U.S. casino operators and software developers can find “huge opportunities” in overseas online gambling markets enjoying unprecedented growth, the head of an international testing and certification company says.
Shaun McCallaghan, CEO of eCOGRA
“The global online gambling industry is growing exponentially, and in a post-pandemic environment, players are consuming content at a rate never previously seen,” said Shaun McCallaghan, CEO of eCOGRA, which is based in the United Kingdom and specializes in assessing online gambling software and systems. “If you couple this with the growing number of jurisdictions introducing regulations and technological infrastructures improving worldwide, gambling has never been more accessible for players. Consumer trust in the online gambling industry due to rigorous compliance requirements is growing quickly, and this trend will continue in the coming years.”
Established in 2003, eCOGRA (for eCommerce Online Gambling Regulation and Assurance) began with a goal of self-regulation for the rapidly developing online gambling industry. The organization developed operator, software developer, and live dealer studio standards to ensure player protection. It still awards the eGAP seal to those who adhere to the company’s Generally Accepted Practices for ensuring operational systems are secure, monetary deposits are safe, games are fair, and players have access to a full-time dispute mediation service at no extra charge.
As many countries passed their own online gambling regulations, eCOGRA evolved into a testing agency and certification company currently approved in more than 20 European nations, plus six states in America, and parts of Asia, South America, and Canada. Last year, it became the first laboratory headquartered outside the United States to win authorization to operate in Pennsylvania and Michigan; it received New Jersey authorization as an approved vendor in 2016. McCallaghan said eCOGRA continues to expand and is considering several North American locations for regional offices.
While gambling regulations are unique to each jurisdiction, McCallaghan said operators and software developers wanting to enter new areas can benefit from a multi-jurisdictional certification approach that ultimately reduces disruption and allows them to reduce certification fees.
He noted that Sweden is one of the biggest online gambling and betting jurisdictions in Europe, because a large percentage of people enjoy high disposable income. “It is also a very highly regulated jurisdiction, which inspires high levels of consumer trust,” he said. Malta, which in 2004 became one of the first European countries to regulate online gambling, offers an attractive corporate tax rate, he added.
“As more and more jurisdictions legalize online gambling and introduce player protection legislation, the marketplace is opening up to a much wider audience than we have ever seen,” McCallaghan said.
Regardless of where they offer online gambling, he said leading operators and software developers focus on a customer experience that emphasizes fair gambling and player protections “to create positive, safe and protected, enjoyable experiences for their customers.”
Over the past months, online and land-based casinos have experienced an increase in ransomware and other network attacks, which can not only be costly to operators but also damage consumer trust. Some jurisdictions have made cybersecurity controls a mandatory component of certification, while others are urging operators to take precautions.
McCallaghan said eCOGRA began offering tests of operators’ network vulnerabilities in 2015 and formed an in-house team of ethical hackers and cybersecurity specialists. “This service line has certainly exceeded expectations in terms of growth, and we expect the need for this offering to increase as businesses turn to independent third parties to offer comfort over the level of security they have in place,” he said.
The process can include an assessment of threats from “social engineering,” or schemes that use phishing and similar tactics to dupe employes into providing proprietary data or network access to outsiders.
“Humans tend to be the weakest link in information security,” McCallaghan said. “Hackers are increasingly targeting employees into divulging confidential and sensitive information that may allow access to business resources.
“We urge companies who are concerned about these risks to be proactive rather than reactive.”
