Compliance today is a very broad church; just a few short years ago the gaming regulator was the only actor in town. Today, gaming companies are enjoying the attention of a whole host of government agencies, departments and regulatory authorities, all wanting to ensure that gaming companies are living up to their expectations when it comes to KYC, AML, GDPR, advertising standards, measures to prevent underage gambling, right down to consumer protection agencies scrutinising every line of the terms and conditions. Further adding to the complexity of compliance is the lack of harmonised rules in many of the countries that operators are working in, with each country wanting to add its own flavour to the rules and regulations that companies need to abide by.
The New Normal
Regulators around the world are determined to drive crime out of gambling. The industry had grown to such a size that it has become a target for criminal organisations, which in some cases managed to infiltrate and gain control of gaming companies and use them as a money-laundering tool. Measures to combat money laundering and the financing of terrorism had predominantly been the domain of banks and financial service companies. This changed in January 2018 when EU regulators widened the net in terms of the number of sectors that need to implement money-laundering measures, one of them being the iGaming industry. The industry was perhaps slower to realise the actual implications that this would have on their business. While the investment has been significant in terms of time, money and resources to comply with the new regulations, doing nothing has also proven to be an expensive option, with regulators doling out fines ranging from hundreds of thousands of euro to many millions. Enhanced KYC, due diligence and AML checks are now the new normal. Both companies and regulators need to pull on the same rope to ensure that criminals cannot use the industry for nefarious purposes.
The New Kid on the Block
Most people probably didn’t know that data protection commissioners even existed before the introduction of GDPR. The new regulations sent shivers done the spine of gaming executives due to the heavy fines (4% of annual global turnover or €20 million, whichever is greater) that could be imposed in case of non-compliance. GDPR has certainly had a major impact on the iGaming industry, bringing about stricter requirements for all companies that process personal data of EU citizens and imposing greater scrutiny on the way operators communicate with their customers. As a tech-driven industry, the iGaming was perhaps further ahead than others in managing the new requirements. From a risk point of view, GDPR had the potential of wiping out iGaming companies’ databases given that customers now have to give their consent. On the positive side, the new regulations have forced companies to be more customer centric by recognising their customers’ preferences of how they want to be contacted and the types of message they want to receive. The implications of getting this wrong can be very significant, but the rewards can be equally valuable
Opt-out rather than Opt-in
Responsible gaming is now the number one item on everyone’s agenda. With an estimated 10% of players being at risk of gambling harm and 1% actually developing a gambling addiction, player protection is now too big an issue to be ignored. All major gaming companies are rolling out new initiatives, testing new tools and promoting responsible gambling. Given that gaming companies are operating in a data-rich environment, in which every action by a player can be tracked practically in real time, the industry has no excuse of not being able to detect problem gamblers. Initiatives that are ensuring players have the same level of information available that operators have on a player’s online activity are to be welcomed. To really ensure mass-adoption of new responsible gambling tools, a competitive playing field needs to be established, whereby player protection tools should become ‘opt-out’ rather than purely an ‘opt-in’ measure.
Sharing is Caring
Player protection is probably the single most important issue that is impacting the industry and will continue to impact it going forward. While responsible gambling awareness initiatives are all well and good, the industry is increasingly being viewed as a public health concern with many believing the time has now come to expand the research capabilities of the industry. Gaming operators, regulators and policy-makers need to champion a “partnership model” for funding and producing research on responsible and problem gambling. Creating a responsible gambling innovation fund to attract scientists, researchers, academics, health professionalsand anyone else interested in researching and conducting studies on identifying ways of preventing gambling addiction would be a major step in the right direction. It would send a signal that the industry is serious about its commitment to developing a sustainable industry that does not have a negative impact.
Compliance is a Journey, not a Destination
Some 10 years ago many gambling executives and founders thought compliance meant getting a licence. However, the landscape has changed completely. Compliance is not a one-off activity. It is a journey more than an end; it is continuous. Compliance today has to feature in every aspect of business, which means compliance professionals need to understand the law as well as the business. They need to be able to translate the regulations into very practical processes and procedures that can be applied in the day-to-day running of an operation. We cannot underestimate the importance of the compliance function today because regulators can impose heavy fines and shut down operators that do not follow the rules. From a business perspective, the fragmentation of the European market is obviously the biggest challenge. While there are many similarities in regulations, there are some small but important differences. Reputable operators are not after light-touch regulation; all we require is clarity. I think we still have a long way to go until we get to a common European regulatory framework. Many countries only recently introduced regulations; they are still in the process of finding out what works and what does not work. I am confident that they will soon start learning from each other’s best practice, which could lead to a joint approach in regulating the industry. However, it is crucial that they first gain their own experiences in managing a regulated market, then they would be in a better position to agree on common standards.
Ewout Wierda, General Counsel of Videoslots
Photo Credits (Valletta): viewingmalta.com