The distinction between video games and games for gambling is becoming increasingly blurred with many video games giving items based on chance, for example daily draws and loot-boxes, writes Rune Rasmussen MBCS independent consultant in compliance and surveillance data analytics.

While the gambling law is being reviewed to cater for a modern online reality, the regulation of gambling is being expanded with stronger data analysis requirements. This article will introduce the changes in the law and regulation and will outline the challenges for IT departments.

Developing video games that do not involve gambling and developing games for gambling often require similar skills. Both involve creating engaging experiences that are rich in graphics and often on mobile devices. The regulation and legislation of gambling is currently being reformed.

At the time of writing this article, the government is imminently expected to publish a draft for a new paper on gambling law. This white paper has been postponed several times over the past years and is now well overdue. The current law was enacted in 2005 and it is widely considered to be ill-suited to the modern online reality of gambling websites and mobile apps.

What is gambling?

In the Gambling Act 2005 (GA 2005), gambling is defined (s 3) as gaming (defined in s 6), betting (defined in s 9) and participating in a lottery (defined in s 14, subject to s 15). Gaming is defined as ‘playing a game of chance for a prize’ (s 3(1)) and can include both chance and skill.

The GA 2005 does not define the word ‘game’ but the Oxford Learners Dictionaries online define a game as ‘an activity that you do to have fun, often one that has rules and that you can win or lose’[0]. The word ‘gaming’ is intentionally avoided in this article as the common use of the word typically refers to the activity of ‘playing computer games’[1]. So as far as the GA 2005 is concerned gaming is a type of gambling.

Almost all computer games include an element of chance but whether they include a prize is debatable. See reference in the text to loot boxes. Debates on whether a specific game includes sufficient elements of chance under GA 2005 have been the subject of intense legal arguments in court cases over the past several decades.

Entertainment or gambling?

Changes in gambling regulations will obviously impact gambling developers but might also affect how video games are developed. A big question to look out for in the white paper will be whether the government will widen the definition of gambling. Traditionally gambling has been considered distinct from pure entertainment activities such as video games but that separation is being challenged.

For a game to be gambling it must provide a prize and under the current legislation, in-game prizes such as loot boxes are not considered gambling. The Gambling Commission has said that such feature might pose a risk to children[2]. If the definition of gambling changes, then we could see a situation where developers will need to adjust their features to avoid having to register as gambling operators.

The policy objectives of the gambling legislation are likely to continue to prevent crime, to ensure fair games and to protect the vulnerable, particularly children. The crime and fairness objectives continue to be relevant, but it is the potential social harm of gambling addictions that has been receiving the most attention lately[3].

There are still gambling operators that pay millions of pounds of fines which involves lax money laundering controls. Game developers will need to continue to pay attention to requirements for money laundering.

Protecting the vulnerable

During the pandemic people who were socially isolated and had limited alternative entertainment opportunities increasingly used online gambling. This has arguably highlighted the need for system-imposed mechanisms to protect vulnerable players and certainly focused the debate of this objective.

The government has made clear that the gambling reforms will be led by the role of technology and data. In a speech earlier this year by Chris Philip MP, Parliamentary Under-Secretary of State for Tech and the Digital Economy, he focused on the way the government wants data to be used to combat gambling related harm[4]. This will be done through a combination of the regulation and enforcement of the Gambling Commission.

We will need to wait for the new gambling white paper to see if the Gambling Commission will be given increased powers to enforce the law and/or the regulation that they enact. However, the Gambling Commission has already published tougher requirements for gambling operators on customer interaction and is pursuing an industry wide holistic view of gamblers[5].

Increased customer interaction

On 14 April 2022 the Gambling Commission published their response to a consultation on identifying the customers that are at risk of harm. This has resulted in a set of new rules which will come into force on 12 September 2022. The response includes a list of core indicators that licenced gambling companies must start to use to identify harm or potential harm[6].

This includes indicators such as ‘gambling behaviour’ and ‘time spent gambling’. It is also clear that the Gambling Commission expects monitoring and alerting for harm to begin immediately when the customer signs up.

The capture, storage and presentation of these indicators will inevitably fall on the IT departments. This is likely to include the integration of multiple data sources such as payment systems data for deposits and withdrawals, and third-party data if external providers are used. Compliance teams are likely to need regular monitoring of these indicators and ad-hoc advanced analytics.

Some of the required indicators of harm could be difficult for analytics teams to define. An example is the ‘time spent gambling’ which might have to be carefully defined so that an online session left idle (e.g., website or mobile app just left open on an unattended device) would not trigger an alert.

For you

Be part of something bigger, join BCS, The Chartered Institute for IT.

Another example could be behavioural characteristics which could include chasing of losses but designing rules for behaviours are often very difficult. A knowledge of the legislation and regulation might be required to define and document the chosen methodology.

These increased analytical requirements could very likely spark a strategic debate within a company on whether to place the data analysis within the IT department or within the business, in this case likely the compliance function.

The debate on architectural structure could be complicated by the expectation that identification of such harm indicators could lead to real-time locking of customers’ accounts. This would entail not just receipt of data from the front-end systems into the analytical solution but also the potential for automatically pushing back such messages.

Single customer view

One of the most highly anticipated new measures is the single customer view (SCV). The Gambling Commission has been working with the gambling industry to develop an industry-wide system to share information on customers that are at risk of harm from gambling.

Currently, an industry-led self-exclusion solution exists, but the government has made it clear that they will not rely on industry self-regulation. The Gambling Commission is currently working with the Information Commissioner’s Office (ICO) to ensure there is a solid legal basis for the UK General Data Protection Regulation (GDPR) for such data storage and processing.

The above-mentioned list of core indicators will form a central component of the new system. Many gambling operators will have both websites and applications that have to capture this data from their customers, safely store it and transmit it to the central industry data platform.

The readership of this article will surely be well aware of the challenges with data protection and this data will, by its definition be ‘highly sensitive’. The implementation of the SCV will mean challenges for IT departments both in protection and processing of such data. They will need to deal with this sensitive data being stored while ensuring it is available to be processed in front-end applications.

They will also have to be ensure mechanisms are in place to lock a customer’s account and prevent any further gambling activity if they are notified of an exclusion. This is going to be a challenge for operators that have a mix of development strategies, such as in-house and 3rd party developed solutions that needs to be integrated.

Foreign gambling operators

How to legislate for foreign gambling operators is a complicated issue. There is nothing that prevents British residents from using gambling sites or apps operated by foreign operators.

The government do not want to make it easier for operators to avoid regulatory oversight by moving abroad, but that could be a consequence of stricter UK legislation. Striking the right balance is, and continues to be, very challenging.

Currently operators will need to be licenced by regulators in white-listed jurisdictions or licenced by the UK Gambling Commission to operate in the UK. The definition of ‘operate’ gets complicated quickly but direct advertising to UK residents is generally covered. An example of a white-listed jurisdiction is Gibraltar where several gambling companies are based.

Regulating potential harm from online activity is a very difficult issue that is not confined to computer games and gambling but also includes social media and financial regulations. Blocking the IP addresses of foreign internet sites is neither a practical nor a politically feasible solution in democracy. Clamping down on foreign operators is therefore unlikely to require IT solutions.

Conclusion

There are big changes coming to the gambling industry – both in respect to the law and in respect to the supporting regulation. It is clear that data is central to the government and the Gambling Commission’s plans to limit the potential harm from gambling. This is going to cause a number of challenges to IT departments. One of the challenges will be to better understand the regulations and to cooperate closely with compliance functions to solve them.

The good news is that many of these challenges have already been faced by the financial services industry who have been using advanced analytics on their customer data for many years, including identifying behavioural characteristics. Looking to the future, the gambling industry can learn a lot from the financial services industry on both organisational structure and IT infrastructure design.

About the author

Rune Rasmussen MBCS, Dip Stat, BSc, BA, MSc, PG Cert is an independent compliance & surveillance data analytics consultant with experience in investment & retail banking, insurance, and gambling. He is the editor and co-author of ‘Data Analyst: Careers in data analysis’ published by BCS, The Chartered Institute for IT.

References

0 Oxford Learner's Dictionaries: Game definition
1 The Gambling Law 2005 specify that gambling includes ‘gaming’ which is defined as ‘playing a game of chance for a prize’. The word is intentionally avoided in this article as the common use of the word typically refers to the activity prize of ‘playing computer games’, see definition 1 in Oxford Learner's Dictionaries: Gaming definition.
2 Gambling Commission: Loot boxes within video games
3 Gambling Commission: £9.4m fine for online operator 888
4 Gov.UK: Gambling Reform Rally speech
5 Gambling Commission: An update on the Single Customer View industry challenge
6 Gambling Commission: Remote customer interaction: Consultation Response