India - Sikkim: online licenses
(Section: "Markets and Jurisdictions")
1) Market picture: why Sikkim "online" with offline borders
Sikkim is one of the few states in India that historically provides admission to online games for money. At the same time, the model is geographically limited: access to licensed "online games" is possible only within the state and, as a rule, through a closed (intranet) circuit and/or terminals/halls with controlled access. It is not a federal license and does not give the right to offer games throughout India.
2) Organs and roles
Government of Sikkim State (financial block/authorized licensing authority) - issues permits, approves rules, monitors compliance with conditions.
State Licensing/Supervisory Authority - maintains a register, accepts reports, conducts inspections (including IT audits and sampling sessions).
State Police/Cyber Units - Suppression of Unlicensed Offers, Blocking Illegal Access Points.
Central Departments of India (MeitY, RBI, FIU-IND, MIB/ASCI) - set end-to-end requirements for IT, payments, AML/KYC, advertising and complaints, which the operator must comply with in addition to state standards.
3) What can be licensed: product perimeter
By "online games" Sikkim means the list of permitted games (including classic casino games and a number of cards/numbers) provided through an approved platform on a closed network. Typically allowed:- roulette/blackjack/baccarat/" wheel of fortune";
- bingo/keno;
- poker (in the form provided by the rules);
- other games explicitly listed in state bylaws.
4) Geo-restriction and access channels
Inside Sikkim only: Players must be on staff; geo-restriction, IP/device control, and site access checks are typically applied.
Closed loop: communication on an approved architecture (intranet/VPN within the state), often through terminals in halls/points with controlled entry and KYC.
No "all India": Offering outside Sikkim (including mobile apps/sites for other states) is prohibited.
5) Requirements for license applicant
Local presence: legal entity, registration in Sikkim/India, bank accounts, compliance representatives.
Fit & Proper: transparent ownership structure, no disqualifying factors, confirmation of sources of funds.
Financial stability: security deposits/bank guarantees/minimum capital parameters according to the conditions.
Operational readiness: descriptions of KYC/AML/RG processes, IT architecture, logging and reporting; contracts with certification/verification providers.
6) Technical and operational requirements
Certification of platform, RNG/billing modules, billing/wallet, reporting showcases.
WORM logging of the full chain "rate/contribution → calculation → payment → adjustment," time synchronization (NTP), immutability and retention.
Separation of channels: separate showcases/accounting offline/online and for each game.
Supervisory access: test accounts protected by API/uploads, SLA for responses to requests.
Reliability/IS: encryption at rest/in transit, RBAC/SoD, secret management, DR/BCP (target RPO/RTO), regular penetration tests/scans.
7) KYC/AML/game in charge
Age and identification: 18 +; mandatory KYC (IDV/address), proof of ownership of the means of payment, geo-validators.
AML: sanctions/PEP screening, SoF/SoW triggers, transactional monitoring, STR in FIU-IND if suspected.
Responsible Gaming: deposit/loss/time limits, "timeouts/cooling," self-exclusion; banning marketing to the self-excluded; visible risk warnings.
8) Advertising and promo
For Sikkim audiences only and on state-approved forms; it is forbidden to target advertising materials to other states of India.
ASCI/media requirements: mandatory disclaimers ("game is associated with financial risk..."), prohibition of misleading offers ("no risk," "guaranteed win"), prohibition of targeting minors.
Affiliates: allowed for a licensed brand within the state; compliance log is required (screenshots/URL/dates/geo/target), quick recall of violating creatives.
9) Taxes, fees and reporting (high level)
License fees: primary/annual fees, security deposits under license terms.
Tax outline: Federal taxes apply for online games (including GST and TDS by net wins for players), as well as local state fees (if provided).
Accounting and reporting: separate accounting by games/channels/locations; periodic reports to the state and tax authorities; audit.
10) Enforcement and sanctions
Desk checks: comparison of reporting and payments, analysis of GGR/NGR anomalies, audit of bonuses/void/cashout.
Field/IT audit: inspection of halls/terminals, logs, geo-limiters and advertising placements.
Measures: fines, prescriptions, freezing of access points/domains in the state, suspension/cancellation of the license; possible cases in attempts to go beyond Sikkim.
11) Entry roadmap (operator & provider playbook)
For B2C operator in Sikkim
1. Jurassic/Fin perimeter: local legal entity, security deposit/bank guarantee, responsible persons (IT/Grievance, AML, RG).
2. Product matrix: only permitted games; Bonus design in accordance with reporting rules.
3. Technical circuit: certification of RNG/modules, WORM-logs, geo-restriction (within the state), API/unloading supervision.
4. Payments: only KYC-compatible routes; anti- "pseudo-merchants"; limits and frequency caps.
5. RG/AML: limits/timeouts/self-exclusion, STR stream, storage of ACC/logs.
6. Marketing: whitelist channels and creatives, compliance magazine, target ban outside Sikkim.
7. UAT/Go-Live: NGR/GGR/GST/TDS test cases, exceeding limits, fault tolerance; runbook и freeze.
For B2B provider (content/platform/identification/payments)
1. Compatibility: certifications, reporting formats/SDK, geo-gate in the product.
2. Contracts: SLA, data protection (DPDP logic), escrow/versions.
3. Tools: showcases for NGR/GGR/GST/TDS, reports on halls/terminals, RG/AML signals.
4. Marketing: dropping promos to audiences outside of Sikkim; pre-moderation.
12) Compliance checklists
Licensing and Finance
- Valid state license/permit; security deposits paid
- Matrix of allowed games and limits; bonus policy agreed
- Reporting/payment calendar; discrepancy otchetnost↔billing <0.5%
IT and Security
- RNG Certified/Modules/Wallet/Storefronts
- WORM logs, NTP, encryption; RBAC/SoD; DR/BCP tests
- in-state only, closed loop/terminals
AML/KYC & RG
- CCM/address/ownership of the means of payment; sanctions/RAP; SoF/SoW by Trigger
- STR process in FIU-IND; retention of CUS/logs
- Limits/timeouts/self-exclusion; banning marketing to self-excluded
Advertising & Affiliates
- ASCI Disclaimers, No Risk/Win Assured
- Geo-filters: Sikkim only; compliance log (screenshots/URL/dates/target)
- Quick Recall Procedure
13) First year KPI
Fiscal: timeliness of declarations ≥99%; discrepancy otchetnost↔billing <0.5%
AML/KYC: average verification time; the proportion of STRs from "red" triggers; false positives
RG: proportion of players with active limits; Self-exclusion TTR <1 min
IS/resilience: MTTR incidents; closing critical vulnerabilities on time
Marketing: 0 Geo/ASCI violations; 100% compliance with in-state target
14) FAQ
Does Sikkim's licence entitle it to operate across India?
No, it isn't. This is a standard license with in-state access. Work outside Sikkim is prohibited.
Is it possible to "open Internet access" without terminals and geo-filters?
No, it isn't. The model assumes a closed loop and/or geo-constrained controlled access points.
Is poker allowed?
Poker is allowed only in the form and under the conditions that are directly provided for by the rules/list of the state. Check the current list of games.
How to count taxes?
Lay down federal requirements (including GST and TDS on net winnings) plus local/state fees; keep separate records by games/channels/points.
Note
Sikkim norms and federal requirements for online gaming/payments/advertising are evolving. Before launching, update the product list, reporting forms, tax interpretations and technical specifications, as well as conduct legal verification of access channels and geo-restrictions.