OneComply: can technology move the needle on gaming compliance?

We all know the importance of compliance in the gambling industry, and unless you’ve been living under a rock for the last few years, we’ve all heard stories about the regulatory fall-out when an operator doesn’t play by the rules.

But as more states begin to legalize online gambling, sportsbooks and casinos are presented with a whole host of new compliance requirements – many of which can be quite tricky to keep up with. 

One way to stay up to date with new and existing regulations is through technology. That’s according to Cameron Conn, CEO of OneComply. As the company name suggests, OneComply specializes in all things compliance with the North American region being in its wheelhouse.  

Conn explained that it’s become increasingly important to analyze the different regulatory technologies available to remain compliant with regulations across the US. This is particularly apparent when it comes to expanding into new markets.

He said: “I think there’s a lot of issues that technology can help solve when it comes to gaming compliance. The biggest thing that we see is communication and scale. Talking about the digital side of gaming, we’ve seen companies that have siloed departments – those departments are in charge of managing really important compliance tasks. 

“While they may be using great technology to manage those items, the compliance intellectual property (IP) is remaining with the key individuals within that team. The information is not being communicated higher up the chain, unless there’s a failure – and then it’s too late. 

“When you then start adding in jurisdictional scale to that equation, the impacts are then multiplied. There is really great technology available in all areas of compliance – whether that’s AML, KYC or licensing – but it is still relying very heavily on the siloed individuals within that company. 

As the gaming industry continues to mature, Conn explained that all stakeholders need the ability to draw upon new technologies to better communicate – and more importantly, understand – compliance requirements. 

“We need to start to bring this holistic technological view of all of these things that are constantly trying to impact the company in a negative way, and just providing more optics to show how important how many different moving pieces there are to compliance within an organization,” he added.

Conn argued that technology has a major role in ‘moving the needle’ on compliance requirements, something he believes has become particularly apparent at a time when “every company is racing to gain market share”.

Gambling companies face an uphill battle to gain market share when trying to get their compliance plans in order. The OneComply CEO stated that having a set roadmap in place, combined with a centralized regulatory data hub, can ease this headache.

Conn said: “Right now, every company is racing to gain market share. That’s either expanding their offering within one jurisdiction, or scaling their business to multiple jurisdictions. We’re all chasing this expansion but not really creating our own bread crumbs or roadmaps. 

“While we’re on that chase and we’re trying to enter a new market, we need to make sure that we have all of our ducks in a row for that very moment the race for market expansion begins. Then the focus shifts towards expansion, and not about preparation for a new market entry.

“That’s the big risk – while we’re going through this process, we should not only be creating our roadmap to get to market, but to maintain our position in that market too. A lot of this roadmap creation is done during the initial market entry stages.

“That’s what we’re seeing with a lot of clients is they get to market, they start to collect a little bit of regulatory data and then they’re kind of going back to fix all these things instead of saying ‘hey, on the first of every month, here’s what needs to happen. Here’s who’s accountable. Here’s how we fact check’. 

“But as it stands, there’s very little checks and balances once again because this process is entirely siloed. Unfortunately this means that we’re not seeing the smoke until the fire in a lot of cases.”

The disparities in regulatory data can often make the creation of any roadmaps difficult, Conn added.

As it stands, approximately 95% of the data across different states is in a standardized format. The difficulty comes during the data processing phase, which is often when state legislatures may choose to request different forms of information and specify different requirements. This, Conn explained, is where technology can step into the limelight.

“I think that’s where technology has the opportunity to highlight the standardization,” he continued. “We do it currently with licensing. We have 200,000 points of data now which covers all various different pieces between each jurisdiction. It’s our job to amalgamate that data and migrate it into a form that works for different license applications. That’s no different than doing internal control standards. 

“This also has responsible gambling implications – we don’t want people to be able to gamble when they’re on the list. For the most part, the data to be able to perform that function is the same. The differences between states only tend to be minor material changes, reporting styles etc. It’s just done at a different cadence, it’s a different style. 

“The requirements of when those things need to happen are different. But once again, the data is the same. So why don’t we take this operational data and serve multiple people with that same menu of data? That’s a really great opportunity.”

From dialogue that OneComply has been having with regulators, it’s clear there is a growing demand for technology solutions to also modernize their operations. 

Technology from companies such as OneComply can be used to “bridge the gap” between licensing and ongoing compliance processes which will ultimately streamline the overall data collection process for regulators.

Conn said: “We’ve been having a lot of conversations with regulators, and what we’ve heard is that there’s a very large desire to modernize their operations. I think understanding what is available in regards to technology and what is achievable are two very, very different things.

“Regulators currently view licensing and ongoing compliance processes as not being connected. They’re usually two different departments. You have investigations and you have licensing. And once again, we think that licensing really is the data collection process for ongoing compliance. We want to bridge that gap.”

OneComply plans to close that gap and, ultimately, engineer a huge shift away from the traditional ‘form filling’ processes that we’re all very familiar with. 

As Conn explained, the gambling industry has become accustomed to working with online forms and spreadsheets. But from a data processing standpoint, piles of forms and spreadsheets can become very bureaucratic. 

The CEO added: “The gambling industry has never really had the ability to think beyond the world of online forms. That’s the way things have always been done. So I think even when looking at the willingness of regulators to adopt technology, can we get them to see the bigger picture of what the opportunity is? 

“When we do that, it’s going to make not only the licensing process different, it’s going to make the communication process between license holder and regulator different. It’s going to make reporting different, it’s going to make renewals that much easier. It should make everything a lot easier, certainly in a single jurisdiction to just maintain that.”

Having centralized data not only reduces the reliance on forms, but also provides both the license holder and the regulator with visibility on any potential compliance issues. In the long term, this can prevent any potential ‘fires’ before they happen.

Conn said: “When you have centralized data, and both parties have optics, the responsibility is very clear. If the operator knows something has happened, the regulator should know something’s wrong, and that engagement should happen in real time. Unfortunately, what happens a lot with regulators is you’re investigating cold cases. 

“If it’s not handled from a compliance standpoint, there’s real quick accountability and responsibility of saying ‘we saw that you didn’t do this a week ago, we gave you a week to fix it, you still haven’t done it so we’ll be taking regulatory action’.”

Talk soon turned towards the speed at which regulators are willing to adopt new centralized data platforms. As you might be able to guess, it has been somewhat slow. There are two reasons for this: budget and legacy.

Budgets for technological upgrades are always going to be an issue for regulators, Conn told SBC Americas. He explained that budgets are often decided on a state-by-state basis, so trying to allocate funds to new technologies is never going to be easy.

“What doesn’t help is that this technology has never existed, this gaming board regulatory technology has never existed. We don’t have the white papers nor the ROI studies. You can’t come with this clear case as a supplier to a regulator saying ‘this is what’s going to happen’. It’s all hypothetical, which means the regulator can’t go to their bosses who can’t go to the state and request this new technology.

“It’s going to be really hard for regulators to argue that a state needs to invest in certain technologies as there is not yet any concrete evidence to state they require this technology. I think that this is really one of the biggest issues. 

“The second issue is that there’s this legacy of regulation. If you look at some of the states that have been around for decades, they have file cabinets everywhere that have all this paper and documents in. What do you do with all that paper? How do you break away from all that physical documentation? That’s a harder thing.

“We’re very proud people in gaming, both as operators and suppliers, and certainly as regulators. You could say we have a chip on our shoulder because this is tough. Gaming is very hard. When someone then comes into the industry and tries to change the system, it’s hard to adapt to those changes.”

At OneComply, Conn walked us through the ways his company helps its partners to make this shift towards data centralization. 

The first task at hand is to understand how that individual organization communicates its compliance processes and what resources it has at hand to manage this.

By then introducing a data centralization platform that is suited to that individual company, OneComply can then help its partner develop the ability to scale. Conn drew reference to one of its existing partners where this approach has proved to be successful.

“There’s a really great white paper that we’ve done with a client of ours that entered four dozen new jurisdictions in the space of a year. They wouldn’t have been able to do that without being able to spot that opportunity to centralize data. Instead of spending a month collating and processing data, they may have taken a day or two. 

“That ability to just shorten the timeline has had a dramatic impact. For a company like that that now has 48 new sets of regulatory requirements to keep up with, where are we putting that responsibility? We’re streamlining that process, so it’s been a huge value add for them. 

“The secession planning has been really big as well. We talked about siloed departments and there being only a handful of people that own that IP. Instead, we give our partners the opportunity to see everything. They can see the calendar for all the jurisdictions that they operate in, they know what they need to do and when. You’re not letting people leave your organization with all of that intellectual IP for compliance. 

“We just want to continue to understand how our clients not only use our product, but how they are using ancillary products too. We’re trying to move people from using several spreadsheets and instead we’re collating everything into one place. On the B2B side of things, this has never existed.”

Rounding off the discussion, a trend that Conn drew particular attention to is the outsourcing of compliance management. He erred on the side of caution when it comes to external consultants, emphasizing that it is much more beneficial for a company to internalize its compliance IP and overall regulatory processes. 

Compliance should be integrated into a company’s DNA, Conn advised, and should form an important part of the everyday operations.

He concluded: “The industry has grown and scaled so quickly that we haven’t managed to keep up with the number of compliance professionals – there’s simply not enough of us!

“We seem to have the same number of compliance professionals as we did nearly 10 years ago, but the market is overwhelmingly bigger now. We’ve seen law firms and consulting groups join the industry and try to take that compliance burden off people. However, this route isn’t scalable because you’re relying on this external business to manage your resources. You ultimately end up putting the ownership of your IP into this third part. When you do that, it’s really hard to build a culture of compliance and put it into your DNA.

“Every single person in your organization should know their role in compliance. It’s very hard to do that. But it becomes very, very difficult when it’s not even a part of your day-to-day activity because you’ve outsourced it. 

“I think my big advice is, even if you’re using a consultant, even if you’re using a lawyer, be super in touch with what that process is. Make sure you understand what they’re doing, how they’re doing it, how you can scale that operation both in terms of capital and efficiency. Even if you have outsourced it, you still need to have that roadmap in place and understand how it impacts your business.”