Online Gambling: Workshop

Meeting Summary

The Department of Trade and Industry approached online gambling as a form of e-commerce similar to paying for music downloads from the iTunes website. It had looked at that environment, which had a track record, and tried to apply it to the online gambling field. Online sales accounted for 29% of music business internationally. Two treaties obliged member states to provide legal remedies against the circumvention of technological protection measures for the rights of copyright holders. The Electronic Communications and Transactions Act of 2002 made it a cyber offence to access, intercept or interfere with un-authorized data. It prohibited the manufacture, possession and use of devices to circumvent security measures. The anti-circumvention prohibition was not copyright specific and was applicable to all forms of data. This would include the data exchanged during gambling. The Act was an overarching Act which provided a broad framework and each department could perform e-commerce under that broad framework.

The Department of Communications sketched the different components and role players as well as the legislation which had bearing in that environment such as the ICASA Act which established the regulator for the industry and the Electronic Communications and Transactions Act which facilitated e-commerce. But there was another layer of player who hosted and processed data. There was now cloud computing which could provide services without infrastructure. The presentation ended with questions: “When regulating the gambling industry, who needed to be regulated? The infrastructure providers, or the people facilitating the hosting of content or everybody in the value chain?

Members asked who would be licensed, whether there would be tiers of licensing and how complex enforcement would be. Members asked how other countries handled online gambling and what SA could learn from their experience. Members asked whether online gambling would influence the country’s current account, and why sports betting was advertised in the newspapers if it was illegal.

The Financial Intelligence Centre said South Africa had international obligations to prevent online gaming from promoting money laundering/terror financing. The vulnerabilities and regulatory challenges associated with online gaming were noted. There had to be legal and regulatory measures to prevent criminals or their associates from being the beneficial owner/operator, or holding a significant/controlling interest in a casino. The FIC proposed that betting and online poker not be allowed, but if so, operators had to be subject to regulatory measures against money laundering and terrorist financing as required by the Financial Intelligence Centre Act. ISPs had to be included in the licensing framework.

The South African Reserve Bank looked at the impact of the current legislation on the unregulated interactive gambling environment, compliance and enforcement of the current legislation, monitoring and reporting of cross border flows, challenges facing the banking industry in combating illegal interactive gambling and the role the banking industry system could play in combating this challenge. In terms of the Lotteries Act of 1997, SA residents may not participate in lotteries organised abroad. Cross border flows were reported by Authorised Dealers and monitored by the Financial Surveillance Department. Cross-border transactions were reported via BOPCUS (Cross border Foreign Exchange Transaction Reporting System) and BOPCARD (Credit/Debit Card Transactions Reporting System). Both reported to the South African Reserve Bank. Challenges facing the banking industry in combating illegal interactive gambling was Authorised Dealers claim their system was unable to identify “illegal” transactions through the current Merchant Category Code (MCC). The problem was when SA card holders gambled on foreign websites over which the SA government had no control. Merchants who operated “under cover” used merchant names and category codes which indicated other businesses, like flower shops, while operating online casinos. This made it impossible for the issuing banks to identify and stop illegal transactions. Authorised Dealers and credit card companies needed to develop a unique MCC for gambling merchants that would enable them to identify and block illegal transactions. Currently only one Authorised Dealers was able to flag the MCC which identified it as online gambling, and could block such a transaction. Banks were required to report all suspicious transactions. The Gambling Act required that banks identified foreign winnings of local card holders and paid them to the National Gambling board.

The Banking Association of South Africa asked the questions “Why regulate online gambling?” and “Was restrictive regulation of online gambling feasible?” The Gambling Review Commission’s report proposed “a bigger role for the banks”. The BASA felt that it should not be expected assist in regulating online gambling. The Committee had to understand that payment systems were designed to make transactions quicker, to facilitate transactions and trade, not to police consumer behaviour. It was not designed to interrupt, interrogate and stop transactions. If the authorities had a problem, it had to regulate the problem causer, not the payment provider. The banking system paid account numbers. It did not work with names. Screening for names was not possible in the high volume low value mass consumer market.  Checking for names, interrogating and stopping transactions would slow it down. Financial Intelligence could be gathered after the fact, but to interrogate transactions on-the-fly in real time was impossible.

Members said, listening to the Banking Association say that it could not do anything about identifying illegal transactions, had them worried. If that was the case, there was a serious problem. Suppose online gambling was legalised, would BASA get ready to play its role in regulating online banking? It would have to; otherwise it would be facilitating illegal gambling. Members asked why only one authorised dealer had a Merchant Category Code through which to identify online gambling.

The National Gambling Board has developed a paper on online gambling. The paper outlined key elements of regulation that needed to be considered. It had been  discussed by the Portfolio Committee’s Gambling Working Group recently. Issues raised included licensing of online gambling in other jurisdictions, their successes, challenges and the recommended approach for South Africa. The NGB had been requested to present an enforcement perspective on online gambling with a view to attend to concerns raised by the Working Group.

The NGB explained that if it compared the two regimes, the land-based regulatory framework of licence holders, and translated that into the new domain of licensing online gambling, there would be clear licence conditions, and in that process one had to consider the full value chain and decide which of the parties on that value chain needed to be probed, which had to be licensed within those licence conditions so that there was compliance. If a limited number of licences were going to be issued, the pressure was on the competing operators to be compliant. The question then arose whether the NGB could monitor for compliance.

The DPCI of the South African Police Service had the mandate to investigate national priority offences requiring specialist skills in the investigation and prevention thereof. Cyber crime was information and communication technology crime. Challenges facing law enforcement of it was that it happened across national boundaries, was faceless, and so it was difficult to identify guilty parties. Officials were ignorant in gathering digital evidence. The DPCI had to establish adequate law enforcement capacity in addressing the identified threat with a multi-disciplinary approach. An Electronic Task Team (ETT) was needed with a project management approach to address the identified threat and follow a combined investigative approach (two phased investigative methodology. 1: follow the money 2: forensic system analysis). The SAPS had a legal obligation to address the existence of cybercrime that posed a threat to the country on the economic front and as a democracy.

The National Prosecuting Agency said the cybercrime situation was encapsulated in the saying: “Technology leaps, the law creeps”. Whatever programmes were going to be developed flowing from the current workshop process, had to include the SAPS and the NPA, to ensure it could be policed and prosecuted. In SA the only real capacity to prosecute cyber crime was housed in the Specialised Commercial Crime Unit (SCCU). Law enforcement was increasingly turning to proactive investigations This bypassed the investigatory hurdles of anonymity, lack of records, under-reporting inherent in cyber crime cases. It also stopped the criminal before the real damage could be done. The NPA relied heavily on assistance from the Financial Services Board, from the FRC, from South African Banking Risk Information Centre (SABRIC),  banking industry, Road Accident Fund, FIC. The close teamwork between prosecutor and investigator was explained. Online gambling was no different from any other cyber crime. To date there had been no online gambling convictions in SA.

Members asked why the Banking Association said that it was impossible to track money online, while the Reserve Bank had intelligence to that effect. Members asked what the economic impact of legalising gambling was and whether any studies had been done to reduce the financial implications of regulating the industry. The Chairperson said there was a real need for everyone to cooperate with each other. She believed that greater cooperation was needed between institutions.