Edition 43: Our least favorite regulations
No one asked, but we wanted to share
Welcome back after a week off! We hope everyone enjoyed the Kentucky derby on Saturday. This week, we’re going to be running through some of the worst regulations we’ve seen across the country. None of these regulations will universally apply.
The Handle newsletter is presented by Wagers.com, a hub for all things U.S. sports betting. Check them out for some of the best content in gaming.
Let’s dive in.
Background
This may come off as us complaining, and honestly that is pretty close to what we are doing. We aren’t even impacted by some of these regulations, but we will be complaining on behalf of bettors who are. We aren’t looking to complain about regulations that are fundamental to the safety and integrity of the industry. We don’t think any of the regulations we are hating on provide an essential benefit. Rather, we want to focus on induced frictions in the marketplace that serve no real purpose. These artificially created barriers could be the reason that people stay in the offshore world. These will be common across all operators in a given state where the regulation exists (obviously) because we are not nitpicking on individual books, rather nitpicking individual state legislatures. Also, because gambling regulation is done on a state level, these regulations won’t apply to every state. So without further ado, let’s dive in.
Terrible Regulation 1: MFA at every log-in
MFA, or multi-factor authentication, is when at a log in, a user needs to enter a numeric code they have received to either through mobile number or email, or in addition to the username and password. There’s other ways to do MFA, but these are the most common in the gambling space. MFA is considered to be good “cyber hygiene”, especially for websites and apps that deal with real money. In fact, if you don’t have MFA on for your email or online banking, you should probably go turn it on after reading this piece. So why are we hating on it for sports gambling?
Let’s use an example. Every time I try to check my bank account balance on my phone, I don’t need to complete the MFA process I log in because my device is remembered. If I were to log on on a new device, I would need to complete the MFA process. This makes sense, my phone is password protected. However, this process is not the same for sports gambling apps. I need to complete the MFA process in Connecticut each time I log into any of the three apps, regardless of whether or not I have logged in on my phone before. It doesn’t seem like a big deal and it honestly isn’t the biggest deal in the world. Yet, it’s frustrating that regulations require this for my Draftkings account but not for my online bank account. It feels inconsistent and not to the level of cyber hygiene that Americans are accustomed to and comfortable with. Realistically, security measures should be higher for bank accounts than online casino apps. A reasonable solution to this is requiring MFA at each deposit rather than at each log in if regulators are insisting on MFA being frequent. This extra layer of MFA is well intentioned, but not really protecting anyone and frustrating to deal with.
Terrible Regulation 2: In State College Sports Betting Bans
This is another common regulation, with plenty of states, including CT and NJ, both having it. The regulation basically reads that bettors cannot bet on collegiate sporting events that either have a college from that state or are being played in that state. For example, I could not place a bet on the Yale college lacrosse game on Sunday because I am in New Haven on a regulated book. Did that stop some of my friends from turning to their offshore books and placing a wager there? Absolutely not. If I were in New Jersey instead of Connecticut, could I have placed a wager on the game even though I would have the exact rooting interest and connection to the team playing? 100% yes. This rule is well intentioned, designed to lower the risk of integrity issues in college sports. But guess what? If there is someone who can identify those regulatory issues faster, it’s the regulated operators! If all the action comes on offshore books, there is no way to identify it. Basically, this is a solution in search of a problem and is actually likely running counter to the goal it is hoping to achieve.
Terrible Regulation 3: In Person Registration Requirements
This one has mostly been eliminated due to its sheer stupidity. Illinois had it for a while before suspending it during the pandemic. The gist of the regulation is that to make an account, an individual needs to go to a physical sports book location to improve KYC protocols while they are opening an account. The thinking is that physical registration will improve reliability and potential issues with technology. Again, this is ridiculous, especially in larger states where that might not be a physical location for sports books evenly distributed by the state. Going to a physical location to make an account also just feels incredibly dated for Gen-Z. I can make and fund a bank account online but not an account at Draftkings? The operators are probably equally as upset about this type of regulation as we are because it really increases the friction to making an account. Rather than dealing with a clunky, but still digitized process, users have to get off their couch. No one can impulsively decide they want to make an account to bet on football on a fall Sunday. They have to go and make it an errand.
Terrible Regulation 4: Limiting Operators that can Operate in a State
We get it. Giving a license to every operation that wants one is not a reliable or responsible way to bring gambling into a state for the first time. At the same time, how is there ever supposed to be any innovation if only 2-4 (or 1) operators are allowed to operate in a state? Of course the big incumbents will win those slots and it will be a challenge for any other business model to ever gain a foothold for no other reason than regulation. Sure, we’re skeptical of some of the less typical business models out there. But if the alternative business model companies fail, it should be because they did not match consumer preferences, not because regulations killed them in the cradle. Look at states like New Jersey, Colorado, and Iowa. Competition is a good thing! States should embrace it.
Lack of Good Regulation 5: No easy way to see Gambling History
On my PPH book, it’s relatively smooth for me to just see what my weekly summaries are, as well as monthly and annual totals. A few clicks and I can easily analyze the bets that I’ve made it. Trying to do the same thing on a regulated site? Good luck. It’s going to be all manual. If operators really wanted to confront problem gaming, I would get a weekly, monthly and annual summary of my gambling history delivered to my inbox at whatever frequency I chose. I’m not saying that everyone should have to have this, I’m saying it should be mandatory that operators offer it in an easy to find and concise way. Sure, I could find it on the website or do it manually. But the point is that it should be as easy as possible. No one should have to be relying on these mediocre third party synced to operator apps to get a summary of their gambling history. Make operators do this for consumers to promote responsible gaming.
Conclusion
Overall, many of the regulations operators face are reasonable even if they are annoying. I may not love that I can’t be on a zoom call and be geolocated at the same time, but I understand why that regulation for reliable geolocation exists. I may hate the play time summaries I get when I log in to some operators, but theoretically they could reduce problem gaming. But the regulations above? They have to go. They aren’t adding much to the safety of players and they are not necessary for KYC. We’d love to see states learn from their mistakes as the industry starts to mature. We also aren’t trying to criticize lawmakers in a nascent industry. The original regulations were never going to be perfect. What matters is learning from those initial mistakes.
