Can you outsource compliance? And should you?

There are two schools of thought when it comes to outsourcing the compliance function in the average gambling business. The first holds that outsourcing enables an organisation to access specialist knowledge and experience, in a more cost-effective and convenient way. And that this logic applies in compliance just as it does anywhere else.

The second is that decisions relating to player safety and responsible gambling are leaving the building over the dead body of the Chief Compliance Officer. 

As you may have guessed from the way I phrased that, opinion 2 is shared by pretty much every operator we’ve ever spoken to. 

But is it that simple? Are there elements of compliance that can leave the building, or even should? With apologies in advance for our inevitable focus on the world of anti money-laundering, source of funds and affordability checks, here’s the ClearStake take.

Why outsource compliance?

Many of the reasons to outsource your compliance function (either in whole or in part), are identical to the reasons for outsourcing anything. They can be briefly summarised as:

• Access to scarce or unusual skills. Like anything else, a fully-featured compliance function requires skills that may be hard to acquire, or that won’t make sense to bring in-house. If you need the services of a private detective to establish that a customer’s wealth is from a legitimate source (yes, it happens), do you employ that person full time or use an agency? Usually the latter.
• Ability to scale up and down. It is often necessary to do a lot of ‘compliance’ in a hurry (perhaps after a particularly successful acquisition campaign, or during an event when new users bet heavily). In these circumstances, it can be hard for in-house teams to ramp up capacity - and outsourcing might make sense.
• Focus on core competence. Although some operators would disagree, in broad terms ‘checking customer bank statements’ isn’t the job that most gambling businesses were set up to do. Business 101 suggests focusing effort on an organisation’s core competence, and leaving anything outside that to the experts.
• Cost savings. In some ways a summary of all the above: outsourcing is often cheaper, whilst delivering a service of the same or even higher quality. 

There is, in this specific case, one additional reason to outsource checks of financial data. Customers may feel more comfortable sharing that data with an independent third party (as opposed to the operator directly), which then provides a more limited summary of the data on to the operator in order to support making a compliance decision.

That said, this can be looked at both ways. Some consumers may wish to limit the number of organisations who see (or potentially see) their data, and prefer to deal directly with operators. We’ve certainly been asked both to white-label our solution and present it very clearly as independent - so the jury is out. 

Either way, there are clearly good reasons to outsource some or all of a compliance function. So what’s the argument against?

Giving up control

As we mentioned in the introduction, this is ultimately about the wisdom of giving up control. And to some extent, it touches on the ‘core competence’ argument above. In truth, most compliance officers would argue that protecting customers who need to be protected, whilst allowing those who want to bet to do so, absolutely IS a core competence of a gambling business.

From another angle, decisions around affordability, and money-laundering, are just too important to allow them to be made outside the building, and not under the direct control of the organisation’s management team. At stake is not just the possibility of fines, or even loss of license, but the entire reputation of the company and indeed the industry. 

And although nobody might want to say it out loud, there’s a commercial consideration here too. Gambling companies exist to make a profit, and a functional compliance team aims to minimise risk, yes, but do so whilst maximising revenues. An over-zealous outsourced compliance function has the potential to put a significant dent in revenues. Again, close oversight is probably required.

All the above explains why the Chief Compliance Officer we met in the introduction to this piece is (understatement alert) incredibly reluctant to let affordability and AML decisions out of the building. But that doesn’t mean there aren’t other options when it comes to outsourcing. Let’s talk about them.

A happy medium

It is possible to keep the decision inside the organisation whilst outsourcing a lot of the tedious work that goes on before it has to be made. However, even in this case there are risks. If you ask an external agency to look through bank statements and present back a summary of their conclusions, how do you know they are not making mistakes or cutting corners?

That leaves the possibility of using technology to perform a number of the more time-consuming compliance tasks, but technology that is ultimately still controlled and configured by the operator themselves. That is, essentially, the business ClearStake is in. 

It makes a lot more sense to find solutions that do the hard work (reading, categorising and summarising data in bank statements) or increase the number of customers willing to share that data in the first place (through user-centric online workflows designed to maximise opt-in) than it does to play games with your company’s top-line revenue or (worse) reputation. 

And if you have the right solutions to those challenges in place, you can enjoy a significant number of the benefits of outsourcing - and your Chief Compliance Officer can sleep at night.

‍