Internal Audits and iGaming in Malta
Internal Audits and iGaming in Malta
5th February 2020
Since the introduction of the Lotteries and Other Games Act in 2001, there’s been a gradual increase in the number of iGaming companies transferring their operations to Malta. This trajectory has gathered even more momentum since Malta entered the European Union in 2004, automatically resulting in the adoption of the Remote Gaming Regulations. Malta quickly outstripped other Member States, being the first to implement a robust gaming legislation framework.
How is iGaming regulated in Malta?
The Malta Gaming Authority (MGA) is the sole regulatory body responsible for managing all of Malta’s local gaming operations. The MGA has a four-class licensing scheme, as well as sophisticated assessment and control operations, programs and processes.
Besides a robust and detailed regulatory framework that protects both operators and players, there are several factors that have contributed to the success of Malta in attracting remote gaming operations. These include attractive licensing fees, reliable and relatively low-cost licensing procedures, and immediate access to a qualified English language workforce among others.
This attractive package has succeeded in its mission. However, a rapidly increasing gaming industry has instigated the need for an effective and efficient control system. Furthermore, external dynamics have also changed and continue to place additional responsibilities and constraints on iGaming governance structures and mechanisms of control.
The importance of risk management through an efficient internal control and governance structure is widely accepted as a necessity to maintain smooth operations. This must be tailored to the needs of the sector, specifically to facilitate the execution of cost reduction initiatives, maintain business continuity and increase stakeholder trust.
Chapter 583 of the Laws of Malta sets out the country’s Gaming Act, updated in 2018. One of the most significant amendments to the Act states that licensees are required to establish an internal audit function. This inclusion has transformed internal audits into a key function of the new regulatory framework.
Why are internal audits important for iGaming companies?
There are a number of reasons why audits serve a critical function in the operation of an iGaming company, such as:
Internal auditing is an independent monitoring and consultancy practice aimed at adding value and enhancing the processes of an organisation. It can help a company achieve its strategic goals by implementing a structured and disciplined approach to assessing and strengthening risk management, monitoring and governance processes.
An internal auditor will report any identified risks to the Audit Committee, together with any required changes to be made. This will aid executive management and boards in consistently demonstrating that they are successfully, and responsibly, running the company on behalf of their stakeholders.
The internal audit function plays the role of combining assurance and consulting. Assurance shows administrators how well policies and procedures are designed to keep track of the company’s objectives. On the other hand, consulting advises management on how those systems and processes can be improved if and when necessary.
Good corporate governance
Internal auditors determine the internal controls of a corporation, including corporate governance and accounting processes. They ensure compliance with laws and regulations, reliable and effective data collection and financial reporting.
How can internal audits help your organisation?
The internal audit activity includes the periodic evaluation of the processes of controlling operations throughout the organisation. The responsibility is carried out in three distinct steps:
- Ascertaining that the process of controlling, as it has been established and represented by management, is adequately designed in relation to the risk attached.
- Determining, through compliance testing and other procedures, that the process is operating as intended in an effective and efficient manner.
- Reporting the results of the audit work performed and offering recommendations for improving the control process.
What is the audit process?
- Preparation of the internal audit charter, which defines the internal audit’s purpose, authority, responsibility, and position within an organisation.
- Performance of a preliminary risk assessment that’s tailor-made to each organisation. Assessment techniques include interviewing each of major function areas, a comparative analysis, flowcharting, analytical review, and visual observation.
- Preparation of a detailed audit plan for each individual engagement. This allows for the development and documentation of a strategy for each assignment, including the objectives, scope, timing, and resource allocations.
- Communication of the assignment results to the board of directors. This includes the audit objectives and scope, as well as conclusions, recommendations and action plans.
- After an internal audit report is issued, a follow-up audit is conducted to evaluate corrective actions that have been taken on the recommendations made in the report.
Are you looking to set-up an internal audit function for your company? Feel free to contact us via our contact form or on firstname.lastname@example.org!