Key Functions in iGaming
Such persons are required to submit to the MGA’s scrutiny in order for the Authority to assess their fitness and propriety. The persons who fulfill the necessary criteria shall then be issued with a Key Function Certificate for the relevant function or functions. Persons performing key functions are not required to be employees of the licensee but are required to have full knowledge, understanding and access to the licensee’s practices, procedures and systems.
The Key Functions for a Business to Customer (B2C) licensee shall be the following:
- The chief executive role, or equivalent;
- Management of the day-to-day gaming operations of the licensee, including responsibility for the processes of making payments to, and receiving payments from, players;
- Compliance with the licensee’s obligations emanating from the licence or licences issued by the Authority;
- Responsibility for the administrative and financial strategies of the licensee, including but not limited to the payment of tax and fees due to the Authority;
- Marketing and advertising, including bonus offers and promotions;
- The legal affairs of the licensee, including but not limited to contractual arrangements and dispute resolution;
- Player support;
- Responsible gaming;
- The prevention of fraud to the detriment of the licensee;
- Responsibility for the risk management strategies of the licensee;
- The prevention of money laundering and the financing of terrorism;
- Adherence to applicable legislation relating to data protection and privacy;
- The technological affairs of the licensee, including but not limited to the management of the back-end and control system holding essential regulatory data;
- The network and information security of the licensee;
- Internal audit.
For a Business to Business (B2B) licensee, the Key Functions shall be the following:
- The chief executive role;
- The day-to-day gaming operations of the licensee;
- Compliance with the licensee’s obligations emanating from the licence or licences issued by the Authority;
- Responsibility for the administrative, financial and risk management strategies of the licensee, including but not limited to the payment of fees due to the Authority;
- The legal affairs of the licensee, including but not limited to contractual arrangements and dispute resolution;
- Adherence to applicable legislation relating to data protection and privacy, where applicable;
- The technological affairs of the licensee, including but not limited to the management of the back-end and control system holding essential regulatory data;
- The network and information security of the licensee;
- Internal audit.
The MGA has issued guidelines on certain compliance-based roles which it deems incompatible with roles centered around the growth of the business. In particular, these have focused on the Chief Executive role, responsibility for the licensee’s finances (except for the payment of tax and fees due in terms of law) and responsibility for marketing and advertising which could be incompatible with the roles of compliance, player support and responsible gaming.
Furthermore, Money Laundering Reporting Officers (MLROs) are expected to refrain from taking on other responsibilities that may conflict with their functions in such a role, or which would otherwise conflict with such functions or prejudices their effectiveness and independence in such role. This could include, but not be limited to, the role of Data Protection Officer. The person responsible for internal audit is normally expected to refrain from holding any other function.
Startup recognition
A company that does not yet have a remote gaming license and is in the process to apply for a remote gaming license, may apply to be recognized as a start-up undertaking. The Company needs to declare conformity with requirements of the Startup directive, namely that the Company did not operate under any different form of establishment, no profits are yet distributed, the Company is newly formed and was not formed through a merger, none of the companies within the group of companies have not generated ten million euros (€10,000,000) worth of turnover in gaming or related sectors and the Company was not subject to the requirement of a Government concession to offer the gaming service.