Key Moments:
- Dr Stefano Filletti’s recent article highlights that iGaming directors must provide active, ongoing evidence of due diligence as AI shapes operations.
- Maltese law imposes personal and corporate liability, shifting the burden of proof to company officers once charges are raised.
- Continuous oversight, documented processes, and live monitoring are stressed as essential tools to meet legal and ethical standards in fast-evolving AI environments.
AI Oversight Becomes a Legal Imperative
In a detailed discussion by Dr Stefano Filletti, Managing Partner at Filletti & Filletti Advocates and Head of Department of Criminal Law at the University of Malta, the convergence of AI ethics and criminal law in iGaming boardrooms is explored. Published in SiGMA Magazine issue 34 and distributed at SiGMA Euro-Med earlier this month, the analysis outlines how directors now operate in an environment shaped by artificial intelligence. AI influences customer interactions, risk evaluation, and product development. Courts, in response, now focus on ongoing evidentiary oversight rather than simple intent. Consequently, documented governance is required at every step of fast-paced release cycles.
Dr Filletti states: “Due diligence is not passive, it is an ongoing active process,” emphasizing the importance of decision logs, model update records, and structured reporting as the documentary backbone of compliant management.
Structured Oversight and Board-Level Responsibility
Maltese corporate law establishes company liability when an officer commits an offense for organizational benefit, extending personal accountability through vicarious liability. Article 121D of the Criminal Code stipulates that, once a charge is made, company officers must demonstrate ignorance of the offense and proof of comprehensive supervision. This makes thorough minutes, audit trails, and external verification crucial. Dr Filletti underscores: “Turning a blind eye is not a valid defence,” noting that robust records and operational dashboards serve as vital proof well before any legal challenge.
Embedding AI Ethics in Everyday Practice
Effective governance demands synchronization with agile AI development cycles. Therefore, pre-release briefings and risk escalation protocols should be routine. Additionally, legal, risk, and technology sign-off must be ensured before release. According to Dr Filletti, “growth and safety are allies, not opponents,” and he recommends live, ongoing oversight instead of infrequent, periodic audits. Direct board access to key operational data — such as anomalies in deposits or player behavior — is essential. This access helps reframe compliance as an active, constantly evolving discipline. The adoption of incident drills and scenario workshops ensures response plans are practical under real-world pressures rather than merely theoretical.
Dr Filletti cautions: “Inaction is not acceptable.”
Technology Risks and Regulatory Gaps
The use of assistance software and advisory tools, particularly in poker, increases regulatory scrutiny. This is due to potential risks such as money laundering or unfair play. Therefore, immutable logs and regular third-party audits are necessary safeguards. Dr Filletti advocates for clearer legislative frameworks but notes that regulatory updates typically lag behind technological advances. As a result, he urges company boards to carefully assess every integration. They should also ring-fence critical data flows and maintain detailed documentation of each step as a potential risk factor. “Inaction is not acceptable,” he reiterates, encouraging leaders to proactively address visibility and oversight well in advance of any evidentiary requirement.
Proof and Prevention: The Board’s Burden
Vicarious liability under Maltese law alters standard legal dynamics by requiring directors to affirmatively prove both their ignorance of wrongdoing and evidence of exhaustive diligence once a violation is assessed. Dr. Filletti considers this standard consistent with the principles of a fair trial. Satisfying this benchmark today calls for live dashboards monitoring high-risk decisions, recurring workshops to address emerging threats, and a dedicated compliance specialist to manage the organization’s inventory of algorithms, thresholds, and audit records for immediate board review. “Compliance is a living discipline; continuous oversight protects innovation better than reactive litigation,” insists Dr Filletti.
| Governance Element | Recommended Action |
|---|---|
| Decision Logs & Model Update Trails | Maintain detailed records to document ongoing diligence |
| Structured Briefings & Audit Trails | Schedule regular updates aligned to development cycles |
| Incident Drills & Dashboards | Conduct scenario testing and monitor in real time |
| Third-Party Audits | Engage external reviews for assistance software |
Navigating Future Scrutiny
The intersection of criminal law and AI ethics in iGaming boardrooms brings high stakes for innovation, reputation, and long-term success. Directors who consistently document, test, and question their AI infrastructure will be better positioned to handle regulatory scrutiny and legal challenges. The importance of Article 121D in shaping both corporate and personal accountability is evident: proactive oversight and continuous diligence are essential for navigating the evolving landscape.
Upcoming Forum for Legal and Technology Leaders
SiGMA Central Europe is scheduled to take place from 3 to 6 November in Rome, gathering industry operators, regulators, and legal professionals to discuss practical frameworks for AI oversight and criminal risk in iGaming. Registration is open for those seeking to enhance leadership capabilities and acquire the necessary tools for compliant and sustainable corporate growth.
- Author
Daniel Williams
