Leaders in
Remote Gaming

Kyte Global, with its long-standing involvement in the remote gaming industry dating back to 2000, offers comprehensive assistance in licensing processes and system certification reviews/audits. Additionally, Kyte is an approved ISO 27001:2013 Lead Auditor and can conduct security audits required by regulators like the UK Gambling Commission and the Hellenic Gaming Commission (HGC).

Malta has continued to be one of the most favoured jurisdictions for the establishment of a remote gaming operation. Malta’s popularity is based on the fact that it has an eco-system that has evolved to cater for gaming operations; it has a first class legal and IT infrastructure; a trained work force demanding competitive salaries; very reasonable office rent; and, overall quality of life and mild weather.

To set up in Malta you need someone set up locally with the right knowledge about the licensing process, and who is able to guide you and assist you from start to finish at the pace you want to. Kyte’s management and staff have been involved in the remote gaming industry since the year 2000 when the first operators started to set up a local operation. Kyte’s directors were the first to be accredited by the Malta Gaming Authority to carry out certification reviews on their behalf. Kyte are still carrying out such reviews and are therefore, fully knowledgeable about everything that is going on in the remote gaming industry in Malta.

Kyte is also an approved ISO27001:2013 Lead Auditor and can conduct security audits for regulators such as UKGC who require such audits as part of licensing conditions.

In addition to full licensing assistance, Kyte can also prepare you for the system certification review by advising on the requirements and eventually carrying out a mock review before the actual one is carried out. In this way our customers sail through the system audit without any serious issues raised.

It is important to note that internally Kyte possess all the knowledge and expertise to assist you with all the remote gaming services you require to obtain a license and to set up a compliant operation. This ensures you keep one point of contact, but more importantly it gives you peace of mind that costs are fixed on the outset and you don’t have to shop around for other services you may require.

To find out more about the remote gaming licensing process contact us for more information.


FAQs

Why is Malta a preferred gaming jurisdiction?

Apart from a favourable tax environment and a sound reputation, Malta has a mature eco-system that has been created over a span of 19 years from when it offered its first remote gaming licenses for sportsbooks in 2000. Malta’s license is also not restricted to Malta or EU for accepting bets and therefore, is preferred by those with a global outlook for the provision of betting services.

What types of licences are available in Malta?

There are two main categories of gaming licences, the critical supply licences for B2B operators and the gaming services licence for B2C operators. The game types or verticals are divided into four different ones, namely:

  • Type 1 – RNG games such as casino, lotteries.
  • Type 2 – Fixed odds betting.
  • Type 3 – Peer to Peer games such as bingo, poker, pool betting.
  • Type 4 – controlled skill games

You can apply for a B2C or B2B licence and one or more game types. The licence fees remain the same, however, compliance contributions will vary based on the number of game types you apply for. B2Bs do not pay any compliance contribution and just pay the annual licence fee which is based on the revenue of the previous years.

There is also a corporate group licence which was designed to facilitate group structures where supplies of various services are provided by different entities and also gaming services provided by different entities. The corporate group licence is necessary so that entities within the group that provide services only to group companies do not need to obtain separate licences. To qualify as a group company 90% of the shareholding must be the same.

 

I am a start-up. Are there any special dispensations available for us?

One of the areas that had to be tackled carefully with the new licencing regime was the matter of start-up companies and the necessity to give them time to start generating turnover and revenues. Consequently, the Directive of Start-Up undertakings was published wherein it lists a number of conditions that if satisfied will exempt the company from payment of compliance contributions for the first 12 months.

What are the annual licencing costs for a standard iGaming operator?

The annual licence fee for a B2C licence is fixed at €25,000. There is a €5000 licence application fee to be considered. The other costs relate to the Game Types included on the B2C licence and each game type has a minimum and maximum annual contribution which is calculated on the GGR of the operator per game type. There is also a 5% gaming tax on GGR generated on Maltese players.

Do I need to have a company in Malta to obtain and maintain an iGaming licence?

It is not a requirement to have a Maltese company and any EU/EEA entity may apply for a Maltese gaming licence. However, it is recommended to have a local company due to various advantages designed for gaming companies in Malta.

How long does it take to get an iGaming licence, from application to issuance?

Whilst it cannot be guaranteed, a well presented and documented submission should take between 12 -16 weeks from submission to be reviewed and the licence issued by the MGA. Of course, one needs to take into consideration the timing of the submission of the application and holiday seasons as well as the promptness in replying to any queries raised by the MGA.

If I have a licence and I want to start offering new products is it a complicated process?

The new licencing regime was mainly designed to reduce the complications of adding new products. As igaming operators are always looking to add new games to their offerings a simpler procedure was required. Previously, a separate licence was required for each new content provider. Now, if the game type / vertical is already approved on your B2C licence you are required to submit a notification to the MGA, via the Portal, within 5 days of going live. If it’s a new vertical you want to offer, say adding in a Type 1, then you need prior approval. But it is a much simpler and faster.

How do I know if I need a licence, I only offer back-office software?

It all depends on how you offer the software. If you are hosting it and managing it on a day to day basis and you process data such as player data, betting data which fall within the description of regulatory data you will require a B2B licence of the lesser type (3 [b]). If you also manage the game, e.g. RNG or in the case of sports betting you handle the risk management then you will need the full licence (3[a]).

I provide Risk Management and Customer Support services, do I need a licence?

No, you would not require a licence. These and other types of supplies listed in the regulations fall within the category of Material Gaming Supply. It is optional to obtain a certificate from the Malta Gaming Authority. However, if you do not obtain the certificate, each operator you supply the service to will need to get you approved. A full list of supplies categorized as being Material Gaming supplies can be found in the Gaming Authorisation Regulations – 3rd Schedule.

What is ADR? Do I need to do something?

This is a requirement that is stipulated in the new Gaming regulations but emanates from the Consumer Affairs (MCCAA) Act. All operators are to find a licenced Alternate Dispute Resolution arbitration provider, inform the MGA and insert the necessary details on the operator’s licenced websites. Should an operator enter into a dispute with a customer the customer can resort to the ADR provider to air his complaint and ask for intermediation.

I outsource all my IT and systems to a licensed operator. Do I need to do the risk assessment on essential components?

There should be no need to do so if you have no essential components under your control. The entity from whom you are receiving these services should have carried out the risk assessment therefore you would not need to do another one yourself.

 

Can key functions be outsourced?

Yes, all the key functions can technically be outsourced with the exception of the Money Laundering Reporting Officer function. The person satisfying this role must be an employee or officer of the company. The persons need not be resident in Malta. One person can occupy more than 1 role but they must not be conflicting roles. Each person, unless already approved by MGA, would need to undergo due diligence exercise and obtain the relevant certificate from the MGA.

Do I need to come to Malta to obtain the licence?

It’s always a good idea to meet the regulator, however, it is not essential or mandatory to come to Malta. There are other opportunities to meet the Regulator, such as during events such as conferences and/or exhibitions. All documentation can be prepared and delivered using various modes of communication and courier services, depending on the type of documentation. For example, due diligence documents need to be sent in original, or certified true copies. Policies and procedures can be exchanged in soft copy.

Do I need to have all my software and hardware in Malta?

The MGA allows parts of the gaming and control system to reside in the cloud or at data centres in the EU/EEA. However, the MGA requires that real live replication of the regulatory data is effected onto servers in Malta.

Do I need to have an office, director, presence in Malta?

You definitely need a registered address in Malta to satisfy the companies act. For various other reasons it is always advisable to maintain a physical presence in Malta and carry out key functions in Malta. The Board meetings should also take place in Malta.

I heard that its difficult to obtain a bank account, is this true?

Yes, it is a fact that finding banks that accept gaming operators are few and far between and each have their own specific requirements or exceptions. However, eventually we always manage to find a bank that will accept properly licenced gaming operators. We are hoping that with increased regulation and with gaming operators becoming obliged entities under AML regulations, banks will become more open to considering gaming operators as clients. Fees charged by the banks are also quite high as they consider the accounts to be high risk and high maintenance.

 

Raising standards since 2006.

Kyte Global, with clients in over 65 countries has established itself as a unique company providing a one-stop-shop to all your information security and compliance requirements.

At Kyte Global we attempt to add value in everything we do. Our services have evolved as a result of the growing needs of our clients. Regulations keep getting stricter, compliance requirements keep getting more onerous and clients find themselves spending more time addressing these issues rather than focusing on their business. At the same time, resources with the right knowledge and experience are hard to come by. Kyte Global tries to tackle these issues by providing a one stop shop to all the client’s needs. Kyte Global understands that Compliance is an effective way of ensuring that controls are implemented.

Internally, Kyte Global is organised in teams, each dedicated to a specific service, usually revolving around a specific standard or regulation. Some of these are PCI DSS, ISO 27001, GDPR, Internal Audit, AML, Gaming, Penetration Testing, Training to name a few. Each team is made up of trained professionals, all experts in their own field.

Over the years, Kyte Global has established partnerships with suppliers that develop and implement industry leading solutions so that it can make recommendations to clients who require such services or products. Kyte is proud to have a network of partners that can assist its clients, big or small, in virtually all of the industries it operates in.

>

News & Insights

Stay informed with our dynamic News and Insights section, where we share timely updates, industry trends, and expert perspectives to keep you ahead of the curve and informed about the latest developments in the field. Explore a wealth of valuable resources that empower you with knowledge and actionable insights for informed decision-making.

Kyte Global at Seamless Middle East
Wednesday, 22nd May 2024

Kyte Global's team actively participated in Seamless Middle East. The event provided a valuable platform to connect with industry leaders and explore the latest trends in information security and compliance. Kyte Global showcased its expertise in ISO 27001, PCI DSS, and SOC 2 compliance, all crucial for building trust and ensuring secure transactions in the digital sphere. By attending Seamless Middle East, Kyte Global positioned itself as a vital partner in the journey towards a more secure and sustainable digital future.

Continue reading
Kyte Talks Insights in Information Security and Compliance
Thursday, 16th May 2024

Kyte Global is proud to announce the inauguration of Kyte Talks, a series of formal discussions designed to elucidate the dynamic landscape of information security and compliance. These enriching sessions will convene esteemed industry experts to share their knowledge and address critical issues confronting businesses in today's environment.

Continue reading
Bridging the Gap How ISO 27001 Compliance Paves the Way for DORA Success
Friday, 22nd March 2024

DORA aims to ensure that financial institutions possess the operational resilience to withstand and recover from disruptions, including cyber attacks. This aligns perfectly with the risk-based approach advocated by ISO 27001, which establishes an Information Security Management System (ISMS) to identify, assess, and mitigate information security risks.

Continue reading