Today’s blog comes from Martin Crowe, Founder of Nexa Compliance. Martin is an award-winning compliance and risk professional with over a decade of experience in iGaming, AML/KYC and regulated markets.
Well folks.
If you’ve worked in online gambling compliance for more than five minutes, you’ve seen this before. It always starts the same way.
One of your high-value players who has played with you for a good while, deposits big, and suddenly has their withdrawals blocked for Enhanced Due Diligence (EDD). Source of funds/wealth check. Here we go again. The player doesn’t want to do it. They just want to keep playing. They don’t see why anyone needs to dig into their finances because “that’s private”.
Your staff know what’s coming. High-pressure work. Painful for the player, stressful for the staff.
Inside operators, we’ve seen EDD teams worn down to the point people leave the role entirely.
At Nexa Compliance, we’ve been in those rooms.
An AML/Responsible Gambling (RG)/Player Protection analyst gets a pile of bank statements, multiple accounts, multiple formats, missing pages, and dives into detective mode. Line after line. Cross-checking transactions. One missed link and the whole case can unravel when the regulator comes knocking on your door. Meanwhile the player is contacting Customer Support asking: “why is this taking so long?” and “why do you need all this?”
Customer Support feels pressure from the player. The compliance team feels it from both the Customer Support team, the business and the regulator. Everyone’s looking over their shoulder.
And when the process is slow and manual, human error creeps in. Not because people don’t care but because AML and RG aren’t always black-and-white. There’s subjectivity, there’s “trying to read the regulator’s mind,”; “what is under/over-compliant”, and there’s the constant tug between losing a player and losing your licence.
Where It Goes Wrong
EDD frameworks designed in isolation.
Compliance writes the policy. Customer Support tries to explain it. Players experience it.
But those worlds rarely sit down together before it becomes a problem.
The policy exists on paper, but the delivery is messy.
Two analysts can look at the same account and reach different conclusions. Different risk appetites, interpretations, and inconsistent results.
What Gets Missed
Most operators still see EDD as a chore, and to be fair, it can feel that way. Players just want to play. The business wants to grow. Regulators want confidence that people/businesses are protected, and funds are clean. Somewhere in the middle, compliance teams are left trying to please everyone.
The truth is, everyone has to do EDD, but not everyone does it well.
If you’re under-compliant, you create risk.
If you’re over-compliant, you reduce growth opportunities.
The real advantage sits right in the middle, that balance point where you protect growth and the licence.
That’s the space where compliance becomes an edge, not a burden.
EDD done right gives operators speed and clarity, growth without waste, i.e. the competitive edge that sets them apart.
The operators who win here invest in the right resources, the tools, the people, and the partners who can strike that balance and remove the repetitive grind so analysts can focus on judgment and outcomes.
The Bigger Picture
EDD will always be high stakes. You’re protecting the player, the business, and the licence, all at once.
But if your process burns out staff, frustrates players, and still leaves you exposed to risk, something’s broken.
The operators who get this right understand that compliance isn’t about ticking boxes, it’s about running it like a product:
- Clear workflows, defined owners, and evidence at every step.
- Automation used for speed and clarity, not as a substitute for people.
- A compliance function that powers the business instead of slowing it down.
Done right, EDD isn’t a checkbox. It’s proof, to players, regulators, investors and all stakeholders, that you run a professional and resilient operation.
The kind of compliance that powers growth.
