Gambling With Compliance is a Risky Bet

5 Min Read

The gambling and gaming industry is built on taking risks. The thrill and excitement based on calculated risk taking & skilful gaming has fuelled a booming market: the global gambling and gaming industry is projected to reach $876 billion by 2026. But this growth would be impossible without a contrasting approach to risk-taking by the companies that facilitate it. Rather than leaving it to chance, gambling and gaming operators must work to mitigate the risks they and their customers face and encourage a responsible approach to this pursuit in a closely scrutinised world.

The current state of play

The gambling industry in the UK is regulated by the Gambling Commission on behalf of the Department for Digital, Culture, Media and Sport (DCMS) under the Gambling Act 2005 – and is worth around £14.3 billion per year, 38.6% of which is generated by online gambling.

Meanwhile, in the US, the regulatory landscape is less centralised. There is no federal law regulating the gaming sector, meaning each state implements its own legal framework and enforces it at the state level. US gambling revenue hit $13.6 billion in the second quarter of 2021 – a new industry record.

Australia is a bit like the US when it comes to gambling legislation. There’s a touch of federal input, especially regarding consumer protection, but the states and territories govern individual gambling laws. According to the Queensland Government the total Australian gambling market was worth over $225 billion in 2019. During the pandemic the proportion of online gamblers has risen to 78%.

Despite the contrasting structures, it’s a similar story across the globe, where industry regulators are clamping down on nefarious activities and social neglect with notable consequences, for example:


  • In 2019, the Gambling Commission imposed a £7.1m fine on online casino company Daub Alderney for failing to sufficiently monitor its customers for both money laundering and problem gambling.
  • In 2019, the Gambling Commission imposed a £1.8 million fine, an operator licence warning and additional licence conditions on Silverbond Enterprises – a land-based casino – for failing to comply with social responsibility and anti-money laundering (AML) regulations.


  • In 2019, Macau Casino in Tukwila was issued with a $1.25 million penalty for money laundering and loan shark activities by the Washington State Gambling Commission.
  • In 2017, the Financial Crime Enforcement Network (FinCEN) – which implements AML programmes for casino operators – imposed an $8 million civil money penalty on Artichoke Joe’s Casino in California for wilfully violating AML laws over eight years.


  • In April 2021 Crown Casino was hit with a $1 million fine for failing to vet foreign high rollers and scrutinise junket operators, some of whom had links to organised crime gangs.

These extensive fines and penalties mean gambling companies can no longer afford the risk of non-compliance. They must take action to implement a best-practice risk and compliance programme now, or next time it could be their business hitting the headlines.

A shift in focus

The days when gambling and gaming companies could rely on a manual, and somewhat reactive approach to governance, risk and compliance (GRC) are over. These fractured GRC programmes only offered a short-sighted outlook and failed to offer a transparent view into the legal requirements and internal policies and procedures demanded by regulators. Working within this narrow framework, some companies would even actively allocate a portion of their profits to paying any regulatory fines they incurred for non-compliance.

But as fines for businesses with weak GRC programmes increase, they must move with the times – or face the consequences. Failure to meet increasingly stringent regulatory standards can expose them to reputational damage from a prosecution or a hefty fine that could force them out of business. And the scales are tipping, with the cost of non-compliance often outweighing the cost of establishing a comprehensive GRC programme, operators can’t afford to turn a blind eye to their obligations.

The bigger an industry gets, the more regulated it becomes – and gambling and gaming is no different. Choosing not to comply with the tapestry of regulations – from rules to address unfair terms and hidden caveats to preventing misleading advertising and managing data privacy – negligence is no longer an option. The industry has tightened the regulatory screw in response to its online accessibility; but another, murky element, has also crept in as criminals seek to exploit the volume of transactions using money laundering techniques – and steps must be taken to mitigate it.

As businesses place more importance on their GRC programmes and upscale them, they are reaping the rewards – from the automation that best-practice technology brings to streamlined processes that save resources and provide deep insight into business operations. The price of a comprehensive GRC tool is certainly outweighing the risks associated with non-compliance.

Key concerns for gambling organisations

The evolution of the gambling and gaming industry in the digital age has exposed operators to an even wider variety of risks and enhanced the need for enhanced processes to overcome those risks:

Regulatory compliance

This must not be a box-ticking exercise. Making regulatory changes without a defined process will leave operators unable to provide proof of compliance and could mean important changes go undetected. Industry regulators require operators to be more transparent than ever before; therefore, they must invest the necessary resources to meet their obligations in line with an ever-changing regulatory landscape to establish a future-proof process backed by a clear audit trail where stake holders can be held accountable.

Complying with advertising laws

While there is a clamour to tighten advertising restrictions – especially in the UK where the Gambling Act 2005 permits television advertising for all forms of gambling – operators must comply with a range of measures that aim to enhance the social responsibility of their advertising. For example, in the UK a safer gambling message or a reference to must appear on-screen throughout an advert.

Understanding the client and the source of their funds

As part of their customer interaction requirements, operators must know their customers inside out so they can ensure gambling is fair, safe and free of crime. For example, in the US, FinCEN has the authority to investigate casinos for compliance with and violations of the Bank Secrecy Act, and in recent years has shown an increased focus on AML compliance in the gaming industry. Credit checks have also become an essential part of the cashless online gambling community, and these must be closely regulated.

Suspicious activity

Casinos are required to report suspicious activity that might signify money laundering, tax evasion or other criminal activities, typically in the form of a serious activity report (SAR). In the US, for example, the preparation and filing of a SAR with FinCEN is not optional, and casinos are held accountable for failing to report their obligations and not meeting filing deadlines. Therefore, controls must be put in place to spot anomalies and address them.

Social responsibility

From brick-and-mortar betting shops and casinos to online gambling platforms and e-sports vendors, the industry’s surface area has ballooned over the past decade. With this exponential growth comes social responsibility towards gamblers by the companies that operate within it. More people are gambling more money than ever before – and the consequences are troubling: addiction, bankruptcy, divorce, unemployment, crime, substance abuse, imprisonment and depression. Gambling companies must seek to protect vulnerable clients and provide proof of the action taken.

Employee training

Staff must be empowered to form a vital layer in the GRC process. This can be achieved through engaging – and audited – training programmes that inform them about relevant regulations and teach them vital skills, like how to detect vulnerable customers and spot suspicious activity.

How software can help

Transforming GRC management from a fractured, manual process into an integrated discipline that delivers strategic advantage must be a priority for gambling and gaming businesses. Get this right and it will help you to analyse and share data providing a 360-degree view of your risk posture, enabling executives to make informed decisions that align management activities with business strategy and performance. At the core of achieving this holistic perspective is automation through GRC software.

To achieve effective automation, you must select a regulatory compliance & risk management solution that has a comprehensive set of capabilities, including:

  • Links to third party regulatory content providers, so your business can scan the regulatory horizon for upcoming changes and map those changes to your internal processes, policies and stakeholders.
  • Workflow capabilities that push out notifications and alerts and track changes for a comprehensive regulatory change management process.
  • Presents essential data via intuitive dashboards to provide a single source of truth to the board, auditors, and regulators.
  • Offers a comprehensive control framework to detect suspicious activity by considering the onboarding history of customers, their credit information and gambling habits.
  • Monitors risk registers and key risk indicators, enabling the board to define risk tolerances.
  • Streamlines the audit trail by aggregating risk and compliance data into a consistent format and implementing automated workflows.
  • Aggregates data from legacy sources via API integrations for a consolidated view of your risk data.

Don’t remain bound by disconnected disciplines, isolated tools, and siloed data. Adding automation through GRC software facilitates quick, confident, and risk-informed decision-making that prevents financial loss and reputational damage.

Camms offers a leading GRC solution with enhanced functionality in regulatory compliance & risk management, designed to streamline processes and satisfy regulators. Our technology is already supporting several leading gambling and gaming companies across the globe, including Flutter, Betway and Derivco.

Request a demo today and find out how we are helping gambling & gaming companies to simplify their GRC programmes.

Request demo

Daniel Kandola

Vice President, EMEA

Share blog post

Subscribe to our newsletter


You might also like…

Scroll to Top