News

Gaming Authorisations and Compliance Directive: Summary of Amendments Implemented in October 2021 by the Malta Gaming Authority

In October 2021, the Malta Gaming Authority (the “MGA”) amended the Gaming Authorisations and Compliance Directive (Directive 3 of 2018). As a result of such amendments, the number of key function roles required to be appointed by licensed operators has decreased, since certain roles have been merged.

Share this post
Related Industries
Gaming & Gambling
Geography
Malta

Download the summary of amendments report here.

As a consequence, B2C and B2B licensees operating in the remote business are required to appoint the following key function roles:

B2C licensee B2B licensee
1. CEO CEO
2. Key Gaming Operations = Key Gaming Operations + Key Finance + Key Risk + Key Fraud Key Gaming Operations = Key Gaming Operations + Key Finance + Key Risk + Key Fraud
3. Key Compliance = Compliance Officer + Key Responsible Gaming + Key Player Support + Key Marketing Compliance Officer
4. Key Legal Key Legal
5. Key Data Protection Key Data Protection
6. Key AML & CFT Key Technology = Key Technology + Key Information Security
7. Key Technology = Key Technology + Key Information Security Internal Audit
8. Internal Audit

Furthermore, clarifications in respect to when certain roles need to be appointed during the lifetime of the license have been made.

  1. 1. At the application stage, licensees must notify the MGA about who will hold the roles of chief executive officer, compliance officer, as well as MLRO (if applicable);
  1. 2. Within 6 months of the licence being issued, the MGA must be notified as to who has been appointed to exercise the remaining key function roles;
  1. 3. In case any of the persons exercising the key function role resigns, the licensee is required to notify the MGA by not later than 3 working days after such resignation. Additionally, the licensee is obliged to inform the MGA about the appointment of the replacement by not later than 15 working days after such resignation.

Importantly, if no person is approved by the MGA to fulfil a key function either temporarily or otherwise, the responsibility for such key function is vested in the directors of the licensee.

Policy on the Eligibility and Ongoing Competency Criteria for Key Persons – October 2021

Apart from amending Directive 3 of 2018, the MGA also issued the Policy on the Eligibility and Ongoing Competency Criteria for Key Persons (hereinafter the “Policy”), which sets the eligibility and ongoing competency criteria which the MGA shall consider in terms of persons who apply for the issuance or renewal of a Key Function Certificate.

Fitness and Propriety Considerations

Key persons are obliged to be fit and proper in order to perform their respective key functions on an ongoing basis.

The main criteria, which the MGA considers, consist of the following:

  • Integrity, Honesty and Reputation;
  • Competence and Capability.

General Competency Criteria and Continuous Professional Development

Persons being key functions officials are obliged to be duly qualified in terms of academic qualifications as well as professional experience as may be applicable for their given roles.

With respect to the continuous professional development (hereinafter “CPD”), when applying for the renewal of the Key Function Certificate, key persons must demonstrate that they have attained a minimum number of CPD hours during each calendar year of the previous certification period, in order for such renewal to be approved.

Evidence of fulfillment of the applicable CPD requirements includes the certification or other proof of attendance.

The Policy provides an exhaustive list of methods applicable to the attainment of CPD requirements, as follows:

  1. Professional Educational Activities (courses, seminars, workshops);
  2. Presentations (vendor or system-specific presentations);
  3. Teaching / Lecturing / Presenting (development and delivery of presentations and courses relevant to key functions);
  4. Publication of Articles;
  5. Professional Examinations.

It must be noted that 1 CPD hour is earned for each hour of active participation for qualifying professional educational activities unless specified otherwise.

In addition, the table below further demonstrates the minimum experience and/or qualifications requirements as well as minimum annual CPD requirement for each key function role:

Key Role Minimum Experience and/or Qualifications Minimum Annual CPD Requirement
CEO
  • Minimum 3 years of working experience in a managerial role plus a related bachelor’s degree; or
  • a minimum of 5 years of working experience.
5 CPD Hours
Key Gaming Operations
  • Minimum 2 years of working experience in a managerial role plus a related bachelor’s degree; or
  • a minimum of 4 years of working experience; and
  • must be knowledgeable in risk management and fraud prevention procedures.
10 CPD Hours
Key Compliance
  • Minimum 2 years of working experience in a compliance-related role plus a related bachelor’s degree; or
  • a minimum of 4 years of working experience; and
  • must be knowledgeable in terms of obligations relating to responsible gaming, advertising and sports integrity where applicable.
10 CPD Hours
Key Legal
  • Minimum 2 years of working experience in the role of legal counsel and/or similar senior role plus a related bachelor’s degree in law;
  • must be knowledgeable in terms of legal affairs including those relating to contractual arrangements, litigation proceedings and dispute resolution.
10 CPD Hours
Key Data Protection
  • Minimum 2 years of working experience in the role of data protection lead or data protection officer plus a related diploma or certificate; or
  • 3 years of working experience
10 CPD Hours
Key AML & CFT
  • Minimum 2 years of working experience as a MLRO or similar senior and/or a related managerial role plus a related bachelor’s degree or ML specific qualification; or
  • 4 years of working experience as a MLRO or similar senior role.
10 CPD Hours
Key Technology
  • Minimum 2 years of working experience in a role related to IT plus a related bachelor’s degree; or
  • 4 years of working experience in an IT-related role;
  • must be knowledgeable in technical set-up, systems and infrastructure.
10 CPD Hours
Internal Audit
  • Minimum 2 years of working experience as internal auditor or similar role plus relevant certificate to perform a role of internal auditor; or
  • 4 years of working experience as internal auditor or similar role.
10 CPD Hours

Compatibility of Roles

For clarity purposes, MGA has also published the table below to clarify which roles are incompatible with each other.

 

Actions required and applicable timeframes

For any questions please contact [email protected]

The information above does not and is not intended to constitute legal advice and should not be relied on as such. For any specific matters kindly seek legal assistance.

GAMING AUTHORISATIONS AND COMPLIANCE DIRECTIVE SUMMARY OF AMENDMENTS IMPLEMENTED IN OCTOBER 2021 BY THE MALTA GAMING AUTHORITY
Robert Zammit
About the author

Robert Zammit

Robert Zammit is a partner at WH Partners. His main areas of practice are regulatory and licensing and corporate commercial deals. He also assists clients with employment matters.

Learn More
Galyna Podoprikhina
About the author

Galyna Podoprikhina

Associate who is part of FinTech, Intellectual Property and Gaming & Gambling Teams. Listed in the Associates to Watch category of the Chambers Fintech 2024 guide.

Learn More

Related Articles

Scroll to Top