MGA Provides Information on Updates Made to Audit/Review Process

The Malta Gaming Authority (MGA) has provided information to its Approved Audit Service Providers and current and prospective licensees about the updates made to the Audits section on the Authority’s portal, and the related Audit/Review process.

“The Malta Gaming Authority (the Authority) would like to inform its Approved Audit Service Providers and current and prospective licensees of minor updates made to the Audits section on the Authority’s portal, and the related Audit/Review process. The following information outlines the considerations to be made for the auditing process, and the submission of reports for any of the System Audits, System Reviews and/or Compliance Audits engagements, hereinafter referred to as the ‘Audits’.

“After receiving approval from the Authority, the appointed Service Provider has sixty (60) days to complete System Audits and System Reviews, and ninety (90) days for Compliance Audits. The completed Audit report must be submitted electronically through the Authority’s portal. Should the appointed Service Provider identify any instances of non-compliance during this review period, the licensee should be notified, and the licensee is strongly encouraged to address and rectify any identified issues within their documentation and/or systems throughout the Audit period.

“In such circumstances, the Approved Service Provider must conduct fresh audit checks of the identified non-compliances and appropriately mark such checks within the Audit Report as ‘Resolved at Audit Stage’, if deemed to be compliant. Furthermore, the ‘Partially Compliant’ status can be used if an audit check is found to be partially compliant with the Regulations.

“In view of these changes, the Authority has added two new External Audit Conclusions statuses, these being ‘Resolved at Audit Stage’ and ‘Partially Compliant’, for the Service Providers to be able to report the Audit findings accordingly.

“Should there be any instances of non-compliance which cannot be resolved within the Audit deadline, the licensee may request a one-time extension of the Audit deadline to resolve and re-audit the identified systems and/or documentation issues. The request of such an extension would need to be accompanied by a summary of the issue/s, and a plan of rectification. The extension is at the Authority’s discretion, the time-frame of which shall be determined by the Authority.

“It is important to note that the Authority retains the right to reject an Audit Report if it is unable to arrive at a conclusive review outcome due to a significant number of instances of non-compliance.”