Skip to content
2,151 standards indexed across 19 jurisdictions View the Atlas
3 hubs live · 3 more in the pipeline See all compliance topics
Daily news + multi-week series Browse all insights
3 tools live · 4 interactive tools in development Roadmap
RG Compliance · Deposit Limits 17 min read Jun 17, 2026

Deposit Limits Across Jurisdictions: How Germany, the Netherlands, Sweden, Denmark, and the UK Regulate Caps, Defaults, and Cooling-Off

Five European regulators, five deposit limit architectures. This comparison maps mandatory caps, default mechanics, increase friction, and cooling-off rules for compliance teams.

Matt Denney

By

Founder, gamingcompliance.io · 15 yrs in iGaming compliance

Published Jun 17, 2026 17 min read Filed Responsible Gambling Compliance

Deposit limit regulation across Europe shares one visible feature and diverges on almost everything beneath it. Most player-set limit regimes in this comparison use a 24-hour delay before a higher limit takes effect, but Germany is structurally different: its cross-provider limit is statutory, centrally controlled through the LUGAS limit file, and increases operate under a separate German process. Beyond that surface similarity, the five largest online gambling jurisdictions in Western Europe, Germany, the Netherlands, Sweden, Denmark, and the United Kingdom, operate architecturally distinct regimes. The distinction between a mandatory regulator-set hard cap and a player-set default is not academic: it determines what systems must enforce, how limits interact with cross-operator infrastructure, and what a compliance team’s obligations look like when a player requests more spending room.

The Foundational Distinction: Hard Caps vs Player-Set Defaults

A hard regulatory cap is a monetary ceiling that neither the operator nor the player can exceed, regardless of any verification or consent process. A player-set default is a pre-configured starting point that a player can modify, subject to defined friction mechanics. Germany operates a hard cap. Sweden and Denmark operate player-set frameworks. The Netherlands now operates a hybrid: age-differentiated net-deposit thresholds (€300 / €700) that apply by default, where the operator must run a financial-capacity assessment and may lift the block on further deposits only where it can establish that the player can bear the financial consequences. The UK operates the most procedure-heavy model, in which the focus is on how limits are offered and labelled rather than on any monetary ceiling.

Compliance officers operating across multiple markets should resist mapping their home-jurisdiction architecture onto the others. A system calibrated for the UK’s framework, which involves no hard ceiling but extensive prompt and labelling obligations, will fail German requirements if it allows players to accumulate deposits beyond €1,000 in a calendar month. Conversely, a system built for Germany’s hard cap will not automatically satisfy the UK’s gross deposit limit definitions and six-monthly review prompt requirements.

Germany: GlüStV 2021 and the Universal €1,000 Monthly Cap

Under the Interstate Treaty on Gambling (Glücksspielstaatsvertrag 2021, GlüStV 2021), every online gambling licensee in Germany must cap player deposits at €1,000 per calendar month. This limit is universal: it applies across all licensed online products, including online casino, poker, and sports betting. The cap is not a default that players configure at registration. It is a statutory ceiling that the Gemeinsame Glücksspielbehörde der Länder (GGL), the joint federal states gambling authority, requires operators to enforce through their gaming systems without exception.

Germany’s €1,000 monthly cap is not a default a player sets. It is a statutory cross-provider ceiling, generally capped at €1,000 and enforced through the LUGAS limit file (Limitdatei). Increases above €1,000 may be possible only under defined GGL conditions, including enhanced monitoring and verification of economic capacity and the absence of problem-gambling indicators.

The cap operates across operators via the LUGAS limit file (Limitdatei), which tracks cumulative deposits across all licensed operators to prevent circumvention through multi-operator play. An operator whose gaming system permits a player to deposit €800 in the first half of the month at one brand and then the full €1,000 again at a second brand has failed the regulatory requirement. The cross-operator tracking obligation is therefore as significant as the per-operator cap itself.

The GGL’s imposition of this limit alongside the €1 maximum stake for online slots and a 5.3 percent stake tax has contributed to a documented channelisation problem. According to iGaming Business reporting in June 2026 citing the Deutscher Sportwettenverband (DSWV), industry estimates suggest that up to €400 million in World Cup betting turnover could flow to unlicensed operators unable to access the licensed market’s product restrictions. The GlüStV 2021 framework is under formal evaluation by the 16 German states, with a review report due by 31 December 2026, though industry observers anticipate delays into 2027. Industry consensus is that targeted adjustments are more probable than structural reform in the near term, and the €1,000 cap is among the provisions under scrutiny.

Germany operator obligation: The gaming system must enforce a hard monthly deposit ceiling of €1,000 per player across all products, with cross-operator tracking via the LUGAS limit file (Limitdatei). Increases above €1,000 are possible only under defined GGL conditions, including verification of economic capacity and the absence of problem-gambling indicators.

Netherlands: Age-Differentiated Mandatory Caps Under the KOA Framework

The Kansspelautoriteit (KSA), the Dutch gambling authority, introduced mandatory monthly deposit caps in October 2024 under the authority of the Wet Kansspelen op Afstand (KOA). The caps are age-differentiated: players aged 18 to 24 face a €300 net monthly deposit threshold, while players aged 25 and over face a €700 net monthly deposit threshold. These are not player-set defaults: where a player seeks to deposit above the threshold, the operator must make contact, assess whether the player can bear the financial consequences, and restrict further deposits where it cannot establish that they can (or cannot reach the player). The block may be lifted only where that affordability check is satisfied.

The KSA’s stated policy rationale was harm prevention, particularly for younger players exhibiting elevated problem gambling markers. The observable market consequence, however, has been a significant channelisation deterioration. According to iGaming Business reporting in April 2026 citing the KSA’s 2025 annual report, channelisation had fallen from 51 percent at end-2024 to 49 percent in the first half of 2025, the first time licensed operators have accounted for under half of total Dutch gambling revenue since market opening in October 2021. The KSA recorded a budget deficit in 2025, with reporting indicating a shortfall in gambling tax receipts directly linked to the deposit limit policy.

The KSA’s 2025 enforcement activity included fines against licensed operators for failures in duty-of-care obligations, alongside fines against unlicensed operators. The current statutory fine ceiling of 10 percent of global GGR limits the regulator’s ability to penalise large offshore operators proportionally, and the KSA is in discussions with the Ministry of Justice to amend this cap.

Beyond the October 2024 caps, the Dutch government has announced a further legislative intent to introduce overarching deposit limits requiring players to demonstrate financial capacity before limits can be raised. According to iGaming Business reporting in June 2026, this mechanism would include background checks on guardianship status and prior defaults, stopping short of a formal credit check but creating a materially higher barrier to limit increases than any other jurisdiction in this comparison. A testing mechanism for this framework is under development.

Source: KSA Netherlands, Gambling Laws and Regulations Framework (KOA) 2026, KSA Annual Report 2025 (kansspelautoriteit.nl/sites/default/files/2026-04/Jaarverslag Kansspelautoriteit 2025).

Sweden: Player-Set Limits Under Spellagen Chapter 14, No Regulatory Ceiling, Strict Mechanics

Sweden’s Gambling Act (Spellagen, SFS 2018:1138, consolidated to SFS 2024:255) requires every commercial online gambling and betting licensee to provide players with the ability to set deposit limits by day, week, and month. The obligation is set out in Chapter 14, Section 7 of Spellagen. Spelinspektionen’s implementing regulations under LIFS 2018:2 govern the technical and operational detail of how these tools must be offered and enforced. There is no regulatory hard ceiling on the amount a player may deposit, the limit is whatever the player configures, subject to the licensee’s own internal risk assessment obligations.

The Swedish framework imposes two obligations that compliance teams must build into their systems. Every time a player logs in to a commercial online gambling or betting account, the gambling system must display, clearly and prominently, the player’s current deposit limits pursuant to Chapter 14, Section 7, and the player’s accumulated net losses over the previous 12 months. This login-time disclosure is not a one-off onboarding notice but a recurring obligation triggered by each login session. Separately, Spelinspektionen’s regulations under LIFS 2018:2 require that players can set session time limits as well as deposit limits, and that reality checks, notifications of winnings, losses, and time logged in, are delivered at sufficient frequency to counteract excessive gambling, with each notification requiring player acknowledgement.

For limit reduction requests, Swedish licensees must implement the new lower limit immediately, or at the player’s next log-in if the change is made while the player is logged out. For limit increase requests, the 24-hour cooling-off period is mandatory before the higher limit takes effect. A player who sets a SEK 5,000 weekly limit and subsequently requests SEK 10,000 per week cannot access the higher amount until at least 24 hours have elapsed after submitting the request.

Spelinspektionen’s supervision approach examines both the availability of these tools and the licensee’s response to player behaviour indicating excessive gambling. In March 2025, Spelinspektionen imposed a SEK 8 million fine on Roar Vegas (the Swedish brand of LeoVegas) for failing to provide “sufficient assistance” to three customers who had set unusually high monthly deposit limits, between SEK 100,000 and SEK 300,000, and exhibited indicators of harmful patterns. The Administrative Court in Linköping subsequently quashed the penalty in June 2026, though the case still illustrates Spelinspektionen’s supervisory focus on unusually high self-set limits, rapid deposits, high losses, and extended sessions, according to iGaming Business. The case nonetheless illustrates the scope of supervisory scrutiny: high self-set limits combined with rapid deposits, high losses, and extended session durations generate a duty-of-care obligation that sits independently of the deposit limit framework itself.

From 1 May 2026, Spelinspektionen added a further compliance layer: a ban on processing deposits from credit cards, overdrafts, financial loans, and buy-now-pay-later services. This credit ban requires licensees to identify and block deferred payment instruments even when routed through e-wallets. While not a deposit cap in the conventional sense, it narrows the funding sources available to players and creates a new technical obligation in payment processing oversight.

Denmark: Player-Set Limits with a Temporary Account Cap and the ROFUS Register

Spillemyndigheden, the Danish Gambling Authority, requires online casino licensees to provide deposit limit functionality under its Certification Programme Inspection Standards for Online Casino (SCP.02.03, version 2.0). The requirements are set out in section 3.3.1 of SCP.02.03. Unlike Germany and the Netherlands, Denmark imposes no hard monetary ceiling on fully verified players. The amounts are not predetermined, the gambling system may offer players intervals to select from, and an upper deposit limit may be set, but the regulatory requirement is that the player controls the amount rather than the regulator mandating it.

SCP.02.03 requires that daily deposit limits run from midnight to midnight, weekly limits run Monday through Sunday, and monthly limits follow calendar months. Withdrawals from a player’s gaming account must not be counted against the deposit limit. When a player requests a lower limit, the gambling system must implement it for all future gambling activity, which may take effect at the player’s next log-in. When a player requests a higher limit, the new limit must not take effect for at least 24 hours after the request. These mechanics are certification requirements, verified by Spillemyndigheden’s accredited testing bodies at the point of system certification and through subsequent supervisory inspections.

There is one monetary cap in the Danish framework, but it applies exclusively to temporary gambling accounts. Under SCP.02.03 section 3.4.2, the gambling system may only accept deposits of up to DKK 10,000 on a temporary account, which is the account state between registration and full customer verification. No deposit beyond DKK 10,000 is permitted until identity verification is complete. This is a KYC-linked control rather than a consumer protection spending cap.

The ROFUS national self-exclusion register must be checked at every login. SCP.02.03 requires the gambling system to confirm at login that the customer is not registered in Spillemyndigheden’s Register of Self-excluded Persons, and all self-exclusion functions must link the player to ROFUS. In February 2026, Spillemyndigheden published new guidance on responsible gambling targeted at licensees offering betting and online casino, updating its framework documentation on compliance expectations.

Jurisdiction Limit Type Hard Cap Age Differentiation Increase Cooling-Off Cross-Operator Tracking
Germany (GGL) Mandatory statutory ceiling €1,000/month No Increases only under defined GGL conditions Yes (LUGAS limit file)
Netherlands (KSA) Mandatory regulatory cap €300/month (18-24); €700/month (25+) Yes Not currently self-service, affordability framework in development No file equivalent to Germany’s LUGAS (CRUKS = self-exclusion)
Sweden (Spelinspektionen) Player-set (no ceiling) None No 24 hours minimum No (per-operator)
Denmark (Spillemyndigheden) Player-set (no ceiling); DKK 10,000 on temp accounts DKK 10,000 (temp accounts only) No 24 hours minimum No (per-operator)
UK (UKGC) Gross deposit limits mandatory to offer, no monetary cap None No 24 hours minimum No (per-operator)

United Kingdom: RTS 12, Gross Deposit Limits, and the Two-Phase Implementation

What must operators do from 31 October 2025?

The UKGC’s update to Remote Technical Standards requirement 12 (RTS 12) introduced mandatory deposit limit functionality from 31 October 2025. Under RTS 12A, every remote gambling operator must present new customers with a prompt to set a financial limit, including a deposit limit, as part of the registration process or at the point of first deposit. The gambling system must offer limits across three minimum time periods: 24 hours, seven days, and one month. Simultaneous limits must be resolved in favour of the more restrictive: a player with a £10 daily limit and a £100 weekly limit cannot deposit more than £10 on any given day, even if the weekly total has not been reached.

RTS 12D governs the cooling-off rule. Customer-led limit reductions must be implemented immediately, without any delay. Customer-led limit increases may only be processed after a cooling-off period of at least 24 hours has elapsed, and only once the customer has taken a positive confirmatory action at the end of that period. Passive inaction at the 24-hour mark is insufficient. Under RTS 12C, financial limit facilities must be accessible via a direct link on the homepage and clearly visible on deposit pages. The standard requires the system to minimise the click path to limit-setting facilities.

Operators must also prompt customers every six months to review their transaction history and consider whether their current limits remain appropriate. This biannual review prompt is an ongoing obligation, not a registration-phase-only requirement.

What changes under Phase 2, due 30 September 2026?

The Gambling Commission published a supplementary consultation on the definition of deposit limits in March 2025, the response to which was issued on 7 October 2025 and updated on 22 May 2026. The updated RTS 12B, taking effect on 30 September 2026, introduces two technically precise requirements. Only gross deposit limits, where the amount deposited into a player’s account is counted against the limit, regardless of withdrawals, may be referred to as “deposit limits”. Net limits, which subtract withdrawals from the deposit total, may still be offered, but they must not be labelled as deposit limits. The gambling system must prevent the player from making further deposits once a gross deposit limit is reached, until the defined period restarts or the player takes an affirmative step to increase the limit through the cooling-off process.

The deadline was originally 30 June 2026. The Gambling Commission extended it to 30 September 2026 following operator feedback that more time was needed to meet the technical requirements. The Commission’s rationale for the extension acknowledged that these changes sit alongside the pending introduction of Financial Risk Assessments (FRAs), which use credit reference agencies to flag financial vulnerability at the £150 net monthly deposit threshold. The Commission has explicitly stated that FRAs are not affordability checks by another name and will not require customers to submit bank statements. The relationship between deposit limit compliance and FRA triggers is material: a player who actively maintains a meaningful deposit limit may be less likely to reach the FRA threshold, which the Commission describes as a deliberate policy linkage.

From 30 September 2026, only gross deposit limits may be called “deposit limits” by UK licensees, and they must be offered on fixed time frames, a labelling obligation that requires both consumer-facing copy and back-end system updates.

Does the Architecture of a Deposit Limit Regime Change the Channelisation Outcome?

Evidence from the Netherlands and Germany suggests that mandatory hard caps carry a measurable channelisation cost that player-set frameworks do not. According to the KSA’s 2025 annual report cited in iGaming Business reporting, channelisation had fallen below 50 percent following the October 2024 mandatory cap introduction, with licensed GGR broadly flat at €602 million in H2 2025 even as registered account numbers grew to 1.38 million, indicating that average spend per account declined. The KSA acknowledged that its budget deficit in 2025 was partly attributable to lower tax receipts caused by the deposit limits. Germany has experienced analogous leakage, with the DSWV calculating that up to a third of German bettors use illegal services to some extent.

Sweden and Denmark, operating player-set frameworks without hard ceilings, have not experienced the same channelisation shock. Sweden’s licensed market has faced structural pressure for different reasons, primarily the måttfull (moderation) marketing requirement and the Spelpaus self-exclusion architecture, but the absence of a hard deposit ceiling has not generated the abrupt legal-to-illegal shift observable in the Netherlands. The UK’s approach, which focuses on process quality rather than any monetary constraint, has similarly not introduced a hard ceiling that could create the same arbitrage incentive for players to move offshore.

Compliance professionals should present these channelisation dynamics to senior leadership not as an argument against deposit limit compliance, but as evidence that the design of the limit architecture, who sets the amount, whether the cap is cross-operator, and whether increases are structurally available, is as important to regulatory outcomes as the presence of limits themselves. Regulators in both Germany and the Netherlands are re-examining their frameworks precisely because the protection objective is not being met if players circumvent limits by accessing unlicensed markets.

Cooling-Off Mechanics: The Common 24-Hour Standard and Its Operational Implications

All five jurisdictions require at least a 24-hour delay before a higher deposit limit takes effect. For operators running multi-jurisdictional platforms on a single technical stack, the 24-hour minimum is the cleanest common standard to implement globally, but it is the surrounding rules that create divergence. The UK’s RTS 12D requires an affirmative confirmatory action at the end of the cooling-off period. The player must positively re-confirm the request, passive inaction at the 24-hour mark does not activate the higher limit. Denmark’s SCP.02.03 requires that the new limit “is not implemented at least until 24 hours later”, but does not specify a re-confirmation obligation in the same terms. Sweden’s LIFS 2018:2 mandates the 24-hour delay without specifying a re-confirmation step beyond the player’s original request.

Operators should implement the UK’s re-confirmation standard as a floor across all jurisdictions, given that it imposes the highest burden and no jurisdiction prohibits an additional confirmation step. A system that sends a 24-hour delay notification and then requires the player to click a confirmation link before the higher limit activates satisfies all five frameworks simultaneously, avoids the risk of automatic limit increases due to queued requests, and reduces the risk that a player who submitted a limit increase request impulsively can circumvent their own cooling-off period through inaction.

For limit reductions, the picture is universally asymmetric in the player’s favour. All five frameworks require that a reduction request takes effect without delay, immediately or at the next log-in under Denmark’s standard. No jurisdiction permits an operator to impose a cooling-off period before making a player’s limits more restrictive. Any system configuration that delays the implementation of a player-requested reduction is a compliance failure across all five markets.

Operational Implications for Multi-Jurisdiction Operators

Operators holding licences in more than one of these markets need distinct limit architectures for each jurisdiction, or a configurable engine that can apply the correct regime per player jurisdiction at the account level. A unified “lowest common denominator” configuration, adopting Germany’s €1,000 hard monthly cap for all players globally, resolves the Germany and Netherlands obligations but does not satisfy the UK’s labelling requirements, the Sweden login-disclosure obligations, or the Denmark SCP.02.03 certification requirements for how limits are displayed and linked to the ROFUS system.

The cross-operator infrastructure gap is also material. Germany’s LUGAS limit file (the cross-provider deposit-cap register) and the Netherlands’ CRUKS self-exclusion register create obligations that a single-operator technical stack cannot address alone. In Germany, operators must be able to receive LUGAS limit-file data confirming a player’s cumulative cross-operator deposits before accepting additional deposits. In the Netherlands, CRUKS integration is a condition of licence, with operators required to register players involuntarily when problem gambling criteria are met, in addition to processing voluntary self-exclusion requests. Sweden’s Spelpaus API requirements were formalised by Spelinspektionen through SIFS 2026:3, with individual Actor IDs and API Keys assigned per licensee and mandatory checks at both login and pre-marketing stages taking effect from 1 August 2026.

Compliance officers at multi-market operators should map the interaction between these national cross-operator registers and the per-product deposit limit obligations. A player who is registered in CRUKS for self-exclusion in the Netherlands cannot be offered a limit increase, they cannot hold an active account at all. A player who has reached €950 in cumulative deposits across German operators in a given month has only €50 of remaining capacity, and the operator receiving the next deposit request must check the LUGAS limit file before accepting it. These are not edge cases, they are the routine operational state of a large German or Dutch player base.

Operators entering these markets should engage qualified legal counsel in each jurisdiction to confirm current regulatory implementation guidance before configuring their gaming systems. The frameworks described above reflect obligations as understood from the primary regulatory texts and regulatory communications available at the time of writing, the Netherlands framework in particular is subject to active legislative development that may materially alter the limit architecture within the next 12 to 24 months. To deepen your understanding of how deposit limit obligations interact with broader responsible gambling requirements, consult the Responsible Gambling Compliance hub, which maps the full player protection framework across all 17 regulated markets covered on this site.

The Responsible Gambling Compliance hub maps the full player protection framework across all 17 regulated markets covered on this site, including self-exclusion registers, customer interaction obligations, and RG officer requirements across each jurisdiction. Operators assessing the total compliance burden of a UK remote gambling licence alongside these deposit limit obligations will find relevant LCCP and RTS analysis at the UKGC Remote Technical Standards explorer, and the Responsible Gambling Observatory provides a cross-jurisdiction view of RG controls including deposit limit status for each regulated market.

Key Resources

UK Gambling Commission: Consultation Response, Definition of deposit limits in the Remote Gambling and Software Technical Standards (published 7 October 2025, updated 22 May 2026). Available at gamblingcommission.gov.uk.

UK Gambling Commission: Remote Gambling and Software Technical Standards (RTS 12, Financial Limits). Available at gamblingcommission.gov.uk.

Spillemyndigheden: Certification Programme Inspection Standards for Online Casino, SCP.02.03.EN version 2.0. Available at spillemyndigheden.dk.

Spelinspektionen: Swedish Gambling Act (SFS 2018:1138, consolidated to SFS 2024:255), Chapter 14, Regulations and General Advice on Responsible Gambling (LIFS 2018:2). Available at spelinspektionen.se.

Kansspelautoriteit (KSA): KSA Annual Report 2025, KOA Framework 2026 (Gambling Laws and Regulations). Available at kansspelautoriteit.nl.

GGL: Interstate Treaty on Gambling (GlüStV 2021). Available at gluecksspiel-behoerde.de.

Matt Denney

Matt Denney

Editorial · gamingcompliance.io

Reads the primary source so you don't have to. Fifteen years inside iGaming compliance: operator, supplier, and crown-corporation lottery.

Related coverage · also tagged Responsible Gambling Compliance

Browse all →

Responsible Gambling Compliance

UKGC Financial Vulnerability Checks and FRAs: Thresholds, Timelines, and CRM Trigger Points

Jul 13 · 15 min read

Responsible Gambling Compliance

Single Customer View for RG: Where Cross-Brand Aggregation Is Compulsory in 2026

Jul 11 · 13 min read

Responsible Gambling Compliance

GamCare, BeGambleAware and ANJ Treatment Partners: Operator Integration Obligations in 2026

Jul 4 · 15 min read

The Tuesday brief, every week.

One email. Every regulator change we surface, every standard we re-index, every enforcement decision we read. No marketing, no fluff.

Unsubscribe with one click. We'll never share your address.