GH GambleHub

India v Meghalaya: Gambling rules

(Section: "Markets and Jurisdictions")

1) Regime picture and principles

Meghalaya is one of the states in India that provides a licensing framework for regulating both skill games and chance games offline and online. The key feature is territorial limitations: any permitted formats are addressed to an audience within the state, with geo-filters and operational control. Federal IT/Advertising/Payments/AML requirements apply in addition to state regulations.

2) Institutions and roles

State government/authorized licensing authority - issues licenses, approves lists of products/requirements, controls reporting, conducts inspections.
District/municipal authorities - address offline issues (locations, operating hours, safety).

Federal structures:
  • MeitY - IT requirements for online gaming (grievance, due diligence, etc.);
  • RBI - payment discipline (UPI/PPI/cards);
  • FIU-IND — AML/STR;
  • MIB/ASCI - media rules and advertising.

3) Valid license formats and perimeter

Offline: casino tables/machines, bets on certain events/games, bingo/keno, etc. - strictly according to address permissions.
Online (real-money): allowed types of games through an approved platform, only for users located in Meghalaya.
Skill vs Chance: State distinguishes games by skill/occasion dominance; lists may be updated. Any off-list product requires separate approval.

4) Geo and access channels

Only in-state: geo-restriction on IP/telco/documents, control of payment routes, location check.
Closed loop for offline/online: terminal model, local communication nodes and dedicated channels are allowed.
No "all India": Out-of-state targeting banned, filters and geo off-switch mandatory.

5) Conditions for obtaining a license

Local presence: legal entity/representative office, bank accounts, responsible officers (IT/Grievance, AML, RG, Ads).
Fit & Proper: Disclosure of beneficiaries, sources of funds, no disqualifying factors.
Financial stability: security deposit/bank guarantee, issuance/renewal fees.
Operational readiness: descriptions of AML/KYC/RG processes, IT architecture, logging, reporting showcases; agreements with certification providers.

6) Technical requirements and supervision

Certification: platform, RNG/settlement modules, wallet/billing, reporting showcases.
WORM logs of the full chain "fee/bet → game/match → calculation → payment → adjustment," NTP synchronization, retention.
Supervision interfaces: secure APIs/uploads, test accounts, SLAs for responses.
Information security/resilience: encryption at rest/in transit, RBAC/SoD, secret management, DR/BCP with target RPO/RTO, regular pentests/scans.

7) Payments, taxes and accounting

Payments: KYC-compliant routes only (UPI/PPI/cards); prohibition of "pseudo-merchants," monitoring of chargeback patterns.
GST: for online real-money games and casinos, pledge 28% GST on a set basis; correct invoice/wallet design is mandatory.
TDS on net wins for players: retention by the operator with day/final logic and statutes.
Local state fees: primary/annual, under license terms.
Accounting: separately by products/channels/locations; transparent reflection of bonuses, void/cashout.

8) AML/KYC и Responsible Gaming

KYC (18 +): proof of identity/address and ownership of the payment instrument; sanctions/POP screening; SoF/SoW by trigger.
Transaction monitoring: device/UPI ID/card connectivity, fast re-deposits, abnormal winnings - with STR escalation to FIU-IND.
RG: deposit/loss/time limits, timeouts/" cooling, "self-exclusion, prohibition of marketing to self-excluded, behavioral scoring (loss pursuit, night activity).

9) Advertising and Affiliates

In-state only: materials addressed to Meghalaya users; prohibition of interstate targeting.
ASCI/media rules: mandatory disclaimers ("the game is associated with financial risk..."), prohibition of "guaranteed winnings" and "no risk," protection of minors.
Affiliates: licensed brand and permitted formats only; compliance log (screenshots/URL/dates/geo/target), instant creative recall process.

10) Enforcement and sanctions

Office checks: comparison of reporting and payments, GGR/NGR anomalies, audit of bonus economics.
Field/IT audits: inspections of halls/terminals, verification of geo-restrictions, selection of sessions, revision of advertising campaigns.
Measures: fines, prescriptions, block measures for domains/access points, suspension/cancellation of the license; responsibility for going out of state.

11) Entry roadmap (operator & provider playbook)

B2C-operator

1. Legal/Finnish: local legal entity, deposit/guarantee, responsible officers.
2. Product: matrix of allowed games (skill/chance), honest T&C bonuses.
3. Technical circuit: certification of modules, WORM logs, geo-gate, reporting showcases.
4. Payments/taxes: KYC routes, anti-pseudo-merchants, GST 28%, TDS net wins.
5. AML/RG: limits/timeouts/self-exclusion, STR stream, storage of ACC/logs.
6. Marketing: whitelist channels, compliance magazine, in-state target.
7. UAT/Go-Live: GGR/NGR/GST/TDS test cases, geo-blocks, grievance-SLA, fault tolerance.

B2B provider (platform/content/IDV/payments/anti-fraud)

1. Compatibility: certifications, safe-SDK, reporting formats, geo-gate.
2. Contracts: SLA, DPDP clauses, escrow/versions, IP rights.
3. Instruments: NGR/GGR/GST/TDS showcases, anti-bot/anti-collusion, RG/AML signals.
4. Marketing: waiving interstate promo; pre-moderation and quick recall.

12) Compliance checklists

Licensing and Finance

  • Valid license; deposits/fees paid
  • Allowed games matrix; agreed limits and bonus policy
  • Reporting Calendar; discrepancy otchetnost↔billing <0.5%

IT/Security

  • Platform/RNG/Wallet/Storefront Certified
  • WORM logs, NTP, encryption; RBAC/SoD; DR/BCP tests
  • Geo-gate and filters by channel; grievance system with SLA

AML/KYC & RG

  • KYC 18 +, sanctions/PEP; SoF/SoW by Trigger
  • STR procedures; retention of CUS/logs
  • Limits/timeouts/self-exclusion; banning promo self-excluded

Advertising & Affiliates

  • ASCI disclaimers; "no risk/guaranteed win" ban
  • In-state target; compliance log (screenshots/URL/dates/target)
  • Quick Recall Procedure

13) First year KPI

Fiscal: timely filing ≥99%; discrepancy otchetnost↔billing <0.5%

AML/KYC: average verification time; Proportion of correct STRs false positives

RG: proportion of players with active limits; Self-exclusion TTR <1 min

IS/resilience: MTTR incidents; closing critical vulnerabilities

Marketing: 0 ASCI/Interstate target violations; 100% geo-filter compliance

14) FAQ

Can Meghalaya be licensed to operate throughout India?
No, it isn't. The license operates in state logic; interstate targeting is prohibited.

Are skill and chance allowed at the same time?
Yes, within permitted lists and conditions. The specific list/format is approved by the state and can be updated.

How to count taxes online operator?
Lay down a GST of 28% on the installed base and TDS on net winnings for players, keep separate records by product/channel/location.

What are the critical IT requirements?
Certifications, WORM logs, geo-gate, secure uploads/API for supervision, secure SDLC, DR/BCP.

Note

Game listings, reporting forms, fees, and advertising/IT requirements may be updated. Before starting, double-check the current state documents and federal clarifications (MeitY/RBI/FIU/MIB/ASCI), update geo-settings and product list.

Contact

Get in Touch

Reach out with any questions or support needs.We are always ready to help!

Start Integration

Email is required. Telegram or WhatsApp — optional.

Your Name optional
Email optional
Subject optional
Message optional
Telegram optional
@
If you include Telegram — we will reply there as well, in addition to Email.
WhatsApp optional
Format: +country code and number (e.g., +380XXXXXXXXX).

By clicking this button, you agree to data processing.