Connect with us

Compliance Updates

EU Court Ruling on Online Gambling Liability: Players Can Sue Foreign Operators’ Directors Under Their Home Country Law (Case C-77/24 Wunner)

Published

on

eu-court-ruling-on-online-gambling-liability:-players-can-sue-foreign-operators’-directors-under-their-home-country-law-(case-c-77/24-wunner)

Published: 15 January 2026
Jurisdiction: Court of Justice of the European Union (CJEU)
Case: C-77/24 (Wunner)

A major ruling from the Court of Justice of the European Union (CJEU) is reshaping the legal landscape for cross-border online gambling in the EU. In Case C-77/24 (Wunner), the Court clarified that a player can, as a general rule, rely on the law of their country of residence when bringing a legal claim to establish tort/delict liability against the directors of a foreign gambling provider that did not hold the required local licence.

In plain terms: If an operator offers online gambling in a country without being licensed there, the player’s losses may legally be treated as “damage” occurring in the player’s home country—making it easier for the player to sue under the rules and protections of that local market.

This decision is likely to have significant implications not only for gambling operators, but also for directors, C-level executives, compliance leaders, and corporate legal teams, especially those managing cross-border growth strategies, grey-market exposure, or “EU passporting assumptions” that do not apply to gambling.

What Happened in Case C-77/24 (Wunner)?

The case centers around an Austrian resident who participated in online gambling offered by a Maltese provider called Titanium Brace Marketing Limited (“Titanium”), which was reportedly available across the European market.

Titanium held a gambling licence in Malta, but did not hold a licence in Austria.

The Austrian player filed legal proceedings in Austria against two directors of Titanium to recover losses incurred through online gambling activity, arguing that:

  • the gambling contract was null and void, and

  • under Austrian law, the directors were personally and jointly and severally liable because the company offered illegal games of chance in Austria without the required local authorisation.

However, the directors disputed the jurisdiction and the applicable law, claiming that:

  • the event that gave rise to the damage occurred in Malta

  • the damage occurred in Malta

  • therefore Austrian courts should not have jurisdiction

  • and Maltese law—not Austrian law—should apply

This created a critical conflict-of-laws problem that many cross-border online gambling disputes face: where did the “damage” actually occur in an online gambling transaction?

The Key Legal Question: Where Does the Player’s “Damage” Occur?

The CJEU examined the issue under the Rome II Regulation (Regulation (EC) No 864/2007), which sets the rules on which country’s law applies to non-contractual obligations (tort/delict) in cross-border situations.

Under Rome II, the general rule is:

the law applicable to a non-contractual obligation is the law of the country in which the damage occurs.

This rule applies:

  • regardless of where the event giving rise to the damage occurred, and

  • regardless of where indirect consequences occur.

This distinction matters enormously in online gambling, where the operator, bank accounts, infrastructure, licensing and corporate entity may sit in one jurisdiction, while the player plays from another.

CJEU Decision: The Damage Occurs Where the Player Resides

The Court ruled that in the context of a player seeking damages for gambling losses incurred via an online operator that lacked a licence in the player’s country, the damage sustained by the player is deemed to have occurred in the Member State where the player is habitually resident.

In this case:

✅ Player residence: Austria
✅ Operator jurisdiction: Malta
✅ Damage is deemed to occur: Austria

Therefore, Austrian law would apply as the default rule, because it is the law of the country where the damage occurred.

This is a powerful statement for cross-border enforcement because it significantly strengthens the position of the player in local legal proceedings.

Why This Is Bigger Than One Operator vs One Player

Operators and B2B suppliers often debate where online gambling “takes place”:

  • Where the website is hosted?

  • Where the operator is incorporated?

  • Where the payment processor is located?

  • Where the player clicks the spin button?

The Court recognized the reality of online gambling: it is not easily tied to one physical location.

Instead, the Court anchored the legal “place of damage” in the most relevant point of impact: where the player participates and is protected by local law.

This is not just a technical detail. It changes the legal risk profile for operators pursuing cross-border traffic without local authorisation.

Directors Can Be Targeted Personally Under Tort/Delict Claims

One of the most important elements in this decision is that the lawsuit was not only against the company (which was in liquidation), but also against the directors.

The Court clarified that Rome II applies to an action seeking to establish tortious liability aimed at directors for the infringement of a national prohibition on offering games of chance without a licence.

Crucially, the Court stated that this type of claim is not excluded under the category of “non-contractual obligations arising out of the law of companies.”

That matters because:

  • directors may be pursued for external obligations under national law

  • liability cannot automatically be pushed behind the corporate shield

  • liquidation status doesn’t necessarily end the route to recovery

  • plaintiffs may try to recover from individuals when the company can’t pay

For executive leadership, this decision amplifies the importance of cross-border compliance controls and licensing certainty before market entry.

What is Rome II Regulation and Why Does It Matter for iGaming?

The Rome II Regulation governs which national law applies when a tort/delict crosses borders inside the EU.

In iGaming, tort/delict claims can arise in scenarios such as:

  • offering gambling without a licence in a player’s country

  • breach of national consumer protections

  • misleading marketing practices

  • aggressive bonus or VIP retention practices

  • AML/KYC failures causing financial harm

  • payment disputes framed as “damage”

This ruling confirms that when the player’s alleged damage manifests in their home country, their home law may apply even if the operator is licensed elsewhere.

For operators, that’s a fundamental shift in predictability: you can be licensed and compliant in Jurisdiction A, but still face litigation under Jurisdiction B if you are not authorised there.

What About the Bank Transfer to Malta? Does That Change Anything?

In the case background, the player funded their account by transferring money from an Austrian bank account to a Maltese bank account connected to the operator, structured as a real account for the client.

This detail is important because many operators might assume that:

“Since the money went to Malta, the financial harm happened in Malta.”

But the Court’s logic places the relevant harm in Austria because:

  • the player participated from Austria

  • the Austrian prohibition existed to protect Austrian interests

  • the alleged wrongdoing was the availability of unlicensed gambling to the Austrian public

  • the loss actually “manifested itself” where the player played

This is a regulatory confirmation that payment routing does not automatically determine where damage occurs.

The “Manifestly Closer Connection” Exception: Is There a Way Out?

Rome II does allow a court to apply another law if the situation is manifestly more closely connected with another country.

This is not an automatic escape route, but it provides legal flexibility when circumstances clearly point away from the default rule.

However, for many online gambling cases, “habitual residence of the player” will likely remain the dominant factor, because:

  • online gambling is consumed at home

  • national gambling prohibitions are designed to protect local public policy

  • consumer harm and addiction protections are domestic priorities

What This Means for Online Gambling Operators

For licensed operators, this ruling reinforces a simple message:

Having a licence somewhere in the EU does not mean you are safe everywhere in the EU.

Online gambling remains a regulated activity at national level. The court’s approach supports local enforcement actions, local consumer claims, and local standards for liability.

Key operator implications:

  • Greater exposure to player claims in their home countries

  • Increased likelihood of multi-jurisdiction legal disputes

  • Stronger incentives for local licensing compliance

  • Higher risk in “cross-border availability” strategies

  • Potential personal liability pressure on management/directors

What This Means for Directors and Executive Teams

Directors and senior leaders should treat this ruling as a board-level issue, not just a legal memo.

Because once claims start targeting individuals:

  • risk becomes personal

  • reputational impact rises

  • insurers and D&O coverage becomes critical

  • governance and compliance documentation matters more

  • market-entry decisions need formal defensibility

If an operator “knows or should know” a jurisdiction requires local licensing and still targets players, it can become harder to argue that leadership lacked responsibility.

What This Means for Compliance and Legal Teams

This ruling increases pressure on compliance departments to strengthen controls around:

  • geo-blocking enforcement and logging

  • affiliate and marketing restrictions

  • local licensing checks for incoming traffic

  • responsible gaming enforcement tied to jurisdiction

  • internal “grey market” classification and decision logs

  • audits showing intent to prevent unlicensed access

It also encourages compliance leaders to align more closely with the business side.

Because in many organizations, unlicensed market exposure doesn’t come from direct intent—it comes from:

  • affiliate channels

  • SEO traffic

  • paid ads leakage

  • influencer content

  • “international” brand messaging

  • insufficient enforcement of region-based access restrictions

What This Means for Casinos and Land-Based Brands Expanding Online

For land-based casino groups moving into digital, this decision is a warning against the “soft launch across Europe” approach.

Many casino brands assume cross-border digital rollout is comparable to hospitality marketing. It isn’t.

If a casino group launches online and traffic arrives from unlicensed jurisdictions, the legal risk may follow the player back home—even if the operational core sits in a licensed hub.

Potential Industry Impact: A Stronger Local Enforcement Future

This judgment fits into a broader trend across Europe:

  • member states defending national gambling restrictions

  • regulators pressuring operators on compliance and marketing

  • increased litigation from players seeking loss recovery

  • courts being less tolerant of grey market monetization

  • stronger accountability mechanisms for leadership

In practice, it could accelerate:

  • more local lawsuits by players

  • more action against executives when companies dissolve or liquidate

  • more demand for proof of compliance intent and enforcement

  • more re-evaluation of licensing strategy in “borderline” markets

Strategic Takeaways for iGaming Operators

If you manage a regulated brand, this ruling supports three high-level strategic priorities:

1) Local licensing is the only stable long-term route

Short-term grey exposure may now bring long-term legal cost.

2) Geo-compliance must be demonstrable

It’s no longer enough to “have a tool.”
You need logs, enforcement, and proof of execution.

3) Executive governance matters

If leadership risk becomes personal, the organization must show that compliance decisions were not casual.

Final Thoughts: A Defining Ruling for Cross-Border Online Gambling Risk

The CJEU decision in Case C-77/24 (Wunner) gives players a major advantage in cross-border online gambling disputes: the ability, in general, to rely on the law of their country of residence when bringing tort/delict claims against the directors of a foreign provider that lacked the required licence.

This is not a symbolic ruling. It is a practical legal framework that:

  • strengthens local consumer protection

  • reinforces national licensing regimes

  • increases compliance pressure

  • and raises personal accountability risks for leadership

For operators with ambitions across Europe, the message is clear:

Cross-border growth must be built on compliance-first foundations, not geographic ambiguity.

FAQ: Quick Answers for Operators and Industry Leaders

Can players sue under their home country law?

As a general rule under Rome II, yes—if the damage is deemed to occur in their country of habitual residence.

Does a Maltese licence protect an operator across the EU?

No. Gambling is regulated nationally, and this ruling reinforces that reality.

Can directors be personally targeted?

Yes—especially where claims are framed as external tort/delict obligations, not just internal company law matters.

Can courts apply another country’s law instead?

Only where the case is manifestly more closely connected with another country, based on all circumstances.

The post EU Court Ruling on Online Gambling Liability: Players Can Sue Foreign Operators’ Directors Under Their Home Country Law (Case C-77/24 Wunner) appeared first on Eastern European Gaming | Global iGaming & Tech Intelligence Hub.

Compliance Updates

Finland notifies EU of gambling tech rules for data vault and OCSS signing

Published

on

finland-notifies-eu-of-gambling-tech-rules-for-data-vault-and-ocss-signing

Finland has submitted technical gambling regulations covering a regulatory data vault and the Official Control Signing Service (OCSS) to the EU’s Technical Regulation Information System (TRIS) on 10 July.

According to the notified documents, operators must submit signed gaming and player-account data to the authority through a secure SFTP data vault in a prescribed format. The rules also require operators to retain the data for five years and ensure “its integrity, availability and retrievability.”

The documentation also sets out requirements for using the authority’s OCSS to sign gaming data. It specifies signing generally every five minutes for gaming transactions and at least once daily for player-account data, alongside obligations to manage API keys and handle technical disruptions.

The technical documents are currently available only in Finnish. The press release says unofficial English translations have been prepared, titled “eCertification of Gaming Transactions and Gaming Account Transactions EN” and “Submission of Gaming Transactions and Gaming Account Transactions EN.”

The press release also lists the broader status of technical documentation supporting Finland’s new gambling regulation. It says randomness checks and reliability and information security requirements have been adopted into national legislation; the OCSS signing and data-vault transfer specifications have been notified via TRIS; player-account and game-event data specifications are being prepared following an earlier public consultation; a Ministry of the Interior decree is under public consultation; and drafts are still awaited covering player identification APIs, jurisdiction-wide self-exclusion checks, and certification requirements for games and platforms.

The post Finland notifies EU of gambling tech rules for data vault and OCSS signing appeared first on EE Gaming | Global iGaming & Tech Intelligence Hub.

Continue Reading

Compliance Updates

Merkur Group Strengthens Global Compliance Strategy

Published

on

merkur-group-strengthens-global-compliance-strategy

 

Under the theme “Perspectives,” a total of 43 compliance staff members from the Merkur Group across various countries gathered from 30 June to 1 July to further develop compliance processes in a sustainable manner. Colleagues from Germany, Spain, England, Malta, Australia and the US traveled to the two-day meeting at Benkhausen Castle, the in-house training centre of the Merkur Group. The workshop set the stage with expert presentations on global and digital topics such as cybersecurity, risk management and artificial intelligence. A panel discussion featuring representatives from various international companies within the Merkur Group, as well as a digital quiz, rounded out the programme.

In keeping with its guiding principle, the workshop focused on sharing experiences, fostering global networking and providing impetus for the further development of compliance processes. Because informal exchanges are also key to close cooperation, the evening programme created a relaxed atmosphere and gave participants the opportunity to continue their conversations, make new connections, and further strengthen team spirit across company and national boundaries.

“The ideas and diverse perspectives gained during the workshop will now be incorporated into our day-to-day work and help us to continuously improve collaboration and existing processes,” said Ludwig Beckmann, Chief Compliance Officer of the Merkur Group.

The concluding feedback session also highlighted just how valuable the international exchange is. The term “collaboration” came up particularly often, a clear indication of how highly the participants value working closely together within the international compliance network.

The post Merkur Group Strengthens Global Compliance Strategy appeared first on EE Gaming | Global iGaming & Tech Intelligence Hub.

Continue Reading

Compliance Updates

GRAI Launches New Campaign Helping Parents to Spot the Signs of Underage Gambling

Published

on

grai-launches-new-campaign-helping-parents-to-spot-the-signs-of-underage-gambling

 

The Gambling Regulatory Authority of Ireland (GRAI) is encouraging parents and guardians to be alert to the signs of gambling among young people and to intervene early to prevent gambling harm.

The signs of gambling aren’t always visible, the GRAI in partnership with the Health Service Executive Addiction Services have developed dedicated advice on www.grai.ie to equip families with the knowledge to recognise the signs, advice on how to start the conversation with their children about gambling, and where to seek help if required.

To support the guidance, the GRAI has launched a national public awareness campaign across video on demand, radio, digital audio, and social media platforms, bringing this message directly to families across Ireland.

With the lines between entertainment and gambling increasingly blurred, especially online, what may look like harmless fun can still involve risk, money and chance in ways that affect young developing brains. Research commissioned by the GRAI and conducted by the Economic and Social Research Institute (ESRI) found that children who gamble are twice as likely to develop a gambling problem as adults.

Anne Marie Caulfield, CEO of the GRAI said: “We have launched this campaign to help parents start an important conversation about the risks of underage gambling. Children and young people are among the most at-risk members of Irish society when it comes to gambling exposure and harm. Children’s brains are still developing the judgement and impulse-control systems used to weigh up risk, which makes gambling appealing to them.

“With online gambling available at any time of the day, it is easy for the warning signs to be hidden. The guidance the GRAI developed with the HSE Addiction Services sets out some of the key behavioural signs to look out for in your child.”

The post GRAI Launches New Campaign Helping Parents to Spot the Signs of Underage Gambling appeared first on EE Gaming | Global iGaming & Tech Intelligence Hub.

Continue Reading

Trending

Get it on Google Play

Fresh slot games releases by the top brands of the industry. We provide you with the latest news straight from the entertainment industries.

The platform also hosts industry-relevant webinars, and provides detailed reports, making it a one-stop resource for anyone seeking information about operators, suppliers, regulators, and professional services in the European gaming market. The portal's primary goal is to keep its extensive reader base updated on the latest happenings, trends, and developments within the gaming and gambling sector, with an emphasis on the European market while also covering pertinent global news. It's an indispensable resource for gaming professionals, operators, and enthusiasts alike.

Contact us: [email protected]

Editorial / PR Submissions: [email protected]

Copyright © 2015 - 2024 - Recent Slot Releases is part of HIPTHER Agency. Registered in Romania under Proshirt SRL, Company number: 2134306, EU VAT ID: RO21343605. Office address: Blvd. 1 Decembrie 1918 nr.5, Targu Mures, Romania