The Malta Gaming Authority Sandbox Regulatory Framework Innovative Technology Arrangements (ITAs)
The MGA's Sandbox Regulatory Framework
Under the Sandbox Regulatory Framework, the MGA offers licenced operators the opportunity to make an application for the use of ITAs
Expiry Date: 31st December 2021
Distributed Ledger Technology (DLT) and each of its implementations are new and disruptive phenomena in the digital currency and technology spaces. Under the Sandbox Regulatory Framework, the Malta Gaming Authority (MGA) offers licenced operators the opportunity to make an application for the use of Innovative Technology Arrangements (ITAs), including Distributed Ledger Technology (DLT) platforms and smart contracts. Although ITA usage amongst operators and stakeholders remains at the discretion of the MGA, the Authority has indeed set out some initial requirements. The MGA may revise such requirements on an ongoing basis, always ensuring it takes a risk-based approach. Licensees may submit their application for the use of ITAs through the MGA’s Licensee Relationship Management System (LRMS). Once the Authority issues an approval for the use of DLT assets/ITA by a licensee, the dynamic seal will reflect the fact that the licensee is participating in the sandbox environment.
Required Criteria – Innovative Technology Arrangements (ITAs)
- Proposed ITAs must be audited by auditors registered with the Malta Digital Innovation Authority (MDIA)
- The audit report must offer a positive opinion and the MGA must be satisfied that regulatory requirements shall be met
- Virtual tokens will be assessed on a case-by-case basis by the MGA and be guided by DLT asset economics and an evaluation of the following; technology; company structure; market applications; security; and human resources.
- Virtual tokens must be confined within a closed loop ecosystem managed by the operator
- Virtual tokens may be acquired for fiat currency directly from the operator for use on its platform.
- Withdrawals shall be effected on the operator platform in fiat currency after converting the virtual tokens at the same exchange rate at which they are acquired.
- Administrators shall be assessed on their competence as persons performing a key function in administering an innovative technology arrangement
- Full or partial DLT-based games and game components may be used following the aforementioned MDIA approved auditor’s positive opinion and approval by the MGA.
- Smart contracts may, and in some cases must, be deployed for various reasons in an operation in which the technical setup is partly or wholly based on DLT.
- The MGA’s main regulatory focus is their use for the purpose of executing game transactions, in particular where player funds are held in escrow by a smart contract, which based on the outcome of the game, then executes the payout
- When a public permission-less DLT platform is used to host components, the operator does not have control over who becomes a node in that ledger and where the relative equipment is located. In any such case, whereby the MGA is satisfied with the technology and its implications, the licensee would need to establish a node in Malta for the purpose of adhering to the requirements on replication of essential regulatory data.
Required Criteria – Smart Contracts
- Wallet verified before any wager can be made;
- The necessary safeguards are in place, with respect to self-exclusion, player-specified limits, and the maximum deposit amount;
- Deployed with the ability to revoke or neuter, and return funds thereafter, should a flaw in the outcomes generated by its code be discovered;
- Withdrawals, either automated or otherwise, made through smart contracts may only be allowed once full CDD and wallet verification has been carried out;
- The smart contract code must be reviewed by an MDIA- approved auditor with any faults identified and, if required, addressed.
- For other smart contracts which are focused outside of the facilitation of game transactions, and provided that the smart contract is not directly or indirectly relevant to regulatory requirements, the MGA may dispense with the requirement for an audit of the smart contract’s code. This remains at the MGA’s discretion.
- DLT hosting architecture must be located in Malta and/or any EU/EEA Member State and/or any other third country jurisdiction wherein the Authority is satisfied that the same principles can be obtained.
KPMG Global Gaming and DLT Teams
KPMG Malta recognises and understands the challenges and opportunities faced by gaming entities. We have a strong team of locally-based and experienced Gaming and Blockchain specialists. In addition, KPMG has the unique advantage of Global Gaming and DLT Teams, which bring together localised expertise from various jurisdictions. By combining our industry expertise from various hubs across the world, we are in a position to offer a truly professional service across functional and geographical boundaries.
How Can We Help?
Speak to one of the team if you wish to incorporate ITA(s) into your operations.
© 2023 KPMG, a Malta civil partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved.
KPMG International Cooperative (“KPMG International”) is a Swiss entity. Member firms of the KPMG network of independent firms are affiliated with KPMG International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm.