Remote Gaming Services
​

Malta is one of the leading hubs when it comes to the iGaming industry. Within this sector, the Maltese jurisdiction is looked upon as having a reputable and a well-regulated Authority which supports the growth of the remote gaming industry. The Remote Gaming Regulations, published in April 2004, took Malta to the top spot, making it the first country in the European Union to regulate remote gaming. In 2018, the legislative framework was overhauled, bringing into force a comprehensive set of regulations that serve to safeguard the public interest, generate jobs, attract foreign investment and prevent money laundering.
 

Our team has extensive experience in providing assistance in connection with your gaming activities in Malta, including incorporation and tax advice of the appropriate corporate structures, assistance in the licensing application, provision of key function services, gaming compliance, tax compliance, accounting, assurance and IT Audit services. We understand that the gaming industry has specific needs, and our services are intended to cater to them. Our remote gaming service areas include:
 

a.  Licence application
 

The process towards obtaining a licence from the Malta Gaming Authority entails a thorough due diligence exercise on all key persons, directors and beneficial owners of the prospective licencee, as well as the preparation and implementation of policies and procedures to ensure that the licencee will have the operational and statutory requirements to meet the obligations prescribed by law. Not least, the applicant’s business plan is expected to have a detailed forecast of the operation, inclusive of marketing and distribution strategies, HR plan and growth targets. We can guide you through the application process, as well as preliminarily provide advisory services in relation to identifying the type of licence that would be fitting to your business model.

 

b. MGA System and Compliance Audits 
​

Remote Gaming Companies licenced by the Malta Gaming Authority (MGA) are required to go through a System Audit before they can actually ‘go-live’ with their operation. Furthermore, at regular intervals and at the MGA’s request, licencees are required to carry out Compliance Audits performed by an approved System Auditor. As approved System and Compliance Auditor by the by the MGA we have extensive experience in carrying out such audits in line with the MGA’s requirements. Since we use technically experienced auditors, we do not merely go through a tick-box review, but, can understand when mitigating measure are appropriate and meet the MGA’s requirements.

As part of our service offering we can also provide you with a ‘Pre-Systems Audit’ and ‘Pre-Compliance audits’ which seek to ensure that the operator is in line with the MGA-approved system in advance of the formal audit.

 

c. Key Functions
 

Pursuant to the new Gaming Act which entered into force on 1st August 2018, licencees are required to identify, those individuals who will be entrusted with key functions within their operation. Key functions may only be provided by natural persons. Such functions include the CEO, CFO, CTO and CMO as well as other functions which licencees may seek to outsource, such as Data Protection Officer, Money Laundering Reporting Officer, Internal Auditor and Legal.

We can provide you with experienced and approved individuals who can be appointed in Key Functions in order to assist you in your gaming business.

 

 

Internal Audit
 

With increased scrutiny by regulators and other stakeholders, the demands on the Internal Audit department is always increasing.

The Internal audit function should be an independent, objective assurance activity that is designed to add value and improve an organization's operations. It helps organizations accomplish their objectives through a systematic, and disciplined approach in evaluating and improving the effectiveness of the risk management, control, and governance processes.

Outsourcing all or part of your internal audit tasks results in costs reduction, higher independence and addresses potential skill and experience gaps. At Radix, we can provide experienced personnel that will assist you in your Internal Audit goals to not only fulfil regulatory requirements but to also add value to your organisation.

 

​

IT Audits 
 

IT is at the core of the modern or oganisation's business model, often driving mission critical systems which necessitate monitoring and control to prevent information leaks and vulnerabilities. In a more complex and highly regulated business environment, organisations are required to adhere and comply with directives and regulations that are issued from time to time.

We offer IT system and compliance reviews covering areas such as business continuity and disaster recovery, information security policies, service agreements and network infrastructure, as well as advisory services to assist you in leveraging the full potential of your company's IT infrastructure. We also carry out holistic audits that incorporate information security (ISO 27001) in preparation to achieving compliance with the ISO 27001 standard and testing against the UK Gambling Commissions technical standard. 

 

​

Assistance with MFSA ICT Risk and Cybersecurity Guidelines 

 

On the 28th January 2021 the Malta Financial Service Authority (MFSA) issued its ICT Risk and Cybersecurity guidelines applicable to various licenced entities including Credit Institutions, Financial Institutions and Company Service Providers amongst others. The guideline document sets out a number of requirements that licensees must meet including the proper implementation of a Cybersecurity Framework, regular testing of the security of the infrastructure and regular IT and Cybersecurity audits. Our team can assist your company at the various stages of complying with the MFSA’s requirements, starting from policy drafting and implementation up to independent audits.

 

 

 

Pen testing
 

In today’s digital world it has become extremely important to protect sensitive business information from unauthorised access, alteration or destruction. Establishing adequate credential protection as well as secure infrastructure is an important step to protect such data. Performing regular penetration testing ensures that the infrastructure cannot be compromised by attackers, whether internal or external.

Our testing involves performing a controlled attempt to breach the  organisation’s infrastructure using the same techniques that malicious attackers use to gain access. This helps us obtain an understanding of how well the security measures operate in protecting information from being compromised to provide you with valuable insights of how to improve the security measures.

 

​

Smart Contract Audits
​

With the increased popularity of blockchain based systems, the deployment of smart contracts has dramatically increased over the last couple of years. A vulnerability in a smart contract can have catastrophic effects, especially when such a smart contract can hold millions of euros in user funds. It is therefore imperative that an independent professional smart contract audit is performed prior to contract deployment.

Our team of skilled code reviewers have extensive experience in auditing smart contracts written in various languages, to give the peace of mind that vulnerabilities are uncovered prior to deployment.

​

​

Crypto Licensing Services
 

Each member of our team has more than five years of experience in various aspects of the blockchain and cryptocurrency industries, ranging from technical to regulatory advisory work. We have experience working within the regulatory frameworks of a number of different jurisdictions, with a particular focus on Liechtenstein. We are able to offer you the full spectrum of services necessary to set up and run your crypto-based business in a manner that is in compliance with applicable regulations. 

We believe that two jurisdictions within the EU/EEA can tick the above boxes.
Liechtenstein is an EEA country that has established a crypto-friendly regulatory regime since 2018, when it enacted the Token and VT Service Providers Act (TVTG). The TVTG provides a legal framework for the issuance and trading of digital Tokens.

Under the TVTG, companies that provide Token related services in Liechtenstein must obtain a license from the Financial Market Authority (FMA), the regulatory body responsible for overseeing financial services in Liechtenstein. 

 

Malta is known for being one of the most crypto-friendly jurisdictions in the world, with one of the first regulatory regimes that was introduced. 

To operate a crypto-related business in Malta, companies must obtain a license from the Malta Financial Services Authority (MFSA), the regulatory body responsible for overseeing financial services in Malta. The MFSA offers several types of licenses and approvals for crypto-related business including VFA Issuance and various classes of VFA Service Provider Licenses based on the type of activity that will be carried out by the applicant.

​

​

Regulated Financial Services Licensing

 

Persons carrying out the following activities need a licence to operate:

• Business & Consulting Agency
   

• Awards Winning Business Company
   

• Business & Consulting Agency
   

• Awards Winning Business Company
   

• Business & Consulting Agency
   

• Awards Winning Business Company

​

Radix Group offers assistance to businesses towards successfully compiling and submitting an application for authorisation to the MFSA, providing comprehensive guidance needed to meet the criteria imposed by the Malta Financial Services Authority for the completion of an application and the eventual attainment of an authorisation.

In particular but without limitation, we draft and review application-documentation and take up specific key functions within the operation. 

In addition to helping clients in the lengthy and voluminous licensing process, our multidisciplinary team of experts is able to give preliminary tax, corporate and legal advice, as well as post-license ongoing support as may be required.

​

​

GDPR Gap Analysis

​

A review of an organization's existing data protection policies, procedures, and practices is what's involved in a GDPR gap analysis. The goal of the review is to locate the areas in which the organization is not in compliance with the GDPR. This might include things like the processing of data, the storage of data, requests from data subjects for access to their data, data security, and reporting of data breaches.

The following activities are typically included in a our GDPR gap analysis:

We define the scope of the analysis, including which business units, processes,and systems will be looked at. 

We conduct data mapping in order to determine all of the personal information that is being handled by the company, as well as where it is being kept, how it is being utilized, and who has access to it.

We conduct a risk assessment in which we look for potential threats and  vulnerabilities to personal data, as well as the  likelihood of a data breach and its potential consequences.

We conduct an analysis of the data protection policies, procedures, and controls currently in place. We cconduct an  analysis of the effectiveness of the data protection policies, procedures, and controls currently in place in order to identify areas of non-compliance with the GDPR.

 

We conduct a gap analysis by comparing the organization's current data protection practices with the requirements of the GDPR. We will also provide our recommendations on the actions you can take to remediate the gaps found/ This will allow you to identify areas of non-compliance and prioritize areas that need to be fixed.

​