Malta Gaming Act

    Overview

    The Malta Gaming Act, Chapter 583 of the Laws of Malta, consolidates and streamlines Malta's regulatory framework for the gaming sector. It provides a single, overarching legal structure for all types of gaming services, including online and land-based operations, and it is enforced by the Malta Gaming Authority (MGA).

    Regulation Summary

    Timeline
    • Enacted: 1 May 2018
    • Came into force: 1 August 2018
    • Repealed and replaced previous legislation such as the Lotteries and Other Games Act and the Remote Gaming Regulations
    What Businesses Are Affected
    • Operators offering gaming services (B2C) or critical gaming supply services (B2B) in or from Malta
    • Includes online gambling, betting, lotteries, gaming software, and land-based gaming services
    • Applies to both local and international operators licensed by the MGA
    Exemptions
    • Certain low-risk games (e.g., non-profit bingo) may be exempt through regulations
    • National lotteries and activities outside the scope of gaming (e.g., promotional contests) are not regulated by this Act
    Responsibilities for Businesses
    • Obtain a relevant license (Gaming Service License or Critical Gaming Supply License) from the MGA
    • Adhere to obligations for player protection, anti-money laundering, and responsible gaming
    • Comply with technical and operational standards, including auditing and reporting requirements
    • Maintain fit and proper status for key persons and shareholders
    Specific Responsibilities for Website Owners
    • Clearly display the MGA license number and details
    • Provide transparent terms and conditions, responsible gaming tools, and contact info for support
    • Implement robust age verification and identity checks before allowing play
    • Offer mechanisms for player complaints and self-exclusion directly through the site
    Additional Requirements
    • Key functions (like compliance, legal, and data protection) must be held by qualified individuals
    • Risk management and internal controls must be documented and subject to review
    • Data protection rules apply, including GDPR compliance for processing player data
    • Annual license fees and gaming tax obligations apply, depending on activity type
    Individual Rights
    • Players have the right to access, rectify, or delete their personal data under GDPR
    • Right to restrict or object to processing, and to data portability
    • Licensees must provide privacy notices and respond to data requests within 30 days
    Enforcement
    • Regulated by the Malta Gaming Authority (MGA)
    • MGA has powers to audit, inspect, suspend, or revoke licenses
    • Administrative fines can reach up to €500,000 (approx. $540,000) per breach
    • Criminal sanctions may apply for operating without a license or fraudulent conduct
    illustration of contact means

    Questions?

    If you would like to learn more, our compliance experts are happy to support you.

    Leave us a Message
    support@clym.io
    +1 980 446 8535 +1 866 275 2596