Connect with us

EEG Reports

EEG Review Testing Certifications in the EU



Zoltan Tundik(EEG): Which legal acts of EU (laws, regulations, rules, ordinances, interpretations, instructions, letters and others) contain requirements and standards for certification/testing of the products of online betting (virtual games, races, wheel of fortune, poker) and online gambling (slots, live casino, poker)? (Please specify the type).

Andrew Rosewarne: All the countries in Europe that have regulated online gaming have produced their own regulations and have their own licensing and enforcement bodies. NMi are approved to provide testing and certification in all 14 EU member states, that allow online gaming activity by international operators. There are also another half a dozen European jurisdictions that are not part of the EU. The remaining member states either have restricted operations or prohibit the activity. The most recent member states to regulate have been Portugal, Romania, and Lithuania.

Z.T.: Which requirements apply to the laboratories that carry out the above said certification/testing?

A.R.: The minimum requirement to be approved as a testing laboratory in most jurisdictions is accreditation to ISO 17025, the general requirements for the competence of testing and calibration laboratories. This is the same accreditation that is held by laboratories in other industries, drug testing for elite athletes being one that most people are aware of.

Some jurisdictions allow ISO 17020 as an alternative to ISO 17025 and many also require individual qualifications of the laboratory staff, some to masters level or beyond, mathematics being a common specified requirement.

Of course there are extensive background checks into owners and staff as well and some jurisdictions are requiring monetary guarantees to assure the company is on a strong financial footing, Romania being the most recent, asking for assurances of a quarter of a million Euros.

ISO 27001 seems to be emerging as the default security standard that regulators impose on online gaming licenses, either specifying a subset of that standard themselves or accepting full certification as an alternative.

In most cases the regulators are happy to have qualified ISO 27001 lead auditors or equivalent (CISA, CISSP) carry out the work, although an audit firm requires an ISO 17021 accreditation to certify an operator to ISO 27001.

Z.T.: Are there any universal standards/requirements for all or most EU member states?

A.R.: Gaming is not subject to the EU principle of mutual recognition, whereby if a product can be lawfully sold in one EU member state, it can automatically be sold in all others. Therefore, a license in the UK does not automatically allow operators to serve Portuguese citizens.

Having said this, there are two ways to potentially reduce the cost of certification across multiple regulated jurisdictions. Firstly is the International Association of Gaming Regulators (IAGR) Multi-Jurisdictional Testing Framework (MJTF), newly agreed upon by the UK, Denmark, Alderney, and The Isle of Man. The IAGR is an international body, but all regulators that have signed up for the MJTF are coincidentally based in Europe, with two member state gaming commissions present. A regulator participating in this scheme will recognise testing performed to this standard as sufficient for their jurisdiction without the need for unnecessary testing duplication or reporting requirements. It is anticipated that future phases of the framework will incorporate additional participating jurisdictions and scope of activities as only the Random Number Generator (RNG) portion if testing currently falls under the MJTF.

Secondly, whilst there isn’t a single Europe-wide technical standard for either the land based sector or iGaming, there has been some convergence of standards across many regulated jurisdictions worldwide.  This has meant that at an operational level, it is possible for test labs to offer Transfers of Approval (ToA) across many regulated jurisdictions. In essence, this means testing a particular game for several jurisdictions at the same time. This ensures savings for the operators as any requirements that are repeated across any jurisdictions are only tested once. The test lab will then provide a set of test reports for each jurisdiction. This ensures significant savings as well as being able to launch games across many jurisdictions at the same time.

As previously mentioned the widespread adoption of ISO 27001 as a universal security standard is another example of this. After some initial work in aligning the time frames, it would not be unreasonable for a typical international operator to expect a single annual audit to cover the requirements for all jurisdictions in which they operate and full ISO 27001 would mitigate the need for any additional reporting to many regulators.

Z.T.: If each EU country has its own standards/requirements regarding the above said certification/testing, is it possible upon completion of the certification/testing in the EU country with the strictest requirements to use further those certificates in the other EU member country with milder requirements? Or shall the operator carry out the above said certification/testing every time in each EU country he wants to operate?

A.R.: There is plenty of scope for re-using testing carried out in one jurisdiction for the purpose of certification in another. Examination of the game engine and underlying game mathematics is a common example of where this is possible, and with some jurisdictions requiring extensive reports around randomness and volatility, well beyond simple returns analysis, testing to the highest standard initially ensures, as long as the maths remain the same, we don’t need to visit the game maths again for future certifications. We can generally find savings anywhere where software components can be demonstrated to be unchanged.

Of course starting with the most stringent requirements involves extra effort on both sides so it is helpful if our customers understand which markets they are targeting early by defining a regulatory roadmap so we can tailor our testing accordingly.

In areas of localization many requirements cannot be defined as more or less strict, but rather just different, and it is difficult to define any one jurisdiction as the high bar.

Z.T.: What kind of certificates (RNG certificate, games report certificate) will be sufficient for owner of the online casino or owner of the betting shop to promote its products (slots, roulettes, virtual games for betting) in the frames of b2b contracts within EU in order to comply with the requirements of the EU legislation in this part?

A.R.: A B2B supplier should be able to have their content tested once by a reputable gaming laboratory, for a target jurisdiction, and expect that those results will be able to be used by multiple operators that they supply. Of course, it is essential that the laboratory acting for the B2B is approved in the jurisdiction where the certification is sought.

As previously mentioned EU legislation is not a factor in current gaming regulation and B2B suppliers are treated in a variety of ways among the jurisdictions regulating online gaming. While most jurisdictions licence B2B suppliers this often just takes into account probity checks and doesn’t cross over into the technical side of the business.

At one end of the scale, B2B suppliers hold no status with the regulator with responsibility for the certification of the software system, in its entirety, lying with the operator. In these cases, gaming labs have had to come together in a spirit of mutual respect with the lab carrying out the operator certification considering the acceptance of testing reports from other accredited laboratories acting for the B2Bs. Other jurisdictions licence B2B suppliers and acknowledge their status to varying degrees.

Most jurisdictions also require the operator to complete integration testing of the product on the operator platform to ensure the correct communications and allocation of responsibilities between the two systems.

Z.T.: Are there any EU member states recommendations made by the public authorities, expressed in any form, regarding addressing to specific laboratories performing testing / certification in the EU? Or does the choice of lab entirely depend on the owner of the online casino website or the owner of the online betting website. May it happen that some laboratories have accreditation in particular countries?

A.R.: The vast majority of EU member states where online gaming is regulated maintain a list of laboratories from which they will accept reports or certifications. As this requires an application from the lab to the regulator, and the level of probity varies, not all labs are approved in all areas, and many labs operate in only one jurisdiction.

Denmark has adopted a different approach, only requiring ISO 17025 or ISO 17020 approval, but has supplemented this with ongoing requirements around the qualifications of the people carrying out the work.

In a small number of cases the lab is contracted and paid by the regulator, allocating the project without any consultation with the operator. In these instances the report may be delivered directly to the regulator as well as the operator.

However in the vast majority of cases, it is up to the operator to select a lab from those approved by the regulator, negotiate the contract and receive the certification or test report themselves for filing or passing to the regulator.

Z.T.: Which of the products of online betting (live events (sport, poker, lottery), virtual games (racing, wheel of fortune, poker ) ) and online gambling (slots, live casino, poker ) are subject to the above testing/certification, and for which is this procedure not obligatory?

A.R.: Again this varies from jurisdiction to jurisdiction but most regulators are now consistent in requiring certification of all products.

The recently published certification requirements for Romania include a clause requiring the assurance of “the accuracy, integrity, reliability, safety, transparency and confidentiality of all the activities and functions performed” by the gaming platform.

There is a particular focus on activities that are not visible to the player so many regulators specify specific tests around randomness and player returns in online slots and casino gaming, The reasoning behind this is that a player not being paid correctly on a winning sports bet would have no difficulty recognising this and taking it up with the operator, but a departure from randomness in a roulette or slot game, or other manipulation of an electronic game, could take place out of the players sight and is unlikely to be detected in a normal gaming session.

Bingo maintains a special status, exempting it from certification or testing in some jurisdictions.

But regardless of what regulators require, more than ever we are seeing operators themselves raise the bar on testing activities as they seek to limit risk in what is becoming an increasingly mature financial services industry. The modern gaming compliance manager has little appetite for the risk involved in leaving areas of their business outside the scope of independent certification.

Z.T.: In which areas of the European Union is your company licensed to conduct testing and certify products?

A.R.: NMi are licensed to provide testing, or our reports are accepted without the requirement for a license, in all EU member states allowing online gaming activity by international operators, as well as covering jurisdictions in Canada, South America, the Caribbean, and Asia.

NMi have recently been granted a Class 2 license to certify and audit in Romania and we are very proud to be one of only two labs approved there to date and to be able to provide this continuity of service to our loyal customers. Many of our customers are global players with expansive business strategies so our ability to cover all areas is important to them.

Romania is the culmination of a lengthy and time-consuming process for NMi’s regulatory team, requiring significant investment, but the experience of achieving approval in more than 25 i-gaming jurisdictions has stood us in good stead.

NMi are accredited, or have reports accepted, in Belgium, Bulgaria, Croatia, Denmark, Estonia, Hungary, Italy, Latvia, Malta, Portugal, Spain, the United Kingdom and most recently Lithuania, and of course Romania.

Continue Reading
European Gaming Virtual Quarterly Meetups
Click to comment

Notice: Undefined variable: user_ID in /home/eegaming/public_html/wp-content/themes/zox-news/comments.php on line 49

You must be logged in to post a comment Login


Casino Technology announces Valentina Dobre as new Regional Director for Romania



Gaming equipment manufacturer Casino Technology has announced a new appointment for Romania to further strengthen the company’s management.

Following its steady plan for continuous market growth, the company named Valentina Dobre as Regional Director for Romania as of 1st of August 2017.

The company claims with Mrs Dobre’s profound expertise, professional background and in-depth knowledge of the gaming industry in the country, she became part of Casino Technology team, ready to implement the overall corporate strategy.

Valentina Dobre commented: “I am honored to accept this position and be part of the high level management team of Casino Technology. I will pursue actively further company positioning and growth on the Romanian market. Casino Technology has been on the country’s market for over 10 years and proved to be leader, having maintained trusted partnerships with local operators and customers.”

Casino Technology stated that Mrs Dobre’s background as Member of the Board of Directors at Romslot Association, Bucharest will additionally increase the Casino Technology market share.

“Valentina Dobre is an important appointment as she brings extensive knowledge of the market, that will help us boost even more our presence in Romania. She will have a crucial role in our further expansion, launching successfully our new line products on the market”, concluded Milo Borissov, Founder, President and CEO of Casino Technology.

Continue Reading


Two major announcements from BEGE Expo and EEGS: Mark your calendars



The Balkan Entertainment & Gaming Expo (BEGE Expo) and the Eastern European Gaming Summit (EEGS) celebrate their 10th anniversary this year. Due to the big interest for both events the organizers made two major announcements – BEGE will outspread in one more hall and EEGS will start one day earlier than the announced date.

Over 50 leading companies from the industry have already confirmed their presence for BEGE Expo 2017. Well-known leading manufacturers, amongst them being Novomatic, Casino Technology, EGT, Suzohapp, BetConstruct, Interblock, Merkur Gaming, APEX, Alfastreet Trade, Nsoft, JPL and CPI, as well as new participants, such as the leading sports betting company Bet3000 (IBA-Entertainment Ltd.), EXEFEED, Quixant, Zitro, Change Italia s.r.l., Gamebridge Casino Equipment, JCM Europe GmbH, nano Vo sp. Z o.o., Berkotech Kft. and others will exhibit their latest solutions at this year’s BEGE. The great interest for the event forced the opening of new hall, thus making the 10th edition of BEGE Expo the biggest so far.

The registration is already open so you wouldn’t want to miss the chance to register.

Another newness that BEGE Expo 2017 will present is the special Affiliate zone. Following the expansion of the online business in the region, this year the exhibiton will create space for online operators and affiliates from the region to interact and create business partnerships. Affiliate program providers will be able to book their own space in the zone and all affiliates will be admitted for free.

EEGS also promises to reach new heights this year. Reschedule your calendars, because EEGS 2017 will start on 20th of November – one day earlier than intended. This year’s EEGS will continue to follow its main aim – to present the most recent updates from the region, including the countries Serbia, Romania, Greece, Bulgaria, Albania, Slovenia, Montenegro, F.Y.R of Macedonia, the Czech Republic, Slovakia, Poland, Turkey and Croatia.

Separate sessions will be dedicated to Sport Challenges, Impact on gaming operators by Anti-Money Laundering Act, GDPR and online gaming. Day 3 will be focused on Tourism & Gaming, Responsible Gaming Academy and marketing topics.

BEGE Expo and EEGS have gradually established as a center for the gaming and entertainment industry in Eastern Europe and for 10th year in a row will be the place where professionals from the field come in order to expand their business, exchange knowledge and promote new products. For any updates you may follow the official websites of the events: and


Continue Reading

EEG Reports

Habanero signs an outstanding deal with BBIN



A new partnership agreement will see content from quality slots and table games developer Habanero go live with the BBIN Group.

Under the agreement, the supplier will give the software company access to its complete product portfolio of HTML5 games for all of its white label sites.

Recent releases from Habanero, including Fire Rooster, Bird of Thunder, and Panda Panda, have also been made available to the aggregator.

Daniel Long, Head of Sales at Habanero, said the deal was a game-changer for the supplier and one of the company’s most important to date.

He added: “By partnering with BBIN, we have significantly expanded our presence around the world, which means even more players will be able to enjoy our games.

“Many of them will be a natural fit with BBIN’s customers, but it is the diversity and variety of content that will appeal the most.”

Habanero operates a stable of 75 video slots titles, 9 table games, and 50 video poker titles, which are integrated into over 45 operators and aggregators and available in 21 European and Asian languages.

Continue Reading


We are constantly showing banners about important news regarding events and product launches. Please turn AdBlock off in order to see these areas.