• The Netherlands’ gambling regulator, the KSA, has declared that the mandatory risk analysis systems used by licensed operators are “not functioning properly” and are ineffective at protecting players.
• A new KSA study found that the common methods used, such as Asterig and Gamgard, are outdated, unreliable, and often lead to inconsistent results for the very same games.
• The regulator criticised operators for conducting analyses by game category rather than for each individual game, a practice which could lead to assigning incorrect risk levels.
• The KSA concluded that the current system requires “significant” operator expense and effort for what provides “little” additional player protection, indicating a major regulatory inefficiency.
• The regulator is now in talks with the government to develop a “uniform system” for risk analysis to replace the current flawed framework.

In a striking public critique of its own regulatory framework, the Dutch gambling authority, Kansspelautoriteit (KSA), has published a study concluding that a core component of its player protection rules is failing. The regulator stated that the mandatory risk analysis systems that licensed operators are required to use are “not functioning properly” and do not offer “effective” protection to players.

These systems are a key part of an operator’s legal “duty of care” in the Netherlands. Licensees must use them to determine the risk level of “high-risk games” like online slots and then implement appropriate harm prevention measures. The KSA’s report now suggests this entire process is fundamentally flawed.

Outdated and Inconsistent Methodologies

The KSA’s investigation, which took place throughout 2024 and 2025, identified a number of critical weaknesses in the current approach. The regulator took issue with the primary risk analysis methods being used by the industry, such as ‘Asterig’ and ‘Gamgard’.

“These methods originate from a time when the online market in the Netherlands was not yet legalised,” the KSA said, noting they have not been meaningfully updated since the market opened in October 2021. The report flagged concerns about the tools’ reliability, validity, and transparency. A major finding was that the analyses lead to inconsistent results. “Analyses differ by licensee, even when the same consultancy/consultant is used,” the KSA stated. “As these often concern the same games, it appears that the risk analyses do not lead to consistent results.”

A Costly and Inefficient System

Beyond being ineffective, the regulator also concluded that the current system is highly inefficient. The KSA stated that conducting these risk analyses requires “significant” effort and expense for operators, while providing only “little” additional protection for the player in return.

The report also criticised the common practice of operators conducting their risk analysis by game category rather than for each individual title, a shortcut taken to save time and costs. The KSA warned this could lead to some high-risk games being assigned too low a risk level, though it acknowledged that current regulations don’t explicitly prohibit this.

The Push for a ‘Uniform System’

Having declared the current system unfit for purpose, the KSA has confirmed it is already in discussions with the Dutch Ministry of Justice and Security about how to fix it. The regulator’s long-term goal, it said, is to move towards a “uniform system” for determining the risk analysis of online games.

This signals that more significant regulatory change is on the horizon for operators in the already complex Dutch market. The report is a clear admission from the regulator that a key part of its own framework has failed, and it is now seeking to replace it with a more centralised and standardised approach.