Cookies on the Gambling Commission website

The Gambling Commission website uses cookies to make the site work better for you. Some of these cookies are essential to how the site functions and others are optional. Optional cookies help us remember your settings, measure your use of the site and personalise how we communicate with you. Any data collected is anonymised and we do not set optional cookies unless you consent.

Set cookie preferences

You've accepted all cookies. You can change your cookie settings at any time.

Skip to main content

Gaming machine and remote games information requirements

Licence condition 2.3.1) of the LCCP requires that all non-remote gaming machine technical, gambling software, and remote operating licence holders must comply with our technical standards and with requirements set out by us relating to the timing and procedures for testing.

The remote technical standards (RTS) and testing strategy for compliance with include several requirements for information that licence holders must submit to us.

For non-remote licence holders, our gaming machine technical standards and gaming machine testing strategy specify information requirements for those businesses.

Depending on the licences they hold, gambling operators are required to report the following information to us:

  • games test reports
  • games testing annual audit reports
  • security audit reports.

Games test reports (remote gambling and gambling software)

A key requirement of the RTS and testing strategy for compliance with the RTS is that remote gambling licence holders submit games test results and random number generator (RNG) test results to us.

This provides us with assurance that new games (or major updates of games) comply with the RTS. It also assures us that the RNG driven products such as casino, bingo and virtual betting, comply with our fairness specifications.

This requirement applies to all holders of:

  • gambling software licences and remote bingo operating licences
  • remote bingo (game host)
  • remote casino
  • remote casino (game host)
  • remote general betting standard (virtual events)
  • remote betting host (virtual events).

Licence holders must submit their games and RNG test results to us via the games register which is part of the  eServices digital service (opens in new tab).

The games register allows licence holders to add entries, withdraw entries and reinstate entries. It also offers options of bulk processing of additions or withdrawals, and for licence holders to download a register of the games/test results they have registered with us as a .csv file.

If you hold a gambling software licence, the new system allows you to add details of the game and relevant test reports. This will generate a unique game register reference, which you will supply to gambling businesses who provide the game to players. 

Game and RNG testing must be carried out by an approved Test House.

Warning Satisfactory testing is to be completed and the report submitted to us before a game is released for play.

If you experience technical issues preventing you submitting games test or RNG test reports to us, you should capture evidence of the problems experienced and contact us to discuss.

B2C licensees who use the services of a B2B for the provision of gaming content must still maintain their own up-to-date games register (within our eServices games register system) for any games offered directly or via the B2B.

Games test reports (gaming machines)

Our gaming machine testing strategy requires gaming machine technical licence holders to conduct testing on new games and submit the results to us.

When a game has been tested, the Test House’s summary report should be sent by email to machinetestreports@gamblingcommission.gov.uk.

Games testing must be carried out by an approved Test House.

Warning Satisfactory testing is to be completed and the report sent to us before a game is released for play.

Licence holders are to keep the full test result report for each game and make this available to us on request.

If you experience technical issues when submitting the games test report to us, you should capture evidence of the problems experienced and contact us to discuss.

Games testing annual audit reports

Our testing strategy for compliance with the RTS requires licence holders to conduct an annual games testing audit and to send this to us.

The requirement for an annual games testing audit applies to those licensees that hold a:

  • gambling software licence

and at least one of the following:

  • remote bingo operating
  • remote bingo (game host)
  • remote casino
  • remote casino (game host)
  • remote general betting standard (virtual events)
  • remote betting host (virtual events).

Games testing annual audits report are not required from gaming machine technical (non-remote) licence holders.

The audit must be carried out by an approved Test House and the report counter-signed by a Personal Management Licence holder (or specified person) for your business.

Further details on games testing audits are in Section 4 of the testing strategy.

Licence holders must submit their games testing annual audit report to us, by uploading the report, via the audits part of the eServices digital service (opens in new tab).

You must do this annually, within 4 weeks after the audit period end date. Licence holders are each allocated to a submission pool, which dictates their audit period.

Audit periods for each submission pool are:

  • Pool 1: 1 July – 30 June following year
  • Pool 2: 1 October – 30 September following year
  • Pool 3: 1 January – 31 December following year
  • Pool 4: 1 April – 31 March following year.

If you experience technical issues that are preventing you from submitting the games testing annual audit report to us via eServices, you should capture evidence of the problems experienced and contact us to discuss.

Security audit reports

Our RTS and testing strategy for compliance with the RTS set out that remote gambling and specified remote lottery licence holders must ensure that an annual security audit is carried out by an independent and suitably qualified auditor. This is to assess compliance against the security requirements of the RTS.

Further details on the annual security audit requirements are contained within our security audit advice. It is based on relevant sections of ISO/IEC 27001.

Licensees do not need to send completed security audits to us, unless we request it, or a major non-conformity is identified during the audit.

If a major non-conformity is identified, you must notify us by emailing securityaudit@gamblingcommission.gov.uk attaching a copy of the full information security audit report, including management responses. If we request a copy of a security audit report, it must be submitted to us within 7 days. The written request will explain how to submit the report.

Is this page useful?
Back to top