Some important changes are coming into law in 2021 that affect how online casinos and gaming sites should manage their Know Your Customer (KYC) and age verification processes.
Germany is toughening its stance on the protection of minors. From July 2021, online gaming and betting operators must ensure they have the necessary steps and restrictions in place to prevent underage users from accessing their platforms.
Luckily, the German Kommission für Jugendmedienschutz (KJM) has already vetted and published a list of age verification vendors and approved Jumio to help organisations prevent minors from accessing age restricted content.
The KJM ensures compliance with Germany’s minor-protection regulations, which are anchored in the State Treaty on Youth Media Protection (JMStV) and stipulate that adult-only content should not be accessed by minors online.
In France, the new gambling regulator, l’Autorité nationale des Jeux (ANJ), now acts as a single body to oversee all forms of gambling in the country, including online gambling, casinos, betting on horse racing and lottery games, replacing the Autorité nationale de régulation des jeux en ligne (ARJEL) which was only responsible for regulating France’s online gambling market.
According to Isabelle Falque Pierrotin, ANJ chairwoman, “The ANJ must rethink regulation … and combine support and control for the operators in France.”
The ANJ is currently finalising two reference frameworks, one on the prevention of gambling addiction and the protection of minors, and the other on combatting fraud, money laundering and the financing of terrorism.
In the UK, organisations have until the 2nd September 2021 to prepare for the Age Appropriate Design Code.
The Age Appropriate Design Code is a statutory code of practice for online services that requires digital services to automatically provide children with a built-in baseline of data protection. The recommendations span across all industries, and are of particular relevance to organisations that provide products or services to minors, such as online games, social media, retail and education, as well as those needing to restrict access to underage users due to the adult-only nature of their products or services.
The code sets new standards and offers some insight on how the General Data Protection Regulation (GDPR) applies to organisations providing digital services to children. The Age Appropriate Design Code also defines children as under the age of 18, in departure from the current UK data protection laws which, for example, allows minors 13 or older to legally consent to being tracked online.
According to UKIE, the gaming industry needs to take the code seriously: “Online games businesses that have children within their player bases are, from today, subject to the code. This means that within a year, companies who fall under it must be compliant or face enforcement action under the ICO – including compulsory audits, orders to stop processing and fines of up to 4%.”
Know Your Children
There are some simple steps organisations can follow to make sure access to their online services is age appropriate:
- Ask your players for a valid ID document and a corroborating selfie.
- Check that the person pictured in the selfie matches the picture on the ID.
- Check that minimum age requirements are met by verifying the date of birth (extracted from the ID document) of the player.
With the regulatory landscape changing, a pop-up screen that asks if a website visitor is over 18 does not qualify as age verification and may no longer be sufficient to prove due diligence. Make sure you have adequate KYC processes to prevent children from accessing age restricted content.
To learn more about different age verification methods and the approach and mindsets of businesses operating in age-restricted industries, check out our special Protecting Minors Online Report.
This content from Jumio is for general information purposes only. Please consult your legal team for advice regarding your particular situation.