One of the salient changes which shall be brought about by the new Gaming Act, as of 1 August 2018, is that licensees are required to identify the persons responsible for the key functions as defined at law. Such persons are, in turn, required to undergo the MGA’s scrutiny in order for the Authority to assess their fitness and propriety. The persons who fulfil the necessary criteria shall then be issued with a key function certificate for the relevant function or functions.

1) Licensees are invited to inform the Authority at the earliest of any key functions which shall be fulfilled by one or more persons that have already been assessed and approved by the MGA, either in their capacity as employees of the licensee or due to the fact that under the Remote Gaming Regulations (S.L. 438.04) they provide the services of Key Official to the licensee. This will allow the Authority to commence preparations for the relevant key function certificate to be issued in due course.

2) Persons not already known to and approved by the MGA, who have been earmarked to provide key functions, shall be notified to the MGA between the 1 August 2018 and the 30 September 2018 and shall, during such timeframe, submit all the required documentation.

3) Until such time as all key persons are notified to, and assessed by, the Authority, the responsibility for the vacant key functions shall vest temporarily in the Key Official appointed under the Remote Gaming Regulations.

In terms of article 9 of the Gaming Authorisations and Compliance Directive, the following conflicts in key functions have been identified by the Authority:

1) Compliance-based roles are incompatible with roles centred around the growth of the business.  In particular, the Chief Executive role, responsibility for the licensee’s finances (except responsibility for the payment of tax and fees due in terms of law) and responsibility for marketing and advertising are incompatible with the following roles:

(i) Compliance with the licensee’s obligations emanating from the MGA licence/s;
(ii) Player support;
(iii) Responsible gaming.

2) Without prejudice to the above:

(a) the person responsible for the prevention of money laundering and financing of terrorism is also expected to refrain from taking on other responsibilities which may conflict with his functions in such role, or which otherwise conflicts with such function or prejudices the person’s effectiveness and independence in such role, including but not limited to the Data Protection Officer;

(b) the Data Protection Officer role is incompatible with any other role that manages or otherwise controls personal data, or which otherwise conflicts with such function or prejudices the person’s effectiveness in such role, including but not limited to the Money Laundering Reporting Officer;

(c) the person responsible for internal audit is normally expected not to hold any other function.

For the avoidance of doubt, the above is meant as prima facie guidance and is without prejudice to requirements stemming from other applicable legislation regarding certain functions, including but not limited to requirements relating to the Money Laundering Reporting Officer and the Data Protection Officer. The operational structure of each licensee is different, and therefore it is the responsibility of each licensee to ensure that conflicting functions are not exercised by the same person.

Notwithstanding the above, in light of the fact that this segregation of roles is necessarily burdensome from a resources perspective, start-up undertakings as defined in the Gaming Licence Fees Regulations, and recognised as such by the Authority in line with the Start-Up Undertakings Directive, may be allowed to have a single person conduct roles which may prima facie appear conflicting, during the first year of operation, if the Authority is satisfied that the integrity of the licensed operation will not be negatively affected.

Furthermore, such undertaking shall not be required to have a person responsible for the key function of internal audit, during such first year of operation. This is without prejudice to requirements stemming from other applicable laws.