Rank Digital Gaming (Alderney) Limited Public statement
Our public statements make reference to breaches of the Licence Conditions and Codes of Practice (LCCP) requirements which were in effect at the time of the breach. In some cases, the requirements have since been updated.
Rank Digital Gaming (Alderney) Limited trading as bellacasino.com, grosvenorcasino.com, meccabingo.com, meccagames.com
Key failings
- failure to comply with Social Responsibility Code Provision 3.4.1 paragraph 1 and 2 - Customer interaction, between October 2019 and February 2021
- failure to comply with Social Responsibility Code Provision 3.9.1 Paragraph 2 (b) - Identification of individual customers - remote, between June 2020 and February 2021
- failure to comply with Social Responsibility Code Provision 3.5.3 Paragraph 6 - Self-exclusion - remote between November 2020 and February 2021.
Operators are expected to consider the issues outlined above and review their own policies and practices to identify and implement improvements in respect of the management of customers’ accounts.
Introduction
Licensed gambling operators have a legal duty to ensure their gambling facilities are provided in compliance with the Gambling Act 2005 (the Act), the conditions of their licence and in accordance with the licensing objectives, which are to:
- prevent gambling from being a source of crime or disorder, being associated with crime or disorder or being used to support crime
- ensure that gambling is conducted in a fair, safe and open way
- protect children and other vulnerable people from being harmed or exploited by gambling.
Rank Digital Gaming (Alderney) Limited Executive summary
Following a compliance assessment of Rank Digital Gaming (Alderney) Limited (Rank) failings were identified, which resulted in the commencement of a section 116 regulatory review1 of its Combined Remote Operating Licence number: 038750-R-319345-023. The regulatory review found failings in Rank’s processes aimed at protecting vulnerable people. Between October 2019 and February 2021 Rank failed to comply with the Licence conditions and codes of practice (LCCP), specifically:
- paragraphs 1 and 2 of Social Responsibility Code Provision (SRCP) 3.4.1, requiring licensees to interact with customers in a way which minimises the risk of customers experiencing harms associated with gambling and to take into account the Commission’s guidance on customer interaction
- paragraph 2 (b) Social Responsibility Code Provision 3.9.1 - Paragraph 2 (b) requires that licensees who allow customers to hold more than one account must ensure that all accounts are monitored and that decisions that trigger customer interaction are based on behaviour and transactions across all accounts
- paragraph 6 of Responsibility Code Provision 3.5.3 - licensees must ensure that any individual who has self-excluded cannot gain access to gambling.
Taking into account remedial action taken by Rank and in line with our Statement of principles for licensing and regulation, Rank will pay a total of £700,557 in lieu of a financial penalty.
Rank Digital Gaming (Alderney) Limited Findings
The investigation and our subsequent regulatory review found:
Failure to comply with Paragraph 1 and 2 of social responsibility code provision (SRCP) 3.4.1 (Customer Interaction) between October 2019 and February 2021
Compliance with a SRCP is a condition of the licence by virtue of section 82 (1) of the Act. SRCP 3.4.1 (amended from 31 October 2019) states:
"1. Licensees must interact with customers in a way which minimises the risk of customers experiencing harms associated with gambling. This must include:
- identifying customers who may be at risk of or experiencing harms associated with gambling.
- interacting with customers who may be at risk of or experiencing harms associated with gambling.
- understanding the impact of the interaction on the customer, and the effectiveness of the Licensee’s actions and approach.
- Licensees must take into account the Commission’s guidance on customer interaction.”
Rank accepted that:
- the series of financial and non-financial safer gambling triggers used to proactively identify when customers may be experiencing harms were not always effective, in particular new customers being able to deposit at high velocity
- it was overly reliant on its £1,000 30-day net loss threshold to identify potential signs of problematic gambling and its processes for identifying other markers of potential harm were largely reactive
- customer interaction processes were overly reliant on setting proactive deposit limits, rather than carrying out affordability assessments to inform risk-based decision making
- it used average income data to set deposit limits which were, on occasion, set too high, and which made assumptions based on other open-source information which should have been corroborated against other independent sources of information.
Failure to comply with Social Responsibility Code Provision 3.9.1 Paragraph 2 (b) - Identification of individual customers - remote, between June 2020 and February 2021
This states: “Where licensees allow customers to hold more than one account with them, the licensee must have and put into effect procedures which enable them to relate each of a customer’s such accounts to each of the others and ensure that:
- b. all of a customer’s accounts are monitored and decisions that trigger customer interaction are based on the observed behaviour and transactions across all the accounts.”
Rank accepted that a small percentage of customers held more than one account and that some had circumvented the controls. Despite the relatively low numbers, it needed to protect customers who were limited by them or displayed at risk behaviours, from creating new accounts unchecked.
The Licensee has implemented enhanced controls for identifying duplicate accounts, particularly for restricted customers.
Failure to comply with Social Responsibility Code Provision 3.5.3 Paragraph 6 – Self-exclusion between November 2020 and February 2021
This states: “6. Licensees must put into effect procedures designed to ensure that an individual who has self-excluded cannot gain access to gambling.”
Following a platform migration in November 2020, the manual processes in place in respect of bellacasino.com and meccagames.com were not sufficient to mitigate the risk of self-excluded customers opening accounts across two platforms.
Rank accepted:
- that 1,416 customer accounts created on Bella Casino or Mecca games websites had been matched to a Rank self-exclusion.
The process for dealing with such breaches has post Assessment been significantly enhanced.
Rank Digital Gaming (Alderney) Limited Regulatory settlement
This regulatory settlement consists of:
- £700,557 payment in lieu of a financial penalty, which will be directed towards delivering the National Strategy to Reduce Gambling Harms
- agreement to the publication of a statement of facts in relation to this case
- payment of the Commission’s costs relating to the investigating of the case.
In considering an appropriate resolution to this investigation, the Commission has had regard to the following aggravating and mitigating factors:
Aggravating factors:
- the breaches could impact the licensing objectives
Mitigating factors:
- the extent of steps taken to remedy the breaches
- early recognition of the failings and timely disclosure of all relevant facts including a wider customer review into the extent of the failings
- Rank has been co-operative throughout its dealings with the Commission
- made an early offer of a regulatory settlement proposal.
Good practice:
Gambling operators should take account of the failings identified in this investigation to ensure industry learning. Operators should consider the following questions:
- do you efficiently record all compliance-related decisions and are you able to demonstrate to the Commission, on request, evidence of ongoing assessment, evaluation and improvement?
- do lessons learned from public statements flow into your policy and processes?
- do you have a formalised process for analysing the effectiveness of customer interactions to ensure that reviews were adequately documented and consistent in their approach?
- do you log the types of behaviour which have triggered a customer interaction and keep sufficient records of interactions, along with decisions not to interact especially in terms of the level of detail provided?
- have your staff received sufficient SR training?
- are the controls you have in place in respect of self-excluded customers appropriate – would they prevent a self-excluded customer from opening a new account?
- if a customer holds more than one account are the controls effective – are all accounts monitored and decisions that trigger customer interactions based, on the observed behaviour and transactions across all the accounts.
Footnotes
1 The Commission commenced its Regulatory review on 27 May 2021.