BetMGM has been fined $100,000 in Pennsylvania after state regulators found weak identity checks and fraud controls on its BetMGM and Borgata platforms. The Pennsylvania Gaming Control Board approved the penalty at its March 25 meeting through a consent agreement with the operator.
The case is not about a single bad account. Regulators said the gaps let multiple fraud rings open and use accounts with stolen personal details and compromised payment methods over long periods. That pushed the issue beyond a routine compliance lapse and into a wider failure of account screening and monitoring.
Four fraud rings stayed active for months across two brands
According to the Board, the four fraud rings ran for between 19 and 34 months. Together they used 2,024 accounts and generated about $2.01 million in wagering before the activity was stopped.
The biggest case by wagering involved 119 accounts that produced $895,092 and ran for about 29 months. Another ring used 304 accounts and generated $867,910 over 19 months. The largest by account volume involved 1,567 accounts and $229,580 in wagering over about 25 months. A fourth case involved 34 accounts and $14,598 over roughly 34 months.
Regulators said BetMGM’s controls were not good enough
The Board said BetMGM failed to maintain sufficient know-your-customer procedures to stop fraudulent accounts from being created, accessed, and funded. In the regulator’s view, the problem was not limited to onboarding. The accounts remained active long enough to show weaknesses in ongoing detection as well.
That matters in Pennsylvania because online operators are expected to spot suspicious behavior early, especially when stolen identities and payment devices are involved. The state’s 2024-25 annual report shows how much is at stake. Pennsylvania generated nearly $3 billion in annual gaming tax revenue, with iGaming alone producing about $2.48 billion in revenue during the fiscal year.
The fine is modest, but the message is not
A $100,000 penalty will not hurt a company of BetMGM’s size on its own. The bigger issue is that regulators chose to tie the fine to control failures that stretched across two brands and lasted for years.
For operators, that is the point to watch. Pennsylvania is showing that KYC and fraud controls will be judged on whether they work in the real world, not just on whether they exist on paper.
