What the regulator can look back and see
Every indexed technical standard requires tamper-evident logging of wager events and configurable retention of account events. Retention periods range from five years (most European markets) to seven or ten years in US-state standards. The technical detail, hash-chained logs, offline snapshotting, regulator-accessible read endpoints, is broadly consistent across the GLI-19 / equivalent test suite used globally.
Each chip is one indexed rulebook. Green = we have a directly matched standard on this topic; dim = the topic may be covered under different wording, explore the framework to verify.
Best-match standard per framework. Scored against titles, requirements and editorial tags, click through for the full text.
| Market | Standard | Excerpt | Source |
|---|---|---|---|
| AGCO S 5.47 | Logging and response to inappropriate use | Inappropriate use of system accounts on the gaming system shall be logged, reviewed and responded to within a reasonable period of time. (Also applicable to Gaming-Related Suppliers) | Open ↗ |
| AGLC AGLC 4.3.3 | There must be a mechanism in place to ensure that if logging is interrupted, compensating manual controls are … | There must be a mechanism in place to ensure that if logging is interrupted, compensating manual controls are used, where reasonable | Open ↗ |
| DGA AML — Records | Record keeping and DGA audit access | Operators must retain CDD records (identity and verification data, copies of ID documents), documentation and records of transactions, and records of § 25 investigations (§ 30, stk. 1); the default retention period und… | Open ↗ |
| DGOJ | No standard directly indexed | — | Open ↗ |
| GGL | No standard directly indexed | — | Open ↗ |
| MGA PPD 12-13 | Pre-registration exclusion and record retention | Individuals not previously registered who contact the licensee to be excluded from future gaming must not be allowed to register or play until they revoke the request in writing. Circumvention attempts by an already-excl… | Open ↗ |
| MGCB R TS-LOGGING | System logging and retention | The platform must log every wager, every session event, every account event (login, deposit, withdrawal, limit change), and every administrative action. Logs must be tamper-evident, replicated to a secondary store, and r… | Open ↗ |
| NJ DGE § 69O-1.8 | Mandatory gaming system logging | Gaming systems must keep separate, independently administered logs of account creation/termination, software installations/removals, game availability changes, promotions issued, authentication attempts (retained 90 days… | Open ↗ |
| OCCC | No standard directly indexed | — | Open ↗ |
| PA PGCB 58 Pa. Code § 805.5 | Account statements and transaction history | Operators must provide players with real-time balance information and at least twelve months of itemised account history — deposits, withdrawals, wagers, and bonuses — together with a visible dispute-resolution conta… | Open ↗ |
| SGA Ch16 §5 | Five-year data retention | Records relating to individual gambling transactions, player accounts and the gambling system must be retained for at least five years and be made available to the authority on request. | Open ↗ |
| UKGC LCCP | No standard directly indexed | — | Open ↗ |
| UKGC RTS | No standard directly indexed | — | Open ↗ |
Denmark's SAFE and TamperToken standards make the integrity mechanism explicit. Ontario Standards 5.x require tamper-evident logging. UK RTS 17 sets out event-data recording requirements. The cryptographic integrity layer is no longer optional in any modern technical standard.
Ohio requires sports gaming systems to authenticate the patron for each session and preserve logs sufficient to reconstruct any wager, account transaction or integrity-monitoring event, under OAC 3775-9-01, with incident-relevant records preserved under OAC 3775-16-17. Our index does not name a specific retention-year count for the Ohio corpus; exact periods sit in the Commission's published internal-control requirements.
Most European markets require 5-year retention as the baseline (aligned with AML rules). US-state standards often require 5–7 years; some extend to 10 for specific events. Always check the technical-standard document for your licence, exact periods vary by event type.
Every claim above traces to one of these citations. Matched standards link straight into the framework explorer; overlay facts link to the RG Observatory card with its audit note.
Built 2026-05-11 from the same datasets that power the framework explorers. Not legal advice; verify against the issuing regulator.