ethics and business compliance
Betsson holds gaming licenses in many different jurisdictions with significantly varied laws and regulations. To ensure long-term sustainable operations and profitability, compliance with laws, regulations and ethical standards in these jurisdictions is crucial. Betsson’s way of conducting business should support a strong corporate reputation in the industry.
Betsson plays an active part in national and international discussions and raises awareness of the importance of sustainable gaming regulation. The Group is working within its own remit but also through various industry associations to influence the interpretation of the regulations. More on this topic can be found in the section on Betsson’s work for sustainable gaming regimes.
One area which Betsson follows closely is the channelisation of customers into the locally regulated licensing systems, where such systems are compliant with applicable international law. Another area is the importance of strong consumer protection, ensuring that the customer is at the centre of every regulatory and business decision taken.
Ambition

Betsson's way of conducting business should support a strong corporate reputation in the industry

Goal
  • Betsson's work in the business compliance area contributes to Betsson having a strong reputation when it comes to compliance.
Outcome
  • All of Betsson's efforts within business compliance contribute to the Group's strong corporate reputation when it comes to compliance. Therefore, the ambition is measured through all the KPIs for business compliance.
Ambition

Work for sustainable gaming regulations

Goal
  • Active member of relevant industry organisations with a view of cooperation with other members in developing best practise standards, providing clarifications and guidance on industry-specific issues, and representing the industry in discussions with regulators and other stakeholders.
Outcome
  • Betsson is an active member in 16 (16) industry associations.
Ambition

Meet the laws, regulations, integrity and ethical standards that apply to our organisation where we operate

Goals
  • Zero material sanctions for not complying with international or local laws and regulations.
  • Zero confirmed cases of corruption.
  • All whistleblowing incidents are investigated.
  • Fully support audit reviews and action audit findings.
  • Always act on warnings from IBIA (International Betting Integrity Association) of suspected match-fixing.
Outcomes
  • 1.3 MEUR paid for not complying with international or local laws and regulations. See more on p XX.
  • 0 (0) confirmed cases of corruption.
  • 0 (0) whistleblowing incidents reported.
  • Betsson fully supported all audit reviews and actions audit findings.
  • Betsson acted on 98% (98%) of all IBIA warnings of suspected match-fixing.
Ambition

All employees comply with Betsson’s internal rules and ethical standards

Goals
  • Employees shall undergo regular training in responsible gaming, anti-money laundering, anti-bribery, GDPR and information security.
  • All employees have signed Betsson’s Code of Conduct.
Outcomes
  • Within these areas, new employees received training and a vast majority of all employees went through in-depth courses in 2023. In addition, employees regularly take role-specific training on these topics.
  • 97 % (93 %) of employees have signed Betsson’s Code of Conduct.
Ambition

Work for a safe and trustworthy platform

Goals
  • The Group’s technical platform is certified according to ISO 27001.
  • All Card Data Environment (CDE) developers must undergo training in secure coding at least once a year.
Outcomes
  • 0 (0) non-conformities raised at ISO 27001 surveillance audits, demonstrating compliance to the standard.
  • All CDE developers were trained in secure coding during 2023.
Ambition

Have high standards for third parties, with which Betsson cooperates

Goal
  • Robust due diligence checks continue to be applied to all third-party providers to ensure that they are aligned with Betsson's Code of Conduct standards and general compliance requirements.
Outcomes
  • Due diligence procedures were carried out on third parties.
  • Agreements are in place with third parties that contain all relevant contractual clauses, for example anti-corruption.
Ambition

Raising awareness and showing transparency by participating in major conferences, seminars and/or panel discussions on compliance within the gaming sector

Goal
  • Actively participate as speakers in major conferences, seminars and/or panel discussions on compliance.
Outcome
  • Betsson participated in 5 (6) conferences, seminars and/or panel discussions on compliance in 2023.
Ambition

Be transparent with Betsson's outcomes in the area of sustainability

Goal
  • Publish the sustainability report in accordance with international standards.
Outcome
  • The Sustainability Report for 2023 has been produced in accordance with GRI standards.
Betsson’s membership in industry organisations
EuropeEuropean Gaming and Betting Association (EGBA)
BrazilInstituto Brasileiro de Jogo Responsável (IBJR)
DenmarkDanish Online Gambling Association (DOGA)
EstoniaEstonian Gaming Operator Association (EGOA)
FinlandRahapeliala ry
GermanyDeutscher Verband für Telekommunikation und Medien (DVTM)
ItalyAssologico (LOGICO)
LatviaLatvijas Interaktīvo Azartspēļu Biedrība (LIAB)
LithuaniaLietuvos Losimu Aerslo Asociacija (LLVA)
MaltaiGaming European Network (iGen)
NetherlandsNederlandse Online Gambling Associatie (NOGA)
NorwayNorsk Bransjeforening for Onlinespill (NBO)
PeruApadela
SwedenBranschföreningen för Onlinespel (BOS)
SwedenSpelbranschens Riksorganisation (SPER)
United KingdomBetting and Gaming Council (BGC)

Betsson believes that multi-stakeholder dialogue and industry cooperation are key ingredients to define a legal framework that is in the service of public interests, customers, and companies. In the gaming industry, due to the significant differences in regulatory stance from country to country, this cooperation is even more important since it serves as a forum for discussing the different approaches and best practices from other jurisdictions.

Betsson is part of several local and international associations, as presented in the table. At a local level, the associations seek to act as a main point of contact with stakeholders in the relevant jurisdictions. This is particularly important in licensed markets due to the regular updates in local regulation, as well as in markets which are considering a local license regime. In this respect, a Finnish Trade Association for Online Gambling was established in early 2023. This association, which Betsson forms part of, acts as the main point of contact with Finnish stakeholders in view of the ambition of the Government to move to an open licensing model.

At an international level, it is worth mentioning Betsson’s work through the EGBA (the European Gaming and Betting Association), which is the largest international industry association. Examples of joint work include the GDPR Code of Conduct in the Gambling Industry, the Advertising Code of Conduct for the Gambling industry, the AML Code of Conduct and the EGBA Sustainability Report.

Meanwhile, through the EGBA, Betsson is also involved in important legislative processes which directly or indirectly impact the industry, such as the Supranational Risk Assessment report for the EU, the Digital Services Act and current proposals for an EU-wide AML Regulation.

In 2023, Betsson implemented a new compliance management system, which enables a more efficient and transparent management of compliance requirements for all markets. In parallel, Betsson also implemented a Contract Lifecycle Management System, which streamlines Betsson’s internal processes when it comes to the onboarding and management of suppliers.

Betsson’s Internal Rules policy requires a yearly review of the Group’s policy framework. In line with the policy, in 2023 all Internal Rules for Betsson AB have been reviewed and re-adopted by the Board of Directors and the CEO of Betsson AB. The Group’s Internal Rules are managed, reviewed, and amended by a cross functional working group to ensure that Betsson’s Internal Rules framework is kept adequate and up to date. In parallel, the Compliance team reviews policies tied to the operational business to ensure that they meet applicable legal requirements. Work is ongoing to assess whether additional policies are required based on the organisation’s development and growth. The Internal Rules policy is available on the Group’s intranet.

Advanced training offered to all employees and contractors in 2023
Responsible gaming
Anti-money laundering
Anti-bribery
GDPR
Information security

Every year, Betsson conducts its annual enterprise risk assessment, which is a standard process. Through this exercise, Betsson recognises the main risks to which the Group is exposed in different areas, as well as the mitigation steps taken to remedy these risks. The risks, their rating, and mitigation are monitored on a quarterly basis by the Governance, Risk, and Compliance function. 

A specific compliance risk assessment is also carried out annually with the purpose of analysing the risk related to the regulatory requirements pertaining to the Group’s operational gaming businesses. Examples of areas in scope for the assessment are Anti-Money Laundering, anti-corruption, responsible gaming, data privacy/GDPR and other customer protection and gaming licenserelated requirements. Furthermore, certain operational and general risks resulting from the legal and operational aspects of compliance were identified and analysed as part of the assessment.

Betsson’s Code of Conduct sets the Group’s expectations on employees. The Code, which begins with a statement from the CEO, covers Betsson’s relationship among employees, with customers, suppliers, the capital markets, and other stakeholders, and addresses the Group’s approach to sustainability. The Code incorporates the United Nations Global Compact’s ten principles relating to human rights, labour, environment, and anti-corruption. All employees must comply with the Code of Conduct and failure to comply may lead to disciplinary action. The Code can be found here and it is also readily available to employees on the Group’s intranet.

Betsson strives to ensure that all employees feel safe about reporting potential problems or wrongdoings to their line manager or to the Human Resources department. Since 2015, Betsson has therefore a standalone, external whistleblowing system where employees anonymously can report any irregularities within the Group. Two senior executives in Betsson AB have access to the system and decide what actions are required. Two members of Betsson AB’s Board of Directors are notified of any reports as part of their supervisory role. For 2023, no cases were reported. Any cases are dealt with according to a set process. A summary of Betsson’s whistleblowing policy can be found on www.betssonab.com.

Betsson has improved its global whistleblowing channel by implementing a new whistleblowing framework in line with the Whistleblowing Directive (2019/1937) and has established various local whistleblowing channels in accordance with applicable national legislation. This has been done to preserve the highest standards of professionalism, integrity, and ethical behaviour as well as to prevent or reduce the risks of unlawful or improper practices by granting a safe and confidential way to report any perceived wrongdoings. Work on establishing local operational procedures has in principle been finalised as well as activation of the respective channels.

Governance of anti-corruption and anti-bribery

  • Anti-corruption policy
  • Code of Conduct
  • Risk assessment to evaluate corruption risks
  • Yearly anti-bribery training for employees

Betsson has zero tolerance for corruption. Fighting corruption is important to Betsson, notably to encourage healthy competition and promote public confidence in the Group as well as in the industry

Betsson conducts yearly risk assessments to evaluate the corruption risks across the Group. The risk assessment is presented to the Board of Directors as well as to the management teams of Betsson AB and Betsson Operations. A summary of Betsson’s anti-corruption policy, where the policy itself was adopted by the Board of Directors, can be found here. Betsson also has an e-learning course in anti-bribery for all employees and contractors.

The anti-corruption policy and the Code of Conduct codify Betsson’s activities to counteract corruption and bribery and clarifies that Betsson must comply with current legislation in this area. Further, they provide guidance as to how managers and employees should respond to gifts and other benefits.

Money laundering and financing of terrorism are global threats that affect many industries. Compliance with Anti- Money Laundering (AML) and Countering the Financing of Terrorism (CFT) requirements and legislation is of great importance for all businesses which may be exposed. Betsson’s exposure to such risks relates, among other, to the offered iGaming products and services, customers use of those products and services, distribution channels and other jurisdictional and market-related risk factors.

Betsson's operations has since many years AML and CFT guidelines and routines in place, including risk-based processes and procedures to ensure that the Group knows its customers, which reduces the risk of money laundering. A summary of the Group's AML and CFT policy can be found here.

Betsson has internal, proprietary monitoring tools as well as tools from third-party suppliers that monitor all transactions made through Betsson, and flag situations which require further attention by the Group’s anti-money laundering team. Further, all players are screened from the first deposit and continuously against national and international sanction lists.

Betsson cooperates with authorities and performs checks required by legislation, regulations, and other directives from authorities in the markets where the Group operates. The Group reports any suspected cases of money laundering (Suspicious Activity Reports, SARs) to relevant authorities.

Training in anti-money laundering is included in the induction that all new employees at Betsson undergo. All employees and contractors globally are also expected to go through a yearly AML e-learning. In addition to this, employees who work specifically with money laundering issues receive regular in-depth training.

Betsson’s goal is to counteract match fixing in all forms of sports betting. The Group has rigorous control systems in place that collect and analyse data and warn of irregularities. A dedicated Betting Integrity Officer, together with a team of analysts, works on these issues. The Group has also developed a comprehensive global anti-match fixing policy that sets procedures and processes regarding fraud in sports.

The Group is a member of IBIA (International Betting Integrity Association), a global organisation for licensed companies that works towards a high standard in sports betting. Gaming companies cooperate through IBIA by reporting suspicious gaming patterns and sharing data. Cases of suspected malicious betting are reported on the platform which triggers an alert to other operators in the IBIA community. Operators are required to respond to the alert giving details whether the situation outlined in the ticket is suspicious on their side.

Betsson aims to always respond promptly to warnings from IBIA and, where relevant, provide information. If match-fixing is suspected, immediate action is required, for example the closing down of bets on the match. Suspected cases are also reported to local regulators and police in accordance with the rules applicable to the specific jurisdiction.

Betsson is currently working on getting data sharing agreements in place with various sport governing bodies, such as the Tennis Integrity Unit and more.

Further, Betsson takes part in several local networks such as the Swedish Sports Confederation’s agreement between the licensed gaming companies in Sweden regarding data sharing and reporting. As a result of Betsson sharing data, analyses, and discussions about gaming patterns with other operators, the industry can more effectively identify and prevent fraud, while authorities can secure evidence to prove criminal activity.

In addition, Betsson collaborates with the sports betting integrity unit at the Malta Gaming Authority (MGA) by both reporting suspicious betting activity to be shared with other operators and by replying to queries including sharing of data through requests for information where necessary.

Governance of anti-match fixing

  • Dedicated Betting Integrity Officer
  • Group anti-match fixing policy
  • Member of IBIA and local networks
  • Data sharing agreements with various sport governing bodies

 

Betsson follows globally recognised standards for information security, in addition to complying with local laws and regulations in the markets where the Group holds licences. All employees and contractors must comply with Betsson’s information security policies designed to provide a robust framework to protect the Group’s and customers’ data.

The long-term information security strategy is focused on protecting information and reducing risk across all business areas. This makes it a core component of a continual improvement process, where security is built in by design, resulting in an overall better-quality product offering.

Betsson’s high-level information security policy provides insight into Betsson Group’s information security scope and objectives. A summary of the information security policy can be found here.

Extensive security controls are in place to protect information against unauthorised access and processing, as well as processes and plans to handle any incidents. The Group carries out regular security audits and vulnerability and penetration testing. Betsson has also continued to reenforce the governance and operational security measures in place for protection against unauthorised access or processing of data.

In 2023, Betsson Group was successfully recertified as ISO27001:2013 compliant – the international standard for implementing an Information Security Management System (ISMS). The certification means that Betsson, after evaluation, has been found to comply with the ISO standard’s far-reaching requirements for information security. The certified management system covers more than 80 percent of Betsson’s operations. Suppliers’ information security processes are vetted through the procurement process.

Betsson is also PCI DSScertified for secure card transactions and cooperates with several large banks. The certification means that credit card information is handled securely, and that the Group meets the strict security standards when it comes to processing of payments, withdrawals, and deposits as set out in the PCI DSScertification process.

When joining Betsson and regularly every year, employees and contractors must confirm their abidance by the Group’s Acceptable Use Policy (AUP) for computer use and go through training in information security. In addition, the information security team continuously communicates on the subject.

Governance of Information Security

  • Chief Information Security Officer
  • Dedicated information security team
  • Information security policy framework including other supporting policies and procedures
  • Re-occurring online training on information security management for employees

Betsson is dedicated to protecting customers’ and stakeholders’ privacy. Betsson operates within a framework of various privacy laws, including but not limited to the General Data Protection Regulation (EU) 2016/679.

Betsson’s groupwide data protection and privacy framework is designed to provide extensive guidance on privacy and data protection matters across all operations by laying down responsibilities and governing principles that need to be adhered to by all employees.

Governance of data protection and privacy

  • Data Protection Officer
  • Data privacy team
  • Data protection and privacy framework adopted by the Board of Directors
  • Employee Data Privacy Policy
  • Induction training for all new hires globally
  • Annual training for employees and contractors plus ad-hoc subject specific training

Moreover, the framework, together with the relevant information security policies, sets out a minimum level of data protection principles. The framework and its policies, processes and routines are regularly reviewed, developed and re-approved to align with external requirements and expectations on safe handling of personal data. A summary of the data privacy policy and framework can be found here.

The Group's Data Protection Officer (DPO) is responsible for the Group’s data privacy strategy and performance. The Group has established a data retention and deletion policy, aligned with best practices, and adheres to a strict policy of not selling or providing personal data to third parties for purposes other than completing transactions or services, if not legally required to do so.

Betsson has implemented a data breach remediation process that encompasses both reactive and proactive measures. The plan is designed to respond to any personal data breaches in a timely manner, considering any reporting requirements while also proactively identifying and addressing potential vulnerabilities.

To ensure a holistic approach, the Group’s commitment to data protection includes suppliers and business partners. As a safeguard, Betsson incorporates explicit warranties in its agreements with suppliers ensuring they adhere to rigorous data privacy standards.

Employee awareness is key in maintaining high privacy standards. All employees, including contractors, are provided with annual training, in addition to occasional subject-specific training.

Marketing that increases awareness and engagement and supports the business is an important part of Betsson’s commercial toolbox. To build long-term customer relationships and protect the Group’s brands in the long run, it is fundamental that Betsson’s marketing is responsible.

The Chief Commercial Officer and the General Counsel of Betsson Operations are ultimately responsible for ensuring that Betsson approaches marketing in a responsible way and in accordance with local rules and regulations. As local marketing regulation keeps increasing, the Group works continuously to ensure compliance in all jurisdictions where Betsson operates.

Betsson holds Global Gambling Guidance Group (G4) accreditation, which means that the Group complies with G4’s ethical rules as regards advertising, marketing, and sales. In addition to these, Betsson follows locally set guidelines, such as the Code of Conduct on Responsible Advertising for Online Gambling by the European Gaming and Betting Association (EGBA), and the Swedish Gambling Association (SPER) and the Swedish Trade Association for Online Gambling (BOS) guidelines for marketing in Sweden.

Like many e-commerce companies, Betsson uses affiliates, where a third-party company promotes the Group’s gaming sites. Comprehensive agreements between the parties govern how the Betsson brands may and may not be promoted by affiliates. A dedicated team works continuously to assess this cooperation and make sure that the agreements are followed.

Governance of responsible marketing

  • Chief Commercial Officer
  • General Counsel
  • Global marketing concept
  • Global Gambling Guidance Group (G4) accreditation
  • MGA responsible advertising guidelines
  • EGBA Code of Conduct on Responsible Advertising for Online Gambling
  • The Swedish Gambling Association (SPER) and the Swedish Trade Association for Online Gambling (BOS) guidelines for marketing in Sweden
  • Other local marketing rules, regulations, and guidelines

 

 

Taxes represent a pillar in the financing of society and public welfare, and Betsson therefore regards compliance with tax legislation as an important duty of a responsible business. Betsson operates through its subsidiaries in many different countries at a global level and is consequently exposed to multiple international and local tax regulations. The Group is to comply with all applicable local tax legislation and tax regulations in those countries where the Group operates. In addition to paying corporate tax, the Group’s various companies also pay gaming tax and sales tax. The taxation of international digital operations, especially in online gaming, is a complicated area, and work is constantly ongoing in the Group to ensure compliance in an environment where both national and international tax laws and tax treatment change rapidly.

Betsson works continuously on its own and through industry organisations, to influence the development of both the tax frameworks of the OECD and the EU as well as local rules in collaboration with local lawmakers. Taxes are an important element in commercial scalability from the Group’s perspective and in relation to our responsibility to the shareholders as regards financial results.

Taxes are never the determining factor behind business decisions – these shall always be based on what is best for Betsson’s business. Betsson’s global tax policy can be found here.