PAGCOR B2B Online Gaming Aggregator License Application

I. Introduction

The Philippine online gaming industry is heavily regulated, commercially significant, and legally sensitive. Any person or entity intending to participate in online gaming operations connected with the Philippines must first understand the role of the Philippine Amusement and Gaming Corporation, commonly known as PAGCOR, and the licensing framework that governs gaming activities.

A PAGCOR B2B Online Gaming Aggregator License generally refers to a regulatory authorization for a business-to-business service provider that aggregates, supplies, integrates, or facilitates online gaming content, platforms, systems, products, or related services for licensed gaming operators. Unlike a consumer-facing online gaming operator, a B2B aggregator typically does not directly take bets from players. Instead, it provides technology, game content, platform integration, wallet or back-office connectivity, reporting systems, or other gaming-related services to licensed operators.

In the Philippine context, this license is important because PAGCOR regulates not only gaming operators but also many categories of gaming service providers that support the industry. A company that supplies online gaming content or infrastructure without the proper approval may expose itself and its counterparties to regulatory enforcement, contract invalidity risks, tax issues, banking difficulties, and reputational harm.

This article explains the legal context, regulatory rationale, probable application requirements, corporate structuring issues, compliance obligations, operational expectations, and legal risks involved in applying for a PAGCOR B2B Online Gaming Aggregator License.

II. PAGCOR’s Legal Role in Philippine Gaming Regulation

PAGCOR is a government-owned and controlled corporation with a dual role in Philippine gaming. It may operate gaming activities and also regulate certain gaming businesses. Its powers come from its legislative charter and related laws, rules, executive issuances, and regulatory frameworks.

In broad terms, PAGCOR’s regulatory authority covers casino gaming, electronic gaming, online gaming, gaming service providers, gaming platforms, and related gaming activities that fall within its jurisdiction. PAGCOR may issue licenses, accreditations, approvals, provisional authorities, certificates, and other regulatory permissions depending on the category of activity.

The legal significance of PAGCOR licensing is that gaming is not an ordinary commercial activity. In the Philippines, gambling is generally prohibited unless expressly authorized by law or by a competent regulator. A license or authority from PAGCOR is therefore not merely a business permit. It is the legal basis that separates lawful regulated gaming participation from unlawful gambling activity.

III. Meaning of a B2B Online Gaming Aggregator

A B2B online gaming aggregator is usually a company that acts as a technological or commercial intermediary between game suppliers and licensed gaming operators. It may provide one or more of the following:

  1. Aggregated game content from multiple studios or game providers.
  2. A single application programming interface or integration layer for operators.
  3. Remote game server connectivity.
  4. Platform management tools.
  5. Game lobby systems.
  6. Player account integration tools.
  7. Reporting dashboards.
  8. Risk monitoring and transaction logs.
  9. Game certification coordination.
  10. Technical support for operator integrations.
  11. Back-office systems.
  12. Wallet or payment integration support, where allowed.
  13. Compliance reporting tools.
  14. Game launch, testing, and production deployment services.

The “B2B” character is important. The aggregator’s client is normally another business, such as a PAGCOR-licensed operator, and not the end user or player. However, the distinction is not always enough to avoid licensing. If the aggregator touches gaming systems, games of chance, player data, game outcomes, wagering flow, revenue share, or platform functionality, PAGCOR may require licensing, accreditation, or approval.

IV. Difference Between a B2B Aggregator and an Online Gaming Operator

A gaming operator usually has the primary relationship with players. It may register players, accept wagers, manage player accounts, pay winnings, market the gaming site, and assume operational responsibility for gaming activity.

A B2B aggregator, by contrast, usually supports the operator. It may provide the games, the technical platform, the integration layer, the reporting system, or the content aggregation function. It may earn fees through revenue share, fixed monthly charges, integration fees, transaction-based fees, or licensing fees.

The distinction matters because regulatory obligations differ. Operators typically face heavier duties relating to player onboarding, know-your-customer procedures, responsible gaming, anti-money laundering compliance, player fund controls, marketing rules, and consumer protection. Aggregators, however, may still be required to meet high standards on system integrity, game fairness, cybersecurity, audit logs, data protection, testing, revenue reporting, and contractual controls with operators.

A B2B aggregator should not assume that it is outside PAGCOR’s jurisdiction merely because it does not directly deal with players. If its services are material to the conduct of licensed gaming, PAGCOR may regulate it.

V. Why PAGCOR Requires Licensing or Approval for Aggregators

PAGCOR’s interest in licensing B2B aggregators is rooted in several regulatory concerns.

First, online gaming depends heavily on technology. If the software, game server, random number generator, payout table, wallet interface, or reporting system is compromised, the integrity of the entire gaming operation may be affected.

Second, aggregators may have access to sensitive data, including player identifiers, transaction histories, bet records, game outcomes, and financial reporting. This creates data privacy and cybersecurity risks.

Third, aggregators may participate in revenue flows. Even if they do not directly receive player funds, they may earn revenue from wagers, gross gaming revenue, net gaming revenue, or other gaming-related metrics. PAGCOR has a legitimate interest in monitoring such arrangements.

Fourth, operators may rely on aggregators for compliance reports. If the aggregator’s system does not produce accurate and complete data, the operator’s reporting to PAGCOR may also become defective.

Fifth, unlicensed service providers can become a channel for illegal gaming, unauthorized game deployment, tax leakage, money laundering, fraud, or circumvention of player protection rules.

For these reasons, a B2B aggregator license or approval is a regulatory gatekeeping mechanism.

VI. Who Should Consider Applying

A company should consider applying for a PAGCOR B2B Online Gaming Aggregator License or equivalent approval if it intends to provide online gaming-related services to PAGCOR-regulated operators and its role involves any of the following:

  1. Supplying online casino games, slots, live dealer games, table games, betting games, virtual games, or similar content.
  2. Aggregating games from multiple providers.
  3. Operating a remote game server.
  4. Providing platform-as-a-service for gaming operators.
  5. Integrating third-party gaming content into operator websites or applications.
  6. Providing back-office gaming management systems.
  7. Managing game launch infrastructure.
  8. Providing game outcome, payout, or randomization technology.
  9. Participating in gaming revenue.
  10. Providing systems used for regulatory reports.
  11. Handling player gaming records.
  12. Hosting or transmitting gaming data.
  13. Providing wallet, payment, or settlement-related gaming support.
  14. Offering white-label or turnkey gaming technology solutions.

Even where the exact licensing category is uncertain, a prudent company should seek a formal regulatory classification before commencing activity.

VII. Corporate Eligibility and Philippine Presence

A foreign or domestic company intending to apply must consider Philippine corporate, foreign investment, tax, licensing, and local presence requirements.

Depending on the applicable PAGCOR rules and the business model, PAGCOR may require the applicant to be a Philippine corporation, a foreign corporation registered to do business in the Philippines, or an offshore entity with locally approved arrangements. The proper structure depends on whether the aggregator will perform services in the Philippines, contract with Philippine licensees, host systems locally, employ local personnel, receive Philippine-source income, or maintain local operations.

Common structuring options include:

  1. A Philippine domestic corporation.
  2. A Philippine subsidiary of a foreign parent.
  3. A Philippine branch of a foreign corporation.
  4. A foreign service provider with PAGCOR recognition or accreditation.
  5. A joint venture with a licensed Philippine gaming entity.
  6. A contractual B2B provider arrangement approved by PAGCOR.

Each structure has different implications for liability, taxation, capitalization, licensing, corporate governance, immigration, labor, banking, and local permits.

VIII. Key Philippine Legal Areas Affecting the Application

A B2B Online Gaming Aggregator License application does not exist in isolation. It intersects with several legal regimes.

A. Gaming Law

Gaming law determines whether the activity is lawful, who may conduct it, what license is required, what games may be offered, what systems may be used, and what regulatory approvals are necessary.

B. Corporate Law

The applicant’s corporate existence, authority, ownership, directors, officers, capitalization, and governance must comply with Philippine corporate law if the applicant is locally incorporated or registered.

C. Foreign Investment Law

Foreign ownership restrictions may be relevant depending on the precise classification of the business activity. Gaming itself is a sensitive regulated area. Legal review is necessary to determine whether the applicant’s activities are treated as gaming operations, technology services, software licensing, management services, or another category.

D. Tax Law

Gaming-related revenues may be subject to special taxes, franchise taxes, income taxes, withholding taxes, value-added tax, percentage tax, local taxes, or other fiscal obligations depending on the structure and revenue model.

E. Anti-Money Laundering Law

Gaming businesses and certain gaming-related service providers may be subject to anti-money laundering obligations. Even B2B providers may need to support transaction monitoring, audit trails, suspicious transaction detection, and recordkeeping.

F. Data Privacy Law

The Data Privacy Act applies when personal information or sensitive personal information is processed. Aggregators may be personal information processors or controllers depending on their role.

G. Cybercrime and Cybersecurity Law

Gaming platforms are exposed to hacking, fraud, bot activity, account takeover, denial-of-service attacks, and system manipulation. Cybersecurity controls are therefore a major licensing concern.

H. Consumer Protection and Responsible Gaming

Although B2B aggregators may not directly deal with players, they may need to support operator compliance with responsible gaming tools, age restrictions, self-exclusion, player limits, and game information disclosures.

I. Labor and Immigration Law

If the applicant maintains Philippine staff or foreign personnel in the Philippines, it must comply with labor standards, work permits, visas, and local employment rules.

J. Local Government Permits

If the applicant maintains an office or operational facility in the Philippines, local business permits, barangay clearances, zoning approvals, fire safety clearances, and related permits may be needed.

IX. Typical Application Requirements

The exact requirements depend on PAGCOR’s current rules and the license category. However, a B2B aggregator applicant should generally prepare for a detailed documentary and technical submission.

Common requirements may include:

  1. Letter of intent or formal application.
  2. Corporate profile.
  3. Articles of incorporation, bylaws, or equivalent constitutional documents.
  4. Certificate of incorporation or registration.
  5. Board authorization approving the application.
  6. List of directors, officers, shareholders, and beneficial owners.
  7. Organizational chart.
  8. Group corporate structure chart.
  9. Ultimate beneficial ownership disclosure.
  10. Audited financial statements.
  11. Proof of financial capacity.
  12. Tax registration documents.
  13. Business permits, if applicable.
  14. Description of proposed business model.
  15. Description of gaming products and services.
  16. List of game providers or studios to be aggregated.
  17. List of target operators or counterparties.
  18. Draft or executed B2B contracts.
  19. Revenue model and fee structure.
  20. Technical architecture diagram.
  21. System security documentation.
  22. Game certification or testing reports.
  23. Random number generator certifications, if applicable.
  24. Platform certification reports, if applicable.
  25. Data privacy compliance documents.
  26. AML compliance framework, if applicable.
  27. Responsible gaming support features.
  28. Disaster recovery and business continuity plan.
  29. Cybersecurity policies.
  30. Internal control policies.
  31. Regulatory reporting capability.
  32. Fit-and-proper documents for key persons.
  33. Police, court, or NBI clearances, where required.
  34. Anti-bribery and anti-corruption undertaking.
  35. Application fees and processing fees.
  36. Other documents requested by PAGCOR.

The applicant should expect PAGCOR to review not only legal documents but also the applicant’s technology, financial credibility, ownership transparency, management integrity, and operational readiness.

X. Fit-and-Proper Review

PAGCOR may evaluate whether the applicant, its shareholders, directors, officers, key employees, beneficial owners, and related entities are fit and proper to participate in the gaming industry.

The fit-and-proper review may consider:

  1. Criminal history.
  2. Regulatory history.
  3. Prior gaming licenses.
  4. License suspensions or revocations.
  5. Financial integrity.
  6. Source of funds.
  7. Tax compliance.
  8. Litigation history.
  9. Bankruptcy or insolvency history.
  10. Association with illegal gaming.
  11. Anti-money laundering concerns.
  12. Sanctions exposure.
  13. Reputation and business track record.

Because gaming is a trust-sensitive industry, undisclosed ownership, nominee arrangements, unclear funding, or adverse regulatory history can seriously damage an application.

XI. Beneficial Ownership and Control

A major issue in gaming applications is identifying the real persons who own, control, or benefit from the applicant.

PAGCOR may require disclosure of:

  1. Direct shareholders.
  2. Indirect shareholders.
  3. Parent companies.
  4. Ultimate beneficial owners.
  5. Voting arrangements.
  6. Nominee shareholders.
  7. Trust structures.
  8. Share pledges.
  9. Convertible instruments.
  10. Side agreements affecting control.
  11. Persons with economic interests in gaming revenue.

The applicant should ensure that ownership information is accurate, consistent, and supported by corporate documents. Inconsistent beneficial ownership disclosures can trigger delays, enhanced due diligence, or denial.

XII. Capitalization and Financial Capacity

A B2B aggregator must demonstrate that it has enough financial capacity to operate reliably. PAGCOR may be concerned with whether the applicant can maintain systems, pay regulatory fees, support operators, protect data, respond to incidents, and remain solvent.

Financial documents may include audited accounts, bank certificates, capitalization records, source-of-funds documents, parent company guarantees, financial projections, and proof of paid-up capital.

A weak balance sheet may not automatically prevent approval, but it can raise concerns, especially where the applicant will operate critical infrastructure.

XIII. Technology and System Integrity

Technology review is central to a B2B aggregator license. PAGCOR will likely want assurance that the aggregator’s systems are secure, auditable, reliable, and fair.

Relevant technical issues include:

  1. System architecture.
  2. Hosting environment.
  3. Server location.
  4. Cloud service providers.
  5. Encryption.
  6. Access controls.
  7. User privilege management.
  8. Audit logs.
  9. Game result integrity.
  10. Random number generation.
  11. Game payout configuration.
  12. Version control.
  13. Incident response.
  14. Penetration testing.
  15. Vulnerability management.
  16. Disaster recovery.
  17. Uptime and availability.
  18. Data retention.
  19. Segregation of operator data.
  20. Regulatory access to reports.

If the aggregator supplies games, those games may need certification by an approved testing laboratory. If the aggregator provides a platform, the platform may also require testing or inspection.

XIV. Game Certification

Game certification is one of the most important parts of online gaming compliance. A regulator must be satisfied that games operate fairly and according to approved mathematical rules.

Game certification may cover:

  1. Random number generator integrity.
  2. Return-to-player percentage.
  3. Game rules.
  4. Paytables.
  5. Volatility and mathematical model.
  6. Bonus features.
  7. Jackpot mechanics.
  8. Error handling.
  9. Incomplete game treatment.
  10. Game logs.
  11. Version control.
  12. Player display information.
  13. Jurisdictional configuration.

An aggregator that offers third-party games should ensure that each game has certification acceptable to PAGCOR and that no uncertified game version is deployed.

XV. Contracts With Operators

A B2B aggregator’s contracts with licensed operators are legally significant. PAGCOR may require copies or summaries of these agreements.

Important contract provisions include:

  1. Scope of services.
  2. Regulatory compliance obligations.
  3. PAGCOR approval condition.
  4. Game list and approved products.
  5. Technical integration responsibilities.
  6. Service-level commitments.
  7. Data ownership and processing roles.
  8. Audit rights.
  9. Revenue share or fee computation.
  10. Tax responsibility.
  11. AML cooperation.
  12. Responsible gaming support.
  13. Incident notification.
  14. Suspension rights.
  15. Termination for regulatory breach.
  16. Confidentiality.
  17. Intellectual property licensing.
  18. Indemnity.
  19. Limitation of liability.
  20. Dispute resolution.
  21. Governing law.
  22. Regulator access and cooperation.

Contracts should avoid provisions suggesting that the aggregator is secretly operating the gaming business if it is licensed only as a B2B provider. The division of responsibilities must be clear.

XVI. Revenue Models and Regulatory Issues

B2B aggregators may earn revenue in different ways:

  1. Fixed monthly fees.
  2. Setup or integration fees.
  3. Per-game licensing fees.
  4. Transaction fees.
  5. Revenue share based on gross gaming revenue.
  6. Revenue share based on net gaming revenue.
  7. Minimum guarantees.
  8. Tiered fees based on volume.
  9. Hybrid fee structures.

Revenue share models are common but sensitive because they connect the aggregator economically to gaming activity. PAGCOR may scrutinize whether the arrangement effectively makes the aggregator a participant in gaming operations rather than a mere service provider.

The tax consequences also differ depending on how fees are characterized. A payment for software licensing, technical services, management services, or gaming revenue participation may be treated differently for tax and withholding purposes.

XVII. Data Privacy Compliance

A B2B aggregator may process personal data relating to players, operator staff, affiliates, or other users. Under Philippine data privacy principles, the company must establish a lawful basis for processing, implement security measures, observe data subject rights, and comply with cross-border transfer requirements where applicable.

Key documents may include:

  1. Privacy policy.
  2. Data processing agreement.
  3. Data retention policy.
  4. Information security policy.
  5. Breach response procedure.
  6. Data subject rights procedure.
  7. Cross-border data transfer assessment.
  8. Subprocessor list.
  9. Data inventory.
  10. Appointment of a data protection officer, where required.

The aggregator should determine whether it acts as a personal information controller, personal information processor, or both. In many B2B settings, the operator controls the player relationship, while the aggregator processes data on the operator’s behalf. However, if the aggregator independently determines the use of data, it may assume controller obligations.

XVIII. Anti-Money Laundering Considerations

Online gaming can be vulnerable to money laundering, fraud, mule accounts, collusion, and suspicious transaction patterns. Operators usually bear primary AML duties, but aggregators may still play an important supporting role.

An aggregator may need systems that allow operators to:

  1. Track wagers and winnings.
  2. Identify unusual betting patterns.
  3. Generate transaction reports.
  4. Preserve logs.
  5. Support suspicious transaction investigation.
  6. Freeze or suspend suspicious activity where technically required.
  7. Provide audit trails.
  8. Respond to regulator inquiries.

If the aggregator has access to relevant transaction data, it should maintain policies for cooperation with operators and regulators.

XIX. Responsible Gaming

Responsible gaming is a core regulatory policy. Even if an aggregator does not interact with players, its systems may need to support responsible gaming controls.

Relevant features may include:

  1. Age restriction controls.
  2. Self-exclusion integration.
  3. Deposit or wagering limit integration.
  4. Reality checks.
  5. Session time reminders.
  6. Game information displays.
  7. Responsible gaming messaging.
  8. Cool-off periods.
  9. Operator-initiated account restriction tools.
  10. Reporting of risky play indicators.

If the aggregator supplies games, game design should avoid misleading representations, undisclosed odds, hidden mechanics, or unfair bonus features.

XX. Cybersecurity and Operational Resilience

PAGCOR and licensed operators will expect a B2B aggregator to maintain robust cybersecurity controls. Weak cybersecurity can lead to game manipulation, data breaches, financial loss, and regulatory sanctions.

Common requirements or best practices include:

  1. Secure software development lifecycle.
  2. Code review.
  3. Penetration testing.
  4. Vulnerability scanning.
  5. Encryption in transit and at rest.
  6. Multi-factor authentication.
  7. Role-based access control.
  8. Security logging.
  9. Security information and event monitoring.
  10. Incident response plan.
  11. Disaster recovery plan.
  12. Business continuity plan.
  13. Backup policy.
  14. Change management.
  15. Patch management.
  16. Vendor risk management.
  17. Employee security training.

For cloud-based systems, the applicant should be ready to explain where data is hosted, who has access, what security certifications exist, and how PAGCOR can audit relevant records.

XXI. Local Hosting and Cross-Border Services

A recurring issue in online gaming regulation is whether systems must be hosted in the Philippines or whether offshore hosting is permitted. The answer may depend on the applicable license, PAGCOR rules, data access requirements, cybersecurity arrangements, and the nature of the service.

If systems are hosted offshore, the aggregator should be ready to address:

  1. PAGCOR access to records.
  2. Data localization concerns.
  3. Cross-border data transfer compliance.
  4. Server auditability.
  5. Disaster recovery.
  6. Law enforcement cooperation.
  7. Latency and service reliability.
  8. Applicable foreign laws.
  9. Subcontractor controls.
  10. Regulatory inspection rights.

Even when offshore hosting is allowed, the applicant should ensure that contracts and technical arrangements permit PAGCOR and licensed operators to obtain necessary information promptly.

XXII. Intellectual Property Issues

Aggregators frequently deal with software, games, trademarks, artwork, game math, source code, APIs, databases, and proprietary platforms. The applicant must be able to prove that it has rights to provide the products it offers.

Important intellectual property documents include:

  1. Software license agreements.
  2. Game distribution agreements.
  3. Studio agreements.
  4. Trademark licenses.
  5. Source code escrow agreements, where applicable.
  6. API documentation ownership terms.
  7. White-label platform licenses.
  8. Content sublicensing authority.
  9. Certification rights.
  10. Restrictions by territory or operator type.

The aggregator should ensure that it is authorized to offer the games in the Philippine regulated market. Some game providers restrict use by jurisdiction, operator, platform, currency, or player location.

XXIII. Tax Considerations

Tax treatment depends on corporate structure, source of income, service location, contract terms, and payment flows.

Relevant Philippine tax issues may include:

  1. Corporate income tax.
  2. Withholding tax on service fees.
  3. Withholding tax on royalties.
  4. Value-added tax.
  5. Percentage tax.
  6. Local business tax.
  7. Documentary stamp tax.
  8. Transfer pricing.
  9. Tax treaty relief.
  10. Permanent establishment risk.
  11. Tax registration and invoicing.
  12. Special tax treatment for gaming revenue, where applicable.

If a foreign aggregator contracts with a Philippine operator, the parties must analyze whether payments are Philippine-source income and whether withholding applies. If the foreign aggregator has personnel, servers, agents, or dependent representatives in the Philippines, permanent establishment or local tax registration issues may arise.

XXIV. Local Permits and Business Registration

A Philippine-based applicant may need several registrations before or alongside the PAGCOR process:

  1. Securities and Exchange Commission registration.
  2. Bureau of Internal Revenue registration.
  3. Local government business permit.
  4. Barangay clearance.
  5. Mayor’s permit.
  6. Fire safety inspection certificate.
  7. Occupancy permit, where applicable.
  8. Social security, health insurance, and housing fund registrations for employees.
  9. Data privacy registration, where applicable.
  10. Immigration and labor permits for foreign staff.

PAGCOR licensing does not automatically replace ordinary business registrations unless a specific rule provides otherwise.

XXV. Application Process

The process usually involves several stages.

1. Regulatory Classification

Before filing, the applicant should determine the correct license or accreditation category. This may involve informal consultation, written inquiry, or engagement with PAGCOR’s licensing department.

2. Corporate Structuring

The applicant should choose the appropriate entity structure and ensure that ownership, capitalization, tax, and governance are acceptable.

3. Document Preparation

Corporate, financial, technical, compliance, and fit-and-proper documents must be assembled.

4. Submission of Application

The applicant files the application and pays the required fees.

5. PAGCOR Evaluation

PAGCOR reviews the documents, asks questions, requests clarifications, and evaluates the applicant’s suitability.

6. Technical Review

Systems, games, platforms, reports, and security controls may be reviewed.

7. Due Diligence

PAGCOR may conduct background checks on the applicant, its officers, shareholders, beneficial owners, and affiliates.

8. Approval, Provisional Authority, or Conditional Clearance

The applicant may receive approval subject to conditions, additional submissions, testing, payment of fees, or execution of undertakings.

9. Launch Approval

Even after licensing, specific games, operators, systems, or integrations may require additional approval before going live.

10. Continuing Compliance

The licensee must submit reports, pay fees, maintain records, pass audits, and comply with PAGCOR directives.

XXVI. Fees, Bonds, and Financial Obligations

A B2B aggregator should expect monetary obligations, which may include:

  1. Application fees.
  2. Processing fees.
  3. License fees.
  4. Accreditation fees.
  5. Renewal fees.
  6. Regulatory monitoring fees.
  7. Testing and certification costs.
  8. Security deposits.
  9. Performance bonds.
  10. Minimum guarantees, if applicable.
  11. Penalties for non-compliance.
  12. Taxes and withholding obligations.

The exact amounts depend on PAGCOR’s applicable schedule and the license category. Applicants should budget not only for government fees but also for legal counsel, technical consultants, testing laboratories, cybersecurity assessments, accounting, and corporate compliance.

XXVII. Ongoing Compliance Obligations

After approval, the licensee may be required to comply with continuing obligations, including:

  1. Maintaining good corporate standing.
  2. Paying annual or periodic fees.
  3. Submitting regular reports.
  4. Reporting material changes.
  5. Seeking approval for new games.
  6. Seeking approval for new operators.
  7. Reporting system incidents.
  8. Maintaining certified game versions.
  9. Keeping audit logs.
  10. Preserving records.
  11. Allowing regulatory inspection.
  12. Maintaining AML and data privacy controls.
  13. Reporting changes in ownership or control.
  14. Reporting changes in directors or officers.
  15. Maintaining financial capacity.
  16. Renewing the license before expiry.
  17. Complying with responsible gaming requirements.
  18. Complying with PAGCOR circulars, notices, and directives.

A common mistake is treating the license as a one-time approval. In practice, regulated gaming compliance is continuous.

XXVIII. Material Changes Requiring Prior Approval

A B2B aggregator should be cautious before making major changes. PAGCOR may require prior notice or approval for:

  1. Change in ownership.
  2. Change in beneficial ownership.
  3. Change in directors or key officers.
  4. Change in corporate name.
  5. Merger or acquisition.
  6. Transfer of license.
  7. New game providers.
  8. New games.
  9. New platform versions.
  10. New hosting location.
  11. New operator integrations.
  12. New payment or wallet arrangements.
  13. Change in revenue model.
  14. Outsourcing of critical functions.
  15. Appointment of new key vendors.
  16. System migration.
  17. Cessation of operations.

Failure to obtain approval for material changes can result in sanctions.

XXIX. Restrictions on Assignment or Transfer

Gaming licenses are generally personal to the licensee. They are not freely transferable like ordinary commercial assets. A B2B aggregator should not assign, sell, pledge, sublicense, or transfer its license or approval without PAGCOR consent.

In mergers, acquisitions, or investment rounds, gaming regulatory approval may be required before closing. Transaction documents should include regulatory conditions precedent.

XXX. Common Reasons for Delay or Denial

Applications may be delayed or denied due to:

  1. Incomplete documents.
  2. Unclear business model.
  3. Unverified beneficial ownership.
  4. Adverse background findings.
  5. Insufficient financial capacity.
  6. Uncertified games.
  7. Weak cybersecurity controls.
  8. Inadequate AML support.
  9. Data privacy gaps.
  10. Unclear source of funds.
  11. Conflicting corporate documents.
  12. Non-compliant contracts.
  13. Unauthorized prior operations.
  14. Association with illegal gaming sites.
  15. Failure to pay fees.
  16. Inconsistent tax position.
  17. Lack of local permits.
  18. Use of prohibited or high-risk vendors.
  19. Misrepresentation or omission.

The most serious problems are usually lack of transparency, unauthorized operations, and unclear ownership.

XXXI. Enforcement Risks

Operating without the proper license or approval may expose the company and its officers to serious consequences.

Possible risks include:

  1. Cease-and-desist orders.
  2. Monetary penalties.
  3. License denial.
  4. Blacklisting.
  5. Termination of operator contracts.
  6. Contract unenforceability.
  7. Tax assessments.
  8. Criminal exposure under gambling laws.
  9. AML investigation.
  10. Data privacy enforcement.
  11. Cybercrime investigation.
  12. Bank account closure.
  13. Payment processor termination.
  14. Reputational damage.

Licensed operators may also be penalized for dealing with unlicensed or unauthorized service providers.

XXXII. Relationship With Offshore Gaming

The Philippine gaming framework has historically included different categories of online or offshore gaming activities. B2B aggregators must be careful to distinguish whether they are supporting domestic-facing gaming, offshore-facing gaming, land-based casino online extensions, e-games, sports betting, or other regulated formats.

The intended player market matters. Gaming offered to persons located in the Philippines may be treated differently from gaming offered to persons located outside the Philippines. The operator’s license category, target jurisdiction, payment flow, server location, and marketing practices all affect the analysis.

An aggregator should not assume that a license for one type of activity permits support for another. Each operator, product, and market should be reviewed separately.

XXXIII. Advertising and Marketing

A B2B aggregator usually does not market to players. However, if it promotes games, brands, jackpot products, or platform services, advertising rules may still be relevant.

Potential issues include:

  1. Misleading claims about licensing.
  2. Use of PAGCOR name or logo without permission.
  3. Promotion of unauthorized games.
  4. Marketing to prohibited persons.
  5. Marketing in restricted jurisdictions.
  6. Claims about guaranteed winnings.
  7. Unapproved public-facing game demos.
  8. Affiliate marketing arrangements.
  9. Social media promotions.
  10. Responsible gaming messaging.

The safest approach is to ensure that marketing materials accurately state the company’s regulatory status and do not imply broader authorization than actually granted.

XXXIV. Payment and Wallet Arrangements

B2B aggregators should be cautious when handling payment-related functions. If the aggregator touches player funds, settlement, wallet balances, deposits, withdrawals, or payment routing, additional regulatory obligations may arise.

Payment-related activity can implicate:

  1. Operator licensing rules.
  2. AML obligations.
  3. Payment system regulations.
  4. E-money rules.
  5. Data privacy rules.
  6. Consumer protection laws.
  7. Tax reporting.
  8. Fraud monitoring.
  9. Chargeback management.
  10. Cross-border remittance concerns.

A pure game aggregator should avoid assuming payment responsibilities unless expressly authorized and properly structured.

XXXV. Labor, Office, and Local Operations

If the aggregator will maintain a Philippine office, employ Filipino staff, or station foreign technical personnel in the Philippines, it must comply with local laws.

Relevant matters include:

  1. Employment contracts.
  2. Mandatory benefits.
  3. Working hours and leave.
  4. Occupational safety.
  5. Registration with labor agencies.
  6. Tax withholding on compensation.
  7. Work permits for foreign nationals.
  8. Visas.
  9. Office lease compliance.
  10. Local government permits.

Gaming-related businesses may face additional scrutiny in office location, security, staffing, and foreign worker compliance.

XXXVI. Compliance Program

A strong application should include a practical compliance program. At minimum, the applicant should consider having:

  1. Compliance officer.
  2. Data protection officer.
  3. Information security officer.
  4. AML liaison, where applicable.
  5. Written compliance manual.
  6. Regulatory reporting calendar.
  7. Incident response protocol.
  8. Vendor due diligence procedure.
  9. Employee training program.
  10. Internal audit procedure.
  11. Contract approval workflow.
  12. Game release approval process.
  13. Change management policy.
  14. Record retention policy.
  15. Escalation procedure for regulator inquiries.

PAGCOR will be more comfortable with applicants that can show operational discipline rather than merely legal paperwork.

XXXVII. Practical Pre-Application Checklist

Before applying, a B2B aggregator should be able to answer the following questions:

  1. What exact services will the company provide?
  2. Will it provide games, platform technology, wallet tools, reporting tools, or all of these?
  3. Will it directly interact with players?
  4. Will it receive player funds?
  5. Will it share in gaming revenue?
  6. Who are its target operators?
  7. Are those operators licensed by PAGCOR?
  8. Are all games certified?
  9. Where are the servers located?
  10. Who owns the software?
  11. Who owns the game content?
  12. Who are the beneficial owners?
  13. What is the source of capital?
  14. What Philippine entity or registration will be used?
  15. What taxes will apply?
  16. What personal data will be processed?
  17. What AML support will be provided?
  18. What reports can the system generate?
  19. What cybersecurity controls exist?
  20. What happens during downtime or cyber incidents?
  21. What approvals are needed before launch?
  22. What continuing obligations will apply?

Clear answers to these questions usually make the application process smoother.

XXXVIII. Suggested Document Package

A serious applicant should prepare a comprehensive package consisting of:

  1. Legal memorandum on proposed structure.
  2. Corporate documents.
  3. Shareholder and beneficial ownership chart.
  4. Director and officer profiles.
  5. Financial statements.
  6. Proof of capitalization.
  7. Tax registration documents.
  8. Business plan.
  9. Product description.
  10. Technical architecture.
  11. Game list.
  12. Certification reports.
  13. Sample operator agreement.
  14. Data privacy documents.
  15. AML support policy.
  16. Cybersecurity policy.
  17. Disaster recovery plan.
  18. Compliance manual.
  19. Fit-and-proper declarations.
  20. Regulatory undertakings.
  21. Fee payment documents.

The application should be internally consistent. PAGCOR reviewers may compare the business plan, contracts, technical architecture, revenue model, and corporate documents against each other.

XXXIX. Legal Drafting Points for Operator Agreements

A B2B aggregator should ensure that operator agreements contain strong regulatory clauses. Useful provisions include:

  1. License dependency clause The agreement should state that services are subject to PAGCOR approval and applicable gaming laws.

  2. Operator responsibility clause The operator should remain responsible for player-facing obligations unless the aggregator is expressly authorized to perform them.

  3. Regulatory cooperation clause Both parties should cooperate with PAGCOR inquiries, audits, and reporting.

  4. Approved games clause Only approved and certified games may be deployed.

  5. Change control clause System or game changes should be subject to approval where required.

  6. Suspension clause Services may be suspended if continued operation would breach law or PAGCOR rules.

  7. Data processing clause The agreement should define controller and processor roles.

  8. Audit log clause The aggregator should maintain records sufficient for regulatory review.

  9. Incident notice clause Cybersecurity, data breach, game malfunction, and reporting errors should be promptly reported.

  10. Termination for regulatory breach clause The agreement should terminate or suspend upon license revocation, regulatory prohibition, or illegal use.

XL. Common Misconceptions

Misconception 1: “We are only a software company, so we do not need PAGCOR approval.”

Software used to conduct gaming may still require regulatory approval. The label “software company” is not decisive.

Misconception 2: “We do not accept bets, so we are not regulated.”

B2B providers may still be regulated if they supply critical gaming systems or content.

Misconception 3: “The operator’s license covers us automatically.”

An operator’s license may not automatically authorize all third-party providers. PAGCOR may require separate accreditation or approval.

Misconception 4: “Foreign certification is enough.”

Foreign lab certification helps, but PAGCOR may still require local acceptance, additional review, or jurisdiction-specific approval.

Misconception 5: “A signed contract with a licensed operator is enough.”

A private contract does not replace regulatory approval.

Misconception 6: “Revenue share is just a commercial term.”

Revenue share may affect regulatory classification, tax treatment, and risk allocation.

Misconception 7: “Data privacy is only the operator’s problem.”

Aggregators that process player data have their own data protection obligations.

XLI. Risk-Based Structuring Advice

A conservative structure usually includes:

  1. A clearly identified licensed or accredited entity.
  2. Transparent beneficial ownership.
  3. Written PAGCOR approval before launch.
  4. Certified games.
  5. Clear operator contracts.
  6. No direct player fund handling unless authorized.
  7. Strong data privacy and cybersecurity controls.
  8. Accurate tax treatment.
  9. No unauthorized marketing.
  10. Prompt reporting of material changes.

Where the business model is complex, the company may need separate approvals for different functions: game aggregation, platform supply, technical services, payment-related support, and content distribution.

XLII. Due Diligence by Operators

Licensed operators dealing with a B2B aggregator should conduct their own due diligence. They should verify:

  1. PAGCOR license or approval status.
  2. Scope of authorized activities.
  3. Corporate existence.
  4. Beneficial ownership.
  5. Game certifications.
  6. Cybersecurity posture.
  7. Data privacy compliance.
  8. Financial stability.
  9. Sanctions and adverse media.
  10. Contractual authority to distribute games.
  11. Tax documentation.
  12. Support and incident response capability.

Operators may face regulatory liability if they onboard unauthorized or unreliable providers.

XLIII. Renewal and Post-License Management

A B2B aggregator license will usually be subject to renewal or periodic review. The licensee should maintain a renewal calendar and monitor compliance continuously.

Before renewal, the licensee should confirm:

  1. All fees are paid.
  2. Reports are complete.
  3. Corporate documents are updated.
  4. Tax filings are current.
  5. Game certifications remain valid.
  6. Material changes have been reported.
  7. Contracts remain compliant.
  8. Incidents have been properly documented.
  9. Audit findings have been resolved.
  10. Business permits remain valid.

Poor post-license management can jeopardize renewal even if the initial application was approved.

XLIV. Regulatory Strategy

The best regulatory strategy is to approach the application as a combined legal, technical, financial, and compliance project.

A useful strategy includes:

  1. Early classification of the business model.
  2. Pre-application gap assessment.
  3. Corporate cleanup before filing.
  4. Beneficial ownership verification.
  5. Technical certification planning.
  6. Contract review.
  7. Tax structuring.
  8. Data privacy mapping.
  9. Cybersecurity testing.
  10. Preparation for regulator questions.

Applicants should avoid launching, marketing, or signing broad commercial commitments before regulatory status is clear.

XLV. Conclusion

A PAGCOR B2B Online Gaming Aggregator License application is not a simple administrative filing. It is a comprehensive regulatory process that examines the applicant’s corporate structure, beneficial ownership, financial capacity, technical systems, game integrity, cybersecurity controls, data privacy compliance, contractual arrangements, and ongoing ability to support lawful gaming operations.

In the Philippine context, the central legal principle is that gaming-related activity must be expressly authorized. A B2B aggregator may not be player-facing, but if it supplies the technology, content, systems, or infrastructure that enables online gaming, it may fall within PAGCOR’s regulatory perimeter.

The strongest applicants are transparent, well-capitalized, technically prepared, contractually disciplined, and compliance-oriented. They understand that the license is not merely permission to do business; it is a continuing regulatory relationship with PAGCOR and with licensed operators.

For any company seeking to enter the Philippine regulated online gaming ecosystem as a B2B aggregator, the prudent approach is to secure the correct PAGCOR authorization before operations begin, structure the business carefully, maintain robust compliance controls, and treat regulatory obligations as part of the company’s core operations rather than an afterthought.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login