with some of the typical scams to be aware of and how to avoid becoming a victim of a scam or fraud: https://mymoneybox.mfsa.com.mt/scam-warnings/typical-scams

If you think you may have been involved in a scam or case of fraud, please contact our customer service team immediately.

If at any point you feel dissatisfied with our products and services, please send us your feedback via email to our customer support team at [email protected] or by post at Multitude Bank p.l.c., ST Business Centre 120, The Strand, Gzira, GZR 1027, Malta, specifying therein:

  1. your name, surname,
  2. address of the place of residence and contact information;
  3. date of submission of the complaint letter and
  4. the nature of the conflict or claim and substantiation thereof.

If possible, you may also enclose copies of documents certifying the transaction as well as other documents substantiating the complaint.

Multitude Bank shall immediately, and in any case, not later than 2 business days from receipt of the complaint, send you a letter or other equivalent communication acknowledging the receipt of your complaint.

Multitude Bank shall provide a reply (either by email or post) within 15 working days from the day of receipt of the submission. If you remain dissatisfied with the answer provided, you can escalate your complaint to an independent third party:

  • The Office of the Arbiter for Financial Services in Malta is one option. Submit your complaint by post at The Office of the Arbiter for Financial Services, First Floor, Pjazza San Kalcidonju Floriana FRN 1530, Malta or visit www.financialarbiter.org.mt.
  • The European Commission also has an online dispute resolution (ODR) platform that allows consumers to submit their complaint through a website which will forward the complaint to the correct Alternative Dispute Resolution (ADR) entity. For more information, please visit: http://ec.europa.eu/odr.

If Multitude Bank refuses your request, it shall also provide reasons for such refusal.

If it is not possible for Multitude Bank to reply within 15 working days due to objective reasons, Multitude Bank shall inform you of this without delay before the end of this period, specifying a reasonable time period within which the reply shall be provided and giving the reason why this extension is necessary.


In 2015, the EU adopted a new directive on payment services (PSD2) to improve the existing rules and take new digital payment services into account.

Who does PSD2 affect and when will it be in effect?

The revised Payment Services Directive (PSD2) will be effective as of 13 January 2018 and applies to banks and payment service providers within the European Economic Area (EEA) with the goal of making payments safer for customers, increase consumer protection, and foster innovation and competition.

How does PSD2 affect my security?

Payment Services Directive 2 (PSD2) aims at reducing the risk of fraud for electronic transactions and enhancing the protection of the consumers’ financial data through a more sophisticated means of customer authentication.

Improved security measures will be applied by all market players including newly regulated payment service providers. Some provisions introduced by the PSD2 will not be made effective until after January 2018 including the RTS on stronger customer authentication and securer communication.

How does PSD2 affect customer protection?

Through PSD2, customer protection will be increased. Under PSD2, customer fees will also be reduced. Customers´ liability will be reduced from EUR 150 to EUR 50 for unauthorised transactions related to lost, stolen or misappropriation of a payment instrument, except in situations such as fraud or gross negligence.

At present, banks offer a 13-month refund right for unauthorised transactions, which under PSD2, includes payments originating via a third party.

How long do banks before responding to complaints related to any breach of P2D2?

Banks are obligated to respond within 15 business days to complaints relating to infringement of PSD2. This timeframe may be extended to 35 business days in the case where responding within 15 business days is beyond the control of the bank. Customers may also file their complaint with the Office of the Arbiter for Financial Services for alternative dispute resolution.

How does PSD2 affect surcharges?

PSD2 prohibits surcharging on all electronic payment instruments, which means merchants cannot charge extra for those opting to pay with an electronic instrument such as a card.

Concerning bank transfers, where both the payer and payee are located in an EEA country, a ‘SHA’ (shared) charge type will apply whereby the payer and payee will both pay the fee charged by their respective banks.

What is Third Party Payment (TPP) and when will it be in effect?

Under PSD2 new payment service providers, Third Party Payment (TPP) will be introduced, which, following customer consent, can gain direct access to a customer´s bank account. Although not yet in effect, customers will be informed when TPP is made available and what requirements are needed for implementation.

The task of implementing several of the provisions of the PSD2 has been delegated to the European Banking Authority (EBA). These provisions include developing Regulatory Technical Standards (RTS) and guidelines.

Some provisions introduced by the PSD2 will not be made effective until after January 2018 including the RTS on strong customer authentication and common and secure communication.