MGA Tells Operators to Close Self-Exclusion Gaps After Thematic Review

MGA Tells Operators to Close Self-Exclusion Gaps After Thematic Review
John Robery
By John Robery
The Malta Gaming Authority (MGA) has revealed the findings of its thematic review, which tested the online licensees’ performance in managing self-exclusion and related safer gambling tools. Most operators have met the required standards, although some have failed in critical areas, prompting the regulator to request rectification plans.

According to the MGA, the review was prompted by claims of some gamblers accessing multiple brands after self-excluding as a result of problem gambling issues. In its summary, the regulator explained the purpose of this check as testing the real-world performance and identifying potential systemic weaknesses, as well as clarifying what is expected from licensees.

New Zealand Moves Against Prediction Markets as Online Casino Bill Progresses
New Zealand Moves Against Prediction Markets as Online Casino Bill Progresses
Stake Confirms Denmark Launch After Securing Five-Year Licence
Stake Confirms Denmark Launch After Securing Five-Year Licence
Dutch Regulator Warns Polymarket to Leave the Netherlands
Dutch Regulator Warns Polymarket to Leave the Netherlands

How the Review Tested Operators

The review indicates that overall compliance was positive, though it did highlight some areas for improvement that a limited number of licensees must improve on. Notable findings include:

  • Delays in self-exclusion. 2 out of 20 licensees failed to close the account within 24 hours of the request for self-exclusion via email;
  • Use of KYC as a blocker. 1 licensee asked for verification documents before the request for self-exclusion, which the review indicates should not be made conditional on the completion of KYC procedures;
  • Cross-brand loopholes. 3 licensees allowed registration, deposit, and play on another brand when the information entered was similar to the information of the self-excluded individual;
  • Setting of limits not prompted. 4 licensees did not prompt or offer the option to set responsible gambling limits at the time of registration or the first top-up;
  • Reality check gaps. 6 licensees needed to add the information in Reality Check pop-ups, such as clearer session statistics and required display elements;
  • Cooling off was not applied. The review also found at least one case where the self-exclusion was lifted without the required cooling-off period being applied.

The document also indicates the MGA’s interpretation of the term “forthwith”. It states that any period longer than 24 hours does not comply, and any steps or procedures, such as internal procedures, cannot delay the activation beyond 24 hours.

What Happens Next

The Authority has stated that it has already informed relevant licensees of its findings and has asked them to come up with rectification plans. The regulator has also indicated that it will engage in follow-up supervisory actions if deemed necessary, such as monitoring the implementation of corrective actions, among other things.

Takeaways for Compliance Teams

As seen, self-exclusion is treated as an active control that must work across brands, channels (including email requests), and near-match identity. If the system uses separate stacks for brands, the weakest link will manifest itself in a “mystery-shop” attempt.

The best course of action is to validate these flows within your system (including cross-brand and near-match identity attempts) to ensure self-exclusion kicks in quickly and is maintained everywhere the customer tries to access.

Related topics

Have you enjoyed the article?

More for you

Link Copied