This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more here

United Kingdom

Select your regional store:


Gambling Commission - Licensing Conditions Compliance

The Gambling Commission regulates all gambling in the UK. All licensed remote gambling operators and gambling software operators must comply with specific licensing conditions, including technical standards, and provide annual compliance audit reports.

On this page you will find a brief overview of the compliance requirements that licensed remote gambling operators and gambling software operators must meet, as well as information on how IT Governance can help.

The standards are in three parts:

  • The Gambling Commission specific technical standards, published on 1 June 2007.
  • Annex B, which sets out the detailed timetable for compliance with relevant standards between the period 1 September 2007 and 1 September 2008.
  • Annex C (Remote gambling and software technical standards August 2009) which sets out the requirement to abide by relevant sections of Annex A to ISO/IEC 27001:2005 (BS7799-2:2005), and was published on 27 July 2007.

IT Governance is able to conduct the independent information security audit that the Gambling Commission requires from operators.

Remote Gambling and Software Technical Standards Security Audit for the UK Gambling Commission.

It is a Gambling Commission licence condition that gambling operators have an annual security audit carried out to assess compliance against the security requirements of the remote technical standards. Copies of the audit summary and the security auditors’ full report must be provided to the Gambling Commission.

IT Governance has a team of ISO27001 Lead Auditors who are qualified to carry out these audits. Call or email us to find out more about how we can help you maintain compliance with your licence conditions.

PCI DSS Compliance for Remote Gambling Operators

We are also able to assist organisations in achieving compliance with PCI DSS requirements. Licensed remote gambling operators are also likely to have to comply with the requirements of PCI DSS, the Payment Card Industry Data Security Standard.

PCI DSS imposes strict information security control requirements on all merchants that process payment cards, and these security requirements overlap and intersect with the controls identified under the Gambling Commission's technical requirements.

Please email us or telephone + 44 (0)845 070 1750 and see how we can help you meet these complex requirements.


Cyber security - a critical business issue

Download Now

live chat support software