The Key Function framework ensures that licensed operators maintain clear accountability, strong internal controls, and effective risk management across their operations.
Key Individuals are senior persons responsible for specific operational or control functions within a licensed entity. Each role corresponds to a Key Function, and the appointed individual must be:
- Approved by the MGA through a Personal Declaration and Fit & Proper assessment
- Competent and experienced with the mandatory requirements in the relevant area
- Actively involved in decision-making and oversight
- Available to liaise with the Authority on regulatory matters
Key Individuals may be employees or external service providers, depending on the structure of the licensee, but accountability must remain clearly defined.
1. CEO
Purpose: Overall management and strategic leadership of the licensed entity. This role carries ultimate responsibility for operational conduct. Typical responsibilities:
- Overseeing daily operations and corporate strategy
- Implementing internal policies and risk management frameworks
- Establishing governance and internal control frameworks
- Ensuring adequate resources for compliance and responsible gaming
2. Compliance Function
Purpose: Ensuring the company operates in accordance with MGA regulations and licence obligations. The Compliance Officer is central to maintaining the licensee’s regulatory standing. Typical responsibilities:
- Monitoring regulatory compliance and internal controls
- Maintaining policies & procedures and conducting internal compliance reviews
- Coordinating regulatory reporting and submissions
- Acting as liaison with the MGA during audits and inspections
3. MLRO Function
Purpose: Preventing money laundering and terrorist financing risks. This role is only applicable to B2C licenced entities only.Typical responsibilities:
- Implementing AML/CFT policies and procedures as well as Training staff on AML obligations
- Monitoring transactions, player activity as well as filing suspicious transaction reports (STRs)
- Conducting risk assessments and due diligence reviews
- Liaising with the FIAU and MGA on AML matters
4. Gaming Operations Function
Purpose: Financial management and safeguarding of company and player funds.
Typical responsibilities:
- Maintaining accurate financial records and monitoring liquidity and financial sustainability
- Ensuring financial reporting to the MGA
- Managing player funds segregation and protection
- Supporting regulatory financial compliance checks
5. Legal Function
Purpose: Ensuring legal compliance with gaming laws and contractual obligations. The legal function ensures regulatory interpretation is consistent and documented.Typical responsibilities:
- Advising on regulatory and corporate legal matters
- Reviewing commercial agreements
- Monitoring legal developments affecting gaming operations
- Assisting in dispute resolution and enforcement responses
6. Technological Function
Purpose: Maintaining the integrity and security of gaming systems.Typical responsibilities:
- Managing gaming platforms and infrastructure, and monitoring system performance
- Ensuring system security and data protection
- Overseeing integrations and third-party suppliers
- Supporting technical compliance audits and certifications
7. Data Protection and Privacy Function
Purpose: Ensuring compliance with GDPR and data protection requirements. Where applicable, this function may be performed by a Data Protection Officer (DPO). Responsibilities include:
- Overseeing data protection governance frameworks
- Ensuring lawful processing of personal data and managing data subject rights and requests
- Monitoring data security and breach reporting obligations
- Providing privacy training and internal guidance
8. Internal Audit Function
Purpose: Providing independent assurance on governance, risk management, and internal controls. Responsibilities include:
- Conducting independent internal audits and reviewing compliance with internal policies and regulatory obligations
- Identifying control weaknesses and recommending improvements
- Reporting findings to senior management and, where applicable, the board
- Monitoring remediation actions and follow-up reviews
The MGA’s Key Function structure ensures that accountability is clearly assigned within licensed entities and that regulatory risk is actively managed. It also guarantees that player protection and financial integrity are maintained. Ultimately, this framework strengthens governance standards across the gaming industry.
How BDO Malta Can Support
BDO Malta offers direct access to a network of MGA approved professionals who can immediately support and fulfil required key roles, such as internal audit, key compliance, key legal, key technology and DPO. Beyond outsourcing solutions, we act as strategic partners throughout the entire application process by advising on optimal appointments and permissible MGA structures.
Our team goes further by proactively identifying mandatory requirements, mitigating potential conflicts early, and ensuring your application remains fully aligned with regulatory expectations. In addition, our specialised experts provide tailored training programmes for key function holders, enabling them to efficiently achieve their mandatory CPD obligations while strengthening your organisation’s overall governance and compliance framework.
BDO offers an end-to-end advisory, tax, audit and outsourcing service and this integrated approach ensures that licensing is not treated as a one-off exercise, but as part of a long-term regulatory strategy.
We work closely with gaming service and critical supply licensees on matters of financial, regulatory, corporate, technical and fiscal compliance, starting off by setting up your company, providing the required guidance and support to submit a complete application, maintaining the company in good standing, providing ongoing compliance support and the statutory independent audit and assurance oversight. Whether you’re exploring our services, applying for an MGA gaming licence, or seeking reliable compliance support for your licensed business, our experts are here to help.