The Malta Gaming Authority has revealed the end result of a sector-wide supervisory evaluation centered on how on-line B2C operators implement self-exclusion and accountable playing measures in Malta. The train assessed whether or not safeguards function successfully in apply and clarified regulatory expectations regarding participant safety.
Authorities initiated the evaluation through the first half of 2025 following complaints that some gamers who had self-excluded have been nonetheless in a position to entry different manufacturers working beneath the identical licence. The evaluation coated 20 licensees and 58 lively URLs, with investigators conducting thriller buying to check real-world performance of controls quite than relying solely on documented insurance policies.
Review Scope and General Compliance
The regulator examined how operators utilized self-exclusion throughout manufacturers, how methods responded to duplicate or comparable identification particulars, and whether or not accountable playing info was clearly offered at key phases of play. Investigators created accounts throughout three manufacturers per licensee to judge whether or not exclusions have been enforced persistently and whether or not controls could possibly be bypassed.
According to the Authority, total compliance ranges have been broadly optimistic. Most licensees demonstrated practices aligned with regulatory requirements. However, a variety of operators have been discovered to fall brief in particular areas, prompting corrective motion necessities.
The regulator said that the evaluation “sought to identify any systemic weaknesses and clarify regulatory expectations relating to player protection, highlighting areas performing well as well as opportunities for licensees to strengthen their practices.” The findings reaffirmed the Authority’s dedication to safeguarding gamers and sustaining integrity in the web gaming sector, whereas figuring out sensible enhancements that operators should implement.
Self-Exclusion Delays and Cross-Brand Weaknesses
One of the central points involved delays in activating self-exclusion requests. Two licensees didn’t shut accounts inside 24 hours when gamers submitted requests by e mail, whereas one other required identification verification earlier than implementing the exclusion. The Authority reiterated that self-exclusion should take impact instantly and said that no extra necessities, together with KYC checks, might delay implementation. It doesn’t regard any interval exceeding 24 hours as compliant.
Investigators additionally recognized a case the place an operator revoked a self-exclusion with out making use of the required cooling-off interval. Regulations mandate a minimal 24-hour delay earlier than lowering or lifting a particular exclusion and 7 days for an indefinite one. The regulator expects automated safeguards that forestall speedy reinstatement, no matter communications between operator and participant.
Cross-brand enforcement offered additional challenges. Three licensees allowed a self-excluded particular person to register, deposit, and play on one other model beneath the identical licence through the use of comparable private info. The Authority expects methods able to detecting similar or materially comparable knowledge, together with identify, date of start, e mail tackle, IP tackle, or fee particulars. When indicators of downside playing exist, exclusions should lengthen throughout all manufacturers held beneath the identical licence.
Centralised exclusion databases and real-time knowledge matching instruments have been recognized as efficient approaches to strengthen controls. The findings highlighted the necessity for operators to reinforce detection methods to make sure that participant safety mechanisms function persistently throughout company buildings.
Limit-Setting and Reality Check Gaps
The evaluation additionally recognized shortcomings in the presentation of accountable playing instruments throughout account registration and gameplay. Four licensees didn’t immediate gamers to set playing limits both throughout registration or earlier than their first deposit. Regulations require operators to supply limit-setting instruments on the outset and be sure that they continue to be readily accessible. The Authority requires proactive prompts and speedy enforcement as soon as limits are set.
Reality Check performance confirmed weaknesses at six licensees. Session pop-ups lacked obligatory info in sure instances. Regulatory requirements require these alerts to droop gameplay and show time spent, quantities wagered, winnings, and losses. Timers should proceed throughout video games, and any exclusion of auto-play exercise from time calculations have to be non-obligatory quite than mechanically utilized.
The regulator confirmed that it communicated its findings to the affected operators and required rectification plans. Supervisory follow-up will proceed, and enforcement measures might escalate the place crucial. The evaluation types a part of a broader risk-based oversight technique designed to advertise constant requirements throughout the sector.
Through the accompanying steering doc, the Authority inspired all licensees to attract on the evaluation’s findings to strengthen inside procedures, strengthen accountable playing controls, and assist a safer on-line gaming setting.
