Contact Us

    MGA Type 1 Licence: 2026 Guide for Online Casino Operators

    MGA Type 1 Licence: 2026 Guide for Online Casino Operators

    Launching an online casino brand is easy. Launching one that banks, scales, survives audits, and keeps regulator trust is much harder. That is exactly why serious operators still consider an MGA Type 1 licence from the Malta Gaming Authority a top-tier option.

    Type 1 sits at the heart of the online casino world. It covers games of chance played against the house where outcomes are determined by a random generator, including casino-style games such as roulette, blackjack, baccarat, and other RNG-led products, as well as lotteries and certain secondary lottery formats. If you want to run a player-facing RNG casino product from a leading EU jurisdiction, this licensing route most aligns with that model.

    What is an MGA Type 1 Licence?

    An MGA Type 1 licence is required whenever a Maltese or EU/EEA entity wants to offer a gaming service from Malta, whether to Maltese players or through a Maltese legal entity. An MGA Type 1 licence forms part of the wider MGA B2C licence framework in Malta, which defines how operators may legally offer player-facing gaming services from the jurisdiction. “B2C” matters because it means you deal directly with players, which triggers deeper obligations around customer onboarding, responsible gaming, AML controls, complaints, marketing conduct, incident reporting, and technical controls.

    A Type 1 licence is the “casino core” category. The MGA’s own definition describes Type 1 as games of chance that are licensable by the Authority, including casino-type games such as roulette, blackjack, baccarat, and virtual sports games, as well as lotteries and related formats. Put simply, if you want to run slots and table games where the operator holds the risk and the RNG determines the outcome, Type 1 is the scope you are describing to the regulator.

    Why Malta is Chosen for an MGA Type 1 Licence

    Operators choose Malta for three practical reasons:

    1. Established regulatory environment: Malta is a well-known EU jurisdiction with a credible supervisory authority.
    2. Structured MGA process: Ownership integrity, funding, business planning, compliance readiness, and technical implementation are tested in stages, reducing regulatory surprises later.
    3. Industry recognition: Once licensed, counterparties understand the credibility of an “MGA Type 1 licence” during banking, payment onboarding, and B2B negotiations.

    However, Malta’s strength also explains its difficulty. If you want a jurisdiction where you can submit basic paperwork and go live quickly, the MGA Type 1 licence is usually not the right fit. The MGA expects proof that you can run a safe, auditable operation, and it verifies that your technical environment matches what you declared during the application.

    Minimum Share Capital for an MGA Type 1 Licence

    First, one of the clearest entry requirements is capital. Specifically, for a B2C gaming service licence, the minimum issued and fully paid-up share capital depends on the game type. For example, for Type 1, the MGA guidance indicates a minimum of €100,000.

    Importantly, this figure is not a “nice-to-have.” Instead, it forms part of statutory readiness and must be in place to meet the regulator’s baseline expectation. In practice, therefore, treat it as the floor rather than the full financial plan. Moreover, a credible application typically demonstrates that you can fund the build, staffing, compliance operations, and the early months of player acquisition without relying on unrealistic assumptions.

    Who Can Apply and What “Fit and Proper” Really Means

    The MGA licensing flow evaluates the people behind the business, not only the company name. The regulator’s process includes a fit and proper review plus checks on business planning and operational readiness.

    This means you need clean and consistent documentation for ownership, ultimate beneficial owners, directors, and key persons. You also need a coherent story around source of wealth and source of funds. Many applications slow down here. If ownership is layered, if funding arrives through unclear routes, or if documentation is inconsistent, the regulator will ask questions until the picture becomes clear.

    The MGA also expects you to assign and maintain key responsibilities. Even when titles differ between operators, the Authority wants accountable individuals who can show they have the authority and independence to run compliance and operational controls properly. If your compliance function looks like a formality rather than a real operational layer, your risk of delays increases.

    What Type 1 Operators Must Build Before They Apply

    A Type 1 application succeeds when your corporate plan, compliance framework, and technical architecture align fully. However, if they do not, the issue most often surfaces during the technical setup and system audit stage, where regulators carefully assess whether the operational structure truly supports the licence requirements.

    Most successful applicants build three foundations before submitting:

    1. Governance: Clear corporate structure, workable board and management model, defined decision-making routes for compliance and risk matters, and oversight of third parties.
    2. Operational compliance: Implementable policies and procedures matching your intended market, product, and payment routes.
    3. Technical control system: Platform, wallet, RNG game integrations, back office, reporting pipeline, and security controls documented for independent audit.

    The MGA Application Process for a B2C Type 1 Licence

    The MGA describes the application journey in stages: fit and proper checks, business planning review, operational and statutory requirements, and technical review culminating in a system audit. Think of it as a controlled build-and-verify project rather than a one-time filing.

    Stage 1: Preparing the Application Package

    To remove ambiguity, a clean submission should include a coherent business plan, a detailed operational plan, proof of share capital, ownership and funding documentation, and a comprehensive set of policies that accurately reflect actual operations.

    For Type 1, sensitive areas include your RNG game portfolio and supply chain. You must show oversight of studios, aggregators, platforms, and payment stacks.

    Stage 2: Fit and Proper & Business Planning Assessment

    The MGA checks suitability of people behind the business and the credibility of the plan. Assumptions must make sense, and staffing must cover real compliance operations.

    Stage 3: Operational and Statutory Requirements

    Policies must connect directly to operational systems. In practice, responsible gaming controls, risk signals, structured interventions, and accurate record-keeping are crucial. At the same time, marketing activities and affiliate relationships must be clearly defined, governed, and continuously monitored to ensure ongoing regulatory compliance.

    Stage 4: Technical Implementation & System Audit

    The applicant implements the operation onto a technical environment. The MGA provides a 60-day system audit window, and approved auditors verify that the real system matches the submitted design. Discrepancies may require remediation.

    Technical Expectations That Matter Most for Type 1 Casino Operators

    Because Type 1 is RNG and house-banked gaming, technical integrity and auditability are central. Systems must prove what happened for any player, bet, game round, or payment event.

    This includes:

    • Player account creation and verification
    • Deposit/withdrawal flows and wallet reconciliation
    • Game session logging, bonus/promotion logic
    • Risk monitoring and complaint handling
    • Access control and change management
    • For further guidance on technical and security requirements, see our MGA Information Security Policy for B2C operators.

    Compliance Controls Specifically for Type 1

    High-frequency, bonus-driven Type 1 casinos face predictable regulatory concerns: player harm, bonus fairness, AML monitoring, and marketing pressure.

    In addition, responsible gaming must be fully embedded, including limit-setting, reality checks, monitoring, risk scoring, interventions, and self-exclusion handling. Similarly, AML controls must be operationally demonstrable. Furthermore, effective complaints handling and oversight of outsourced services are critical for maintaining compliance.

    For a detailed guide on MGA responsible gaming policy, see our full explanation.

    Costs for an MGA Type 1 Licence

    • Application fee: €5,000 (one-time, non-refundable)
    • Annual licence fee: €25,000 (Type 1), €10,000 only for Type 4
    • Monthly compliance contribution: Based on revenue bands
    • Other costs: independent system audit, legal/advisory support, compliance staffing, technical security/certification

    Timeline: What Speeds Up an MGA Type 1 Licence

    Applications move faster when ownership/funding documentation is clear, share capital is evidenced, policies are consistent, and technical build is aligned. Delays occur with unclear documentation, third-party dependencies, or failed system audits.

    After You Get the MGA Type 1 Licence

    Licensing is not the finish line. Operators maintain continuous obligations. Post-issuance system review verifies compliance. Platforms evolve quickly, and ongoing governance, compliance reporting, incident management, and technical change control are required. Enforcement information shows the MGA’s expectations for continuous compliance.

    FAQ: MGA B2C Type 1 Licence in Malta

    What games are covered? RNG casino games, roulette, blackjack, baccarat, virtual sports, and certain lottery formats.

    Minimum share capital? €100,000.

    Application fee? €5,000.

    Annual licence fee? €25,000 (Type 1).

    Additional monthly compliance payment? Yes, based on revenue bands.

    System audit timing? End of application, during technical rollout.

    Post-licence system review? Verifies implemented systems comply with the Gaming Act.

    Eligibility outside Malta? B2C licence required for Maltese or EU/EEA entities offering gaming from Malta.

    Conclusion: How to Approach an MGA Type 1 Licence Application

    Alignment is key. Corporate structure should be transparent, funding documented, compliance framework operational, technical design audit-ready, and implementation matching the declared architecture. The MGA’s system audit and post-issuance review verify exactly that.

    Share this article: