Payments compliance: Walking the road of regulation

Yes, the thin line of compliance vs user experience is something of an unforgiving creature that demands to be tamed by all entrepreneurial entities and individuals – both inside and outside the gambling industry. Tackling the conundrum is something that every businessperson signs up for – knowingly or not – when they enter the executive world. And depending on the industry, each sub-sector of a given market comes rife with its own unique set of requirements based both on geographical location and industry segment.

As we evolve into an increasingly digital world, managing the balance of a unique, frictionless and functional user experience that remains both compliant and tailorable to fast-changing and globally nuanced trends is – from an operator’s perspective – either a challenge relished, or a dreaded hurdle. Nevertheless, pressure – as they say – makes diamonds and innovation simply doesn’t occur within an environment in which people are not pushed to their limits. None of these facts are truer anywhere than within the changing face of gambling.

Of course, it’s not just remaining compliant that is the challenge for online payments providers and gambling operators these days, it’s also keeping customers away from unregulated spaces and tempting them over from the retail bookmakers. Indeed, for those online operators who are looking to acquire new customers, the payment part of this delicate process is perhaps the most pivotal point of contention.

A little help from our friends

Indeed, without the payments industry, there is no online gaming industry – or at least, certainly not iGaming as we know it. Naturally, nobody understands this fact better than the payments providers themselves. Enter Zak Cutler, President of Global Gaming at Paysafe, to explain in what way the gambling industry is – in his experience – supported by the payments industry, especially in the modern landscape.

He tells Gambling Insider: “In my current role, I’ve found that the entire point of digital payments for gambling is really to optimise conversion for gambling operators. If you take a giant step back and look at the data in our surveys, a huge component of why players are loyal or why they choose a specific betting operator is due to their payment stack. Really, the availability of various payment options can be where it all comes together for the operators.”Cutler explains the fact that – as we know – eyeballs are everything in the online gambling business and, of course, both acquiring and retaining those players is at the heart of this discussion and, ultimately, the crux of inflating revenue streams.

He continues: “Operators go out and spend millions of dollars to basically get their brands in front of the consumer for the chance of getting a given player’s business. The first interaction they then have is, aside from registering and giving their email, to take out their credit card or to decide how they want to load their account for payment. If they get to this point and the operator doesn’t have the payment type that the player wants, or it doesn’t go well and there’s some glitch or conversion issue – the operators are going to lose business. If this happens 20-30% of the time on a $50m marketing spend, it drastically changes the economics. As the world becomes increasingly digital, we sit at a critical piece of the conversion funnel, where players make the most important decision. Are they going to reach into their pocket? If that doesn’t go well, they’re going to go somewhere else.”

Concurring is Tom Townson, Partner and Head of Financial Crime at Grant Thornton UK, who builds: “In a regulatory environment that prizes consumer protection, robust financial crime and responsible gambling controls, payment providers with smart onboarding capabilities are no longer just facilitators. Payment providers that offer integrated compliance support, instant bank account verification and smooth deposit flows can significantly reduce friction at the point of entry,” he continues, telling Gambling Insider: “In turn, the ability to deliver a frictionless onboarding experience has made payment providers an increasingly powerful asset for operators.” As mentioned by Townson, “the onboarding experience directly influences the number of players that will use the operator’s services and the operator’s ability to comply with regulatory requirements. In a market where expectations are shaped by frictionless experiences, players will always expect to open an account, deposit and play within minutes.”

It would appear, then, that payment service providers – or PSPs – act as a key link in a long and delicate chain that bonds gambling operators with their consumers. Naturally, as explained by Vents Štrombergs, Sales Manager at Zimpler, the provision of a frictionless experience also informs a PSP’s relationship with its operator partners and – by extension – affects the development of the broader industry over time.

“A seamless onboarding journey can significantly influence an operator’s choice of payment partner – and operators are often the key innovators that spark major industry shifts. Operators need to scale efficiently, and they depend on PSPs to simplify payment processes while maintaining full compliance,” Štrombergs tells Gambling Insider.

“Today, a top-tier PSP isn’t just about payments – it’s about being a strategic enabler of operational efficiency, regulatory trust and user-centric design.”

As markets evolve, frictionless onboarding has become a defining competitive edge

The importance of a payments experience that is both effective and frictionless, then, is undoubtedly paramount for modern online operators. However, the really tricky part is the aforementioned compliance dilemma. On the surface of things, it appears that the back and forth of changing legislation sparking new innovation should be a delicate dance, balanced between operator and regulatory body alone.

Nevertheless, this is by no means strictly true. Compliance is a multi-faceted affair and many hands – as they say – make for light work. But is this saying applicable to the payment world and, if so, from the compliance side, what kind of regulatory-related solutions should the ideal payments provider partner offer?It’s a question Mike de Graaff, Co-Founder and Chief Compliance Officer at online gaming regulatory compliance consultant BetComply, is well poised to answer. He explains to Gambling Insider: “In my opinion and from a compliance perspective, the ideal payments provider isn’t just a transaction processor; they’re a strategic partner. They should deliver top-of-the-line KYC and AML tools to automate identity checks and risk profiling, real-time transaction monitoring to spot and stop suspicious activity, and seamless system integration, so operators can plug in without overhauling their tech stack.

“Flexibility is key; they need to adapt to local rules while keeping the player journey smooth. It’s about proactive compliance that doesn’t kill the commercial side of the business.“

Townson agrees that a proactive PSP approach is essential to not only delivering results for their operator partners, but also pushing for wider growth and innovation.“

Partners should deliver more than just fast and secure transactions

Ideally, they should also support the operator’s ongoing regulatory compliance. This could include the partner providing real-time AML and fraud detection, sanctions screening and real-time sanctions, PEP & adverse-media screening at both pay-in and pay-out.

“Additionally, the partner should support open banking solutions and strong customer authentication, integrated to the operator’s interface. They should provide automated reporting, customisable compliance dashboards and adapt to market-specific regulations across jurisdictions. In an ideal world, the payments provider would operate a full suite of compliance-related solutions, including well-designed in-built compliance architecture.” De Graaff closes the topic effectively with a defining statement: “

I know it’s easier said than done, but do what works in the black market, compliantly

Simplifying the complex

Indeed, easier said than done is ideal phrasing. Regardless of your end goal, the Payment Card Industry Data Security Standard (PCI DSS) – an internationally recognised security standard – is certainly a good place to start. However, within an untamed wilderness of know your customer (KYC) and know your business (KYB), consumer security laws, data privacy legislations and payment network policies – it would be forgivable for even the most intrepid adventurers to become overwhelmed. Regardless of the complexities, the core challenge of remaining compliant while ensuring an efficient user experience remains, and those PSPs that can achieve this standard are primed to make themselves a priceless asset to any online operator in the gambling industry. Finding ways to simplify the process, as explained by Cutler, is paramount.

“If you break down what it actually means to be compliant – and why that creates friction – it is only a handful of things. Firstly, your KYC process – which is if you’re required to verify someone’s age, that they’re not on a specific exclusion list, or any other reason why they can’t play on your site. To do this, you have to collect data and that’s one natural friction point. You then also need to perform geolocation checks, which often involves having to download additional external software. Still, ultimately the short way of summarising these things is KYC. Happily, all this KYC stuff is baked into the regulatory framework to make sure that – if you’re a player – you are who you say you are, you are where you say you are, you are of age, and you are not on an exclusion list. One of the key factors is ensuring a good exchange of data with the operators as this can help streamline that process so they’re not asked for the same data again and again.

“The second possible friction point is centred around fraud because you have chargebacks, which is fraud that isn’t really fraud. You want to build your system so that it can essentially stop mistakes before they get made. An example of chargeback is maybe someone entered the wrong zip code tied to their credit card. Well, instead of freezing that account, we might have history on that player that helps the operator recognise that this player has been playing for 10 years, has no previous record flagged in our system and can be allowed to move forward in the process. Dealing with actual fraud is another thing, but of course the overarching goal is to try and deal with all these friction points as quickly as possible.”

On the surface of the issue, the benefits of offering a payments stack that can handle both the many regulatory and technical requirements of a given transaction at speed are easily identifiable. Operators get to advertise a seamless experience, PSPs keep operators happy by connecting them with their players, and players get to exercise their desire to wager quickly and effectively. Simple? Well, yes – but there’s a little more to it.

As is a well-established fact in the gambling space, the more regulated operators can offer players, the more likely players are to stay away from the black market. This, of course, relates to an almost incalculable number of industry areas that are entirely unrelated to payments, be it personalisation, localisation, promotional offers or innovative technologies.

Naturally, all of these aspects could also be tied to the payments space but, from a broader perspective, the past five years has seen the payments industry contribute to player safety enhancements in online gambling in numerous ways.

As specified by De Graaff, “The payments sector has played a big role in the gambling industry over the past five years. On one hand, advancements in payment technologies like seamless digital wallets and instant transaction processing have made it easier for players to engage with regulated platforms. These tools enhance convenience and security, which operators use to retain players who might otherwise drift to unregulated spaces.”

Regulatory tug-of-war: Ordinance vs anonymity

Within the modern landscape, it is no surprise to see some operators choose to speak out in opposition against regulations they find overly stringent. On the flip side, many organisations within gambling see regulation as a chance to innovate and – on (very) rare occasions – even encourage regulation. Yet the primary of these two examples can, at times, make it difficult to differentiate between instances where companies don’t want to innovate around new regulation, and instances when companies quite simply can’t innovate around it.

The European continent is widely regarded as one of the strictest when it comes to legislation and – in the opinion of many in the payment space – the evolving restrictions coming out of the region are tightening to the point where no PSP is immune to feeling the pinch.

“Here’s the bad news,” states De Graaff: “Increasing regulations, especially around KYC and AML, have made innovation on UX harder. Stricter verification can frustrate players, nudging them toward less-regulated alternatives that promise a quicker, less invasive experience.

“It’s not an impossible task to keep players in regulated markets, but it is a tough one. The payments sector needs to double down on streamlining compliance without compromising the user experience. Otherwise, we’re just handing players to the grey and black market on a platter.” It’s no secret that, in the EU, payments companies wrestle with many challenges. Shifting KYC demands across differing regions meet at a cross-section with cross-border transaction complexities, such as reporting obligations that vary by jurisdiction.

On the other side of the coin, there is data privacy under GDPR and – more broadly, player convenience vs compliance, which, as De Graaff states, can present an array of unforeseen challenges for compliant operators: “Speaking from BetComply’s experience, we know that every click you add to the registration flow, you increase drop-off. But some clicks are mandatory.” He continues: “Over the last five years, these flash points have evolved from straightforward compliance issues to more complex and cross-over problems like data privacy and player protection. Regulators have given us more granular rules, tighter transparency demands and a sharper focus on consumer rights. The result? A fragmented landscape where payments companies need to stay compliant across borders. For players, this means a mixed bag: more steps in the verification process or delays in transactions can easily make you lose a player, but having good security measures offer trust.”

Increased payments-related regulation vs retained player anonymity, in recent years, has begun to drive out something of a gnawing tectonic scrape, with the resulting friction sending tremors through the market that – as we have established – reverberate in a very real way. In a world where both the desire and expectation for instantaneous online experiences are deeply entrenched, the failure to deliver a seamless payments encounter can and will drive players away from the regulated space. This affects both businesses and lives.

Equally important to understand is the importance of effective regulation, alongside the assurance of consumer anonymity – should they desire it. All is not lost, however, as De Graaff suggests that the exploding world of crypto and blockchain – where anonymity is more of a guarantee – could hold the key to at least partially remedying this issue.

“One way forward is tapping into tech like blockchain. It’s not perfect, but it offers pseudonymity, letting players shield their identities while still leaving a trail for oversight. The crypto world proves you can blend privacy and accountability, though it’s a long shot without regulators warming to it. Outdated legal frameworks are not fun to deal with when you have new ideas. In the coming years, the fix lies in smart innovation: tech-driven solutions that satisfy both sides without breaking the bank or the player experience.

“Nevertheless, the tug-of-war between regulation and player anonymity is on top of most minds in the industry. Regulators want full visibility to curb fraud and laundering; players want privacy without the hassle. Operators want to provide services compliantly and still make money.” This point is swiftly backed up by Zimpler’s Štrombergs, who states: “It’s true crypto could hold some kind of key to help PSPs and operators change the way they approach compliance and security with regard to anonymity. I would say as payment providers, we are all closely watching how cryptocurrency will evolve within the EU’s regulatory framework for its potential to deliver fast, cost-effective and secure transaction capabilities.”

Despite offering a noticeably more privatised and often equally as secure payment solution, the world of crypto is still, in many ways, a murky landscape of which masses in and indeed out of the gambling industry are sceptical simply because many do not understand how it works. In short, there are certainly aspects from crypto payments that could help inform the issue of compliance vs anonymity. However, the differing desires of regulators, operators and players is a triple frontier far too steep for crypto to summit itself.

Views, though, across the EU market around user experience are changing – with increasingly frequent reports from suppliers across the industry that regulators are becoming increasingly concerned – and sometimes even involved – with UX. This, in the opinion of Štrombergs, is a changing factor that could be key to the discussion of conflicting ideals between operators and regulators in the long term. “As regulators emphasise player safety and experience, this shift is already reshaping how payment providers operate,” Štrombergs explains: “Features like player identity verification, spending limits and frictionless financial controls are increasingly necessary. Open banking and streamlined identity checks are also accelerating, and providers must continuously innovate to remain both compliant and competitive.”

Townson agrees, arguing that the increasing involvement of regulatory bodies in user experience can have a knock-on effect on the operator’s long-term UX agenda, changing the industry directly via a top-down influential structure: “Regulators across the EU gaming and betting industry are increasingly prioritising player experience through enhanced consumer protection. This includes transparent and fair payment processes that enable a frictionless user experience, while also ensuring protections for vulnerable players and the prevention of money laundering.

“Furthermore, knowing that regulators are more attuned to player experience, it is an axiom that operators who adopt fast, secure and compliant payment infrastructures will improve player experience but also meet the growing demands of regulatory frameworks in the EU. Of course, some regulations designed to assist with elements of the customer experience – such as security and peace of mind – are sometimes regarded as running counter to other elements of customer experience, like speed and convenience.”

The idea that regulators would begin becoming at least conceptually involved with user experience in the industry would have come as a surprise, to say the least, to many in the market five years ago. However, it would appear that in some continental landscapes (the EU especially) regulators are moving away from the idea of simply drawing up legislation for security and safety purposes.

Building on this point, Cutler chimes in: “The regulator’s job ultimately is to protect the consumer. Obviously, we want those decisions to be informed and to be commercially viable at the same time.

As regulators continue to mature and they look at data that shows them where they can improve, that’s what they are going to do

“I think regulators absolutely will shape things continuously and possibly increasingly so. In Europe, there’s much more analysis now maybe than there was five or 10 years ago, which is natural; as more data comes out, that’s when you tend to want to make decisions.”

By this point, we are well established in the fact that ensuring a payments experience is frictionless enough to keep players away from the black market – while remaining compliant – is the key conundrum faced by PSPs today. But the unregulated market isn’t the only thing that both they and online operators must consistently compete with for business. Indeed, the retail bookmaker and casino spaces also present a formidable competitor from which PSPs must try to help online operators take players away from.

Cutler gives his two cents: “I’ll start with the retail component. A lot of data suggests, especially in the US and UK, where the land-based players are, in fact, connected and licensed online. What that data will highlight is that the online component actually becomes an additional marketing point to drive increased visitation back into the land-based side. Despite this somewhat paradoxical outcome, the data also allows you to monetise that user when they can’t come to your land-based location. It’s not cannibalistic, it is creative and ultimately grows the whole pie.

“I always say that where payments can come into play to support operators and tie all the issues we’ve touched on in this piece together is through a digital wallet that can carry a balance. Technically, a player could even carry a balance online that is applicable down the road in a land-based casino and I think that’s really where a lot of folks – not just players but also operators on the online and retail side – want to go. It’s hard to break the pattern of using cash in a casino; that’s still the preferred option for players and while retail can still serve players through loyalty and experience, online there are simply more ways to pay.

“Moving on to the black market part of the conundrum, I think if you look at a lot of our surveys, player security and instant payouts are very much some of the highest priorities for consumers. When you look at the black market, maybe there is some slight advantage somewhere, whether it’s better odds or less friction; I think what we’re seeing is players are still gravitating towards the safer regulated space because they know that if they win big and just want to get their money out, they’re protected by the regulations. Paysafe has instant payouts in our system. It’s one of the most popular features we’ve launched in recent years. Those types of things go much smoother in a regulated environment because we – alongside our operator partners – just want to have the best player experience. I think that, really, is the trade-off. Security and efficiency of withdrawing funds.”

Change is going to come…

As certain as the seasons themselves, change in the payments and wider gambling industry is constant and often drastic. Perhaps, then, revisiting how the payments industry has already contributed its hand to help operators remaining compliant over the past five years, amid all the change that has befallen the landscape in that time, can give us an indication into how the conundrum of frictionless online UX and compliance could unfold in years to come.

“Player preferences are shifting,” states Štrombergs, “with digital convenience increasingly winning out over traditional channels. Innovations like ‘Deposit and Play’ have already simplified the sign-up and funding processes while meeting KYC requirements, making online gaming more accessible. Looking forward, I would anticipate continued improvements like Face ID and biometric verification to further enhance both user experience and compliance. These shifts mirror broader consumer behaviour toward mobile-first, digital-first interaction.”

Townson adds: “The payments industry has played an important role in steering customers away from unregulated gambling spaces by leveraging its regulated status and building trust among players. Recognisable payment services brands enhance legitimacy, encouraging users to provide their financial details securely.“In Sweden, where payment providers actively identify and block transactions to unregulated gambling sites, the regulator has introduced a requirement that payment providers report if their systems are being used by unlicensed operators. This change makes it harder for users to engage with unregulated platforms and encourages communication between operator and regulator. Clearly, the role of the payments industry is one of collaboration with the regulator and operators to collectively promote safer, more secure and user-friendly environments, contributing to the industry’s technological and regulatory progress.”

The buzzword of compliance, borne out of ever-changing regulation, is the catalyst for change not only in operator offerings but also consumer habits. The increasingly digitised nature of the world has already changed the industry forever – and while the role of retail will always remain key, it is changing in a way that is irreversible.

As this shift continues to influence the payments space, the role of the PSP will become increasingly important in helping operators provide the kind of service that helps solve both the issue of user experience and compliance in one fell swoop. Be it via increasing crypto integration, biometric advancements or a regulatory UX awakening – operators navigating the balance can find a helping hand in the payments industry.