Compliance Updates
EGBA Demonstrates Commitment To GDPR With Sectoral Code Of Conduct For Data Protection
New Code establishes rules and best practices to strengthen data protection in the online gambling sector and is one of Europe’s first sector-specific initiatives to support compliance with the GDPR.
BRUSSELS, 10 June 2020 – The European Gaming and Betting Association (EGBA) has published a Code of Conduct on data protection which establishes dedicated sector-specific rules and best practices to ensure compliance with the EU General Data Protection Regulation 2016/679 and promotes the highest standards of data protection in the online gambling sector.
The Code of Conduct on Data Protection in Online Gambling sets long-term data protection standards for Europe’s online gambling sector and is intended to complement and reinforce the sector’s compliance with the GDPR. The Code is one of Europe’s first ever sector-specific self-regulatory initiatives to support compliance with the GDPR. The Code is part of EGBA’s wider efforts to drive standards in the online gambling sector and is in accordance with the GDPR, which encourages the use of sector-specific codes to support the proper application of its provisions[1].
The Code introduces specific measures and best practices on:
- Enhancing portability rights – including rules to enable customers to transfer their personal data from company to company in an easier and secure way (including rules for player account registration, transactions history, marketing preferences, etc).
- Supporting transparency – specifying what needs to be contained in a company’s privacy policy and which are the possible exceptions to the transparency principle, in view of the specificities of the sector.
- Protecting against breaches of personal data – online gambling companies are required to introduce a plan to prevent and/or mitigate against breaches of personal data.
- Establishing VIP accounts – how companies should establish player accounts for “VIP” customers in a way which respects privacy and the use of personal data.
- Safer gambling – how companies should balance a customer’s privacy rights against the need to protect them from problem gambling.
- Direct marketing – guidance on how to protect customer data during direct marketing and to prevent self-excluded customers from receiving direct marketing.
- Detecting fraud – measures to prevent fraud and ensure data is used to comply with applicable laws.
All EGBA members will adhere to the Code and it is also open for signature to other online gambling companies licensed in the EU/EEA. Compliance with the Code will be monitored by an independent third-party monitoring body.
In line with the requirements of the GDPR, the Code has now been submitted to the Maltese Data Protection Authority for formal approval of the Code’s compliance with GDPR. This is a process which involves data protection authorities in other EU countries, and the European Data Protection Board, and can last between 18-24 months.
“On the 2-year anniversary of the GDPR, issues around data protection, privacy and the use of personal data are still a concern for many European citizens. That’s why we’re pleased to introduce this new code which demonstrates the online gambling sector’s commitment to protecting the personal data of our 16.5 million customers and supporting the success of the GDPR. We’re pleased to be one of Europe’s first industry sectors to introduce a self-regulatory code which supports compliance with GDPR. Data, and how it is used, is playing an increasing important role in how citizens and business interact online – and the online gambling sector is no different. This code outlines how online gambling companies should ensure their customers understand how their personal data is being used and provides important guidance on how companies should use personal data in their interactions with customers, including how they identify and address problem gambling behavior in their customers.” – Maarten Haijer, Secretary General, EGBA.
[1] Article 40, General Data Protection Regulation 2016/679.
Powered by WPeMatico
The California Gambling Control Commission (CGCC) has scheduled a meeting of the Gaming Policy Advisory Committee (GPAC) for 1:00 p.m. on Tuesday, January 20, 2026.
The committee is established under Business and Professions Code Section 19817 to provide advisory recommendations to the Commission on regulatory policy, with a specific focus on integrity and problem gambling.
Meeting Attendance Information
The meeting will be conducted in a hybrid format, allowing for both in-person and remote participation.
-
In-Person Location: 2399 Gateway Oaks Drive, Hearing Room 100, Sacramento, CA 95833.
-
Virtual Access: Zoom Meeting Link
-
Phone Access: 1-888-475-4499 (Toll-free) | Meeting ID: 285 757 8614
Key Agenda Items
The agenda focuses on internal governance, regulatory controls for third-party providers, and administrative updates:
-
GPAC Roles and Responsibilities: A review of the mission statement, adherence to the Bagley-Keene Open Meeting Act, and expectations for member conduct and responsiveness.
-
Current Projects: Update and discussion on Third-Party Providers of Proposition Player Services (TPPPS) – Internal Controls, led by subcommittee members Kirill Yermanov and Michael Hill.
-
New Discussion Items:
-
Third-Party Provider Employee Table Coverage.
-
Procedures for Lost or Damaged Employee Badges.
-
-
Administrative Updates: An update on the Category G vacancy (Public Member with accounting/business background).
2026 Committee Composition
The committee consists of 10 members (expanding to 12 if pending legislation like AB 77 is finalized), split equally between the cardroom industry and the public.
| Member Name | Category / Role | Term Expiry |
| Trevor Dewar | Category A (Bureau of Gambling Control) | 12/31/2026 |
| Sosha Marasigan-Quintero | Category B (Problem Gambling/Addiction) | 12/31/2026 |
| Michael Hill | Category C (TPPPS Representative) | 12/31/2027 |
| David Fried | Category D (Cardroom with 25+ Tables) | 12/31/2026 |
| Michael Koniski | Industry Representative | — |
| Emmanuel Macalino | Industry Representative | — |
| Linda Ng | Public Representative | — |
| John Stacy | Industry Representative | — |
| Kirill Yermanov | Public Representative | — |
Advisors: Lisa Wardall (Executive Director) and Jason Pope (Chief Counsel).
The post CGCC Gaming Policy Advisory Committee (GPAC) Meeting: Jan 20, 2026 appeared first on Americas iGaming & Sports Betting News.
The wait is over: The Finnish Parliament has officially approved the new gambling legislation. In a decisive plenary session, MPs voted 158 in favor to 9 opposed, with 32 abstaining. The text remained unchanged from the version presented in previous weeks, solidifying the framework for Finland’s transition from a monopoly to a licensed market.
With the political uncertainty resolved, the focus now shifts to implementation. For operators, this means the race to compliance—and market entry—has effectively begun.
The Confirmed Timeline
With the legislation passed, the roadmap to the market opening is now set. Operators must use the coming months to prepare for a rigorous licensing process.
-
Early 2026: The application window is expected to open. The regulator will begin accepting and reviewing license applications.
-
2026 (Throughout): The “preparatory year.” This period is dedicated to vetting applicants, ensuring technical compliance, and establishing the new supervisory authority.
-
January 1, 2027: The regulated Finnish market officially opens. Licensed operators can go live with betting and online casino services.
Entering the Finnish Market with Nordic Legal
Navigating a new jurisdiction is complex, but it doesn’t have to be inefficient. With extensive experience advising on gaming licences across the Nordic markets, Nordic Legal brings a proven, practical approach to the Finnish process.
Efficiency Through Synergy If you already work with us in Denmark or Sweden, we ensure your Finnish licence application isn’t a “start from scratch” project. We build directly on our existing knowledge of your organisation and systems.
Your usual Nordic Legal contact will coordinate directly with our Helsinki team at no extra cost. This integrated approach saves you time and avoids the frustration of duplicating work you’ve already done for other Nordic licenses.
Our Approach We focus on smart compliance:
-
Reusing documentation where regulations overlap.
-
Anticipating regulatory questions before they are asked.
-
Aligning requirements for technical standards and responsible gambling.
-
Engaging constructively with the Finnish authority to ensure a smooth process.
The Finnish Licence Application Package
To support your entry, we offer a comprehensive package designed to handle the heavy lifting:
-
Translation of all required documents.
-
Guidance and completion of complex application forms.
-
Full project management from start to submission.
-
Direct communication with the Finnish regulator on your behalf.
Next Steps
The window for preparation is narrowing. Contact your usual Nordic Legal advisor today to discuss the new legislation or our Licence Application Package. Alternatively, reach out to us directly to secure your place in Finland’s upcoming regulated market.
The post Finland’s Gambling Reform Is Official – What Happens Next? appeared first on Gaming and Gambling Industry Newsroom.
Reading Time: < 1 minute
The Danish Gambling Authority has called attention to FATF’s (Financial Action Task Force) updated lists of high-risk jurisdictions: the Grey List (jurisdictions under increased monitoring) and Black List (call for actions). Among other things, gambling operators must include FATF’s lists of high-risk jurisdictions when risk assessing players.
Jurisdictions listed on the Grey List:
Algeria, Angola, Bolivia, Bulgaria, Cameroon, the Ivory Coast, DR Congo, Haiti, Kenya, Laos, Lebanon, Monaco, Namibia, Nepal, South Sudan, Syria, Venezuela, Vietnam, the Virgin Islands and Yemen.
Jurisdictions listed on the Black List:
Democratic People’s Republic of Korea, Iran and Myanmar
Gambling operators are required to conduct enhanced customer due diligence (EDD) pursuant to section 17(1) of the Danish AML Act, if a player is assessed to impose a higher risk of the gambling operator being misused for money laundering or terrorist financing.
Gambling operators shall conduct this risk assessment based on Annex 3 to the AML Act (high-risk factors) which includes the FATF high-risk country lists (the so called black list and grey list)
It is not required that gambling operators perform EDD if a country is listed on the FATF’s list. EDD are only a requirement for players from jurisdictions listed in the EU Regulation of High Risk Third Country list pursuant to. 17(2) of the AML Act.
The post Updated FATF Lists of High-risk Jurisdictions appeared first on European Gaming Industry News.
-
Five Elements Slot2 days agoPG Soft Concludes 2025 with High-Volatility Launch: Mythical Guardians
-
iGaming News 20262 days ago
Spinomenal Rings in 2026 with Japanese-Inspired “Kami Reign Ultra Mode”
-
Hold and2 days ago
Pragmatic Play Rings in 2026 with Joker’s Jewels Hold & Spin™
-
Bespoke Gaming Studio1 day ago
CreedRoomz and Casumo Forge Strategic Partnership to Elevate Live Casino Experience
-
Latest News2 days agoFrom ‘Mummyverse’ to Crash Games: Belatra Reviews a Landmark 2025
-
Button Blind2 days ago
Stretch Network Boosts Player Engagement with Year-End Platform Enhancements
-
B2B gaming software2 days ago
Gamblers Connect and BetOxygen Announce Strategic B2B Partnership
-
Latest News2 days ago
‘Chaos and Soul’: Ebaka Games Plots Global Expansion After Viral Launch
