Kentucky Administrative Regulations
Title 809 - Public Protection Cabinet - Kentucky Horse Racing Commission
Chapter 10 - Technical Criteria
Section 809 KAR 10:004 - Sports wagering accounts

Universal Citation: 809 KY Admin Regs Service 10:004

Current through Register Vol. 51, No. 6, December 1, 2024

RELATES TO: KRS Chapter 230

NECESSITY, FUNCTION, AND CONFORMITY: KRS 230.260 requires the commission to "promulgate administrative regulations to establish standards for the conduct of sports wagering."KRS 230.361(2) requires the commission to "promulgate administrative regulations governing and regulating sports wagering, including administrative regulations for the deposit of funds by credit or debit cards or other means of electronic funds transfer."KRS 230.805(3) establishes additional requirements for registration of sports wagering patrons' accounts, such as account registration and wager placement. This administrative regulation establishes sports wagering account requirements, dormant and closed account requirements, and responsible gaming limits.

Section 1. Sports Wagering Account Requirements. Patrons shall register their sports wagering accounts with the licensee pursuant to KRS 230.805. Licensees shall adopt account registration policies pursuant to KRS 230.805. All account registration policies shall be subject to approval by the commission. Nothing in this section shall be interpreted to prohibit the licensee from accepting anonymous wagers by a sports wagering device within the licensed premises.

(1) An account shall only be established in the name of an account holder who is a natural person and shall not be in the name of any beneficiary, custodian, joint trust, corporation, partnership, or any other entity.

(2) A licensee shall collect the following personally identifiable information from each account holder through the sports wagering system:
(a) The account holder's full legal name;

(b) The account holder's date of birth;

(c) The account holder's Social Security number, or the last four (4) digits of the Social Security number, or an equivalent government identification number for a noncitizen, such as a passport or taxpayer identification number; and

(d) All data required by KRS 230.805.

(3) During the sports wagering account registration process, the licensee shall:
(a) Deny patrons the ability to register for account if they submit a birth date which indicates that they are an underage person; and

(b) Inform the patron on the account application which information fields are "required," which are not, and what will be the consequences of not filling in the required fields.

(4) During the sports wagering account registration process, patrons shall:
(a) Agree to the terms and conditions and privacy policies of the licensee;

(b) Acknowledge that they are prohibited from:
1. Transferring or selling an account or account balance;

2. Using any technology that may obscure or falsify the account holder's physical location for the purpose of placing sports wagers;

3. Allowing any unauthorized person to access or use their account; and

4. Any form of collusion, cheating, or other unlawful activity.

(c) Consent to the monitoring and recording of the use of their account by the licensee and the racing commission;

(d) Attest that:
1. The account holder meets all eligibility requirements to place a wager with a licensee in this Commonwealth; and

2. The personally identifiable information the account holder is providing to open the account is accurate.

(e) Authorize the provision of notices and other required communications either through a designated mobile or other interface or to an electronic mail address designated by the account holder.

(5) A licensee shall maintain an electronic patron file, which shall include the following for each sports wagering account:
(a) Unique sports wagering account ID and username (if different);

(b) The information indicated in subsection (2) of this section to register an account holder and create the account;

(c) The date and method of identity verification:
1. Where applicable, the licensee shall maintain the document number of the government-issued identification credential examined and its date of expiration.

2. If a government-issued identification credential is not required for registration, the electronic record that details the process used to confirm the account holder's identity shall be recorded.

(d) The date of account holder agreement to the terms and conditions and privacy policies;

(e) Previous sports wagering accounts, if any, and reason for de-activation;

(f) The date and method from which the sports wagering account was registered;

(g) The date and time a sports wagering account is accessed by any person;

(h) The IP address at which a sports wagering account is accessed by any person;

(i) A history of financial transactions, including deposits, withdrawals, and account adjustments;

(j) Account details and current balance, including any incentive credits. All restricted wagering credits and unrestricted funds that have a possible expiration shall be maintained separately; and

(k) The current status of the sports wagering account (e.g., active, dormant, closed, suspended, excluded).

(6) The following information maintained as part of the electronic patron file shall be stored in encrypted form:
(a) The account holder's government identification number, or portion(s) thereof;

(b) The account holder's previous and current password(s), PIN(s), or other authentication credential(s); and

(c) The account holder's previous and current debit instrument number(s), credit or debit card number(s), bank account number(s) or other personal financial information.

(7) A licensee may allow the account holder to update authentication credentials, registration information and the account used for financial transactions. A multi-factor authentication process shall be employed for these purposes.

Section 2. Age and Identity Verification. The licensee shall comply with KRS 230.805. The licensee shall also adopt commercially and technologically reasonable policies and procedures to verify and authenticate the age and identity of each account holder.

(1) Only eligible persons may create a sports wagering account, deposit funds, or participate in sports wagering. The licensee shall make commercially and technologically reasonable efforts to deny the ability to create a sports wagering account, deposit funds, or participate in sports wagering to any prohibited patron. This section shall not be construed to prevent a restricted patron from creating a sports wagering account and depositing funds into such an account even if they are prohibited from placing certain wagers.

(2) At the time of account establishment, the licensee shall employ electronic verification with respect to the following:
(a) All information required by KRS 230.805, and

(b) Each account holder's government identification number or portion(s) thereof.

(3) The electronic verification information shall be verified by a commission-approved independent reference company, or through an alternative process approved by the commission.

(4) The following data shall be verified before account holders can initiate activity including deposits, withdrawals, and wagering:
(a) Items that require an exact match:
1. The account holder's last name;

2. The account holder's date of birth;

3. The account holder's government identification number, or portion(s) thereof.

(b) Items that permit flexible match for common interpretations of names and abbreviations used in the address fields,including the account holder's first name.

(5) Reasonable measures shall be taken to ensure the person providing identity information is truly the owner of the identity before an account holder can initiate any activity including deposits, withdrawals, and wagering. One (1) of the following methods, or another method approved by the racing commission, is required:
(a) Correctly answer three dynamic knowledge-based questions compiled from public and private data such as public records, credit reports, marketing data and other recorded facts;

(b) Verification that the account holder's phone number or e-mail address match the information provided by the account holder; or

(c) Valid government issued identification credential.

(6) The licensee may refuse to establish an account if it is found that any of the information supplied is false or incomplete or for any other reason the licensee deems sufficient.

(7) A licensee shall use commercially available and demonstrable standards to confirm that an individual attempting to create a sports wagering account is not prohibited from placing a wager.

(8) A licensee shall periodically re-verify an account holder's identification upon reasonable suspicion that the account holder's identification has been compromised.

Section 3. Limitation to One (1) Account per Account Holder. A Licensee shall use all commercially and technologically reasonable means to ensure that each individual is limited to one (1) sports wagering account with that licensee in the Commonwealth.

(1) The licensee shall implement procedures to terminate all accounts of any account holder that establishes or seeks to establish more than one (1) username or more than one (1) account, whether directly or by use of another person as proxy.

(2) Such procedures may allow an account holder that establishes or seeks to establish more than one (1) username or more than one (1) account to retain one (1) account provided that the licensee investigates and makes a good-faith determination that the account holder's conduct was not intended to obtain a competitive advantage.

(3) This section shall not be construed to prevent an individual from holding other sports wagering accounts in other jurisdictions.

(4) If an operator licensee has contracted with multiple service provider licensees to offer mobile sports wagering on its behalf, individuals may have one (1) sports wagering account with each service provider licensee offering mobile sports wagering.

Section 4. Terms and Conditions and Privacy Policies for Sports Wagering Accounts. All terms and conditions and privacy policies for sports wagering accounts shall be included in the internal controls of the licensee and shall be readily accessible to the account holder before and after registration and noticed when materially updated.

(1) All terms and conditions for sports wagering accounts shall address all aspects of the licensee, including:
(a) A statement that only individuals located in the authorized geographic boundaries within the Commonwealth of Kentucky can participate in sports wagering;

(b) A statement that prohibited patrons are prohibited from participating in sports wagering;

(c) Advice to the account holder to keep their authentication credentials (e.g., password and username) secure;

(d) All processes for dealing with lost authentication credentials, forced password changes, password strength and other related items as required by the racing commission;

(e) Full explanation of all rules applicable to dormant sports wagering accounts, including the conditions under which an account is declared dormant and what actions will be undertaken on the account once this declaration is made;

(f) Actions that will be taken on the account holder's pending wagers placed prior to any exclusion or suspension, including the return of all wagers, or settling all wagers, as appropriate;

(g) Information about timeframes and limits regarding deposits to and withdrawals from sports wagering accounts, including a clear and concise explanation of all fees, if applicable; and

(h) Statements indicating that the licensee has the right to:
1. Refuse to establish a sports wagering account for what it deems good and sufficient reason;

2. Refuse deposits to or withdrawals from sports wagering accounts for what it deems good and sufficient reason; and

3. Unless there is a pending investigation or dispute, suspend or close any sports wagering account at any time pursuant to the terms and conditions between the licensee and the account holder.

(2) All privacy policies for sports wagering accounts shall address all aspects of the personally identifiable information protection, including:
(a) The personally identifiable information required to be collected;

(b) The purpose and legal basis for personally identifiable information collection and of every processing activity for which consent is being sought;

(c) The period in which the personally identifiable information is stored, or, if no period can be possibly set, the criteria used to set this;

(d) The conditions under which personally identifiable information may be disclosed;

(e) An affirmation that measures are in place to prevent the unauthorized or unnecessary disclosure of the personally identifiable information; and

(f) The identity and contact details on the licensee who is seeking the consent.

Section 5. Account Access.

(1) The sports wagering system shall use authentication credentials, such as a username (or similar) and a password or a secure alternative means to assure that only the account holder has access to the sports wagering account. Allowable authentication credentials are subject to the discretion of the racing commission as necessary. The requirement does not prohibit the option for more than one (1) method of authentication being available for an account holder to access their account.

(2) If the sports wagering system does not recognize the authentication credentials when entered, an explanatory message shall be displayed to the account holder which prompts the account holder to try again. The error message shall be the same regardless of which authentication credential is incorrect.

(3) Account holders shall be given the option to use a multi-factor authentication process when accessing their sports wagering account. In addition, a multi-factor authentication shall be employed for the retrieval or reset of an account holder's forgotten or lost authentication credentials.

(4) Current account balance information, such as any restricted wagering credits and unrestricted funds, and transaction options shall be available to the account holder once authenticated. All restricted wagering credits and unrestricted funds that have a possible expiration shall be indicated separately.

(5) The sports wagering system shall support a mechanism that allows for an account to be locked if suspicious activity is detected, such as three (3) consecutive failed access attempts in a thirty (30) minute period. A multi-factor authentication process shall be employed for the account to be unlocked.

Section 6. Financial Transactions.

(1) Licensees shall provide the account holder written confirmation or denial of every financial transaction initiated on sports wagering accounts, including:
(a) The type of transaction (deposit or withdrawal);

(b) The transaction value; and

(c) For denied transactions, a descriptive message, if appropriate and available, as to why the transaction did not complete as initiated.

(2) A sports wagering account may be funded using acceptable form of payment or advance deposit method which shall produce a sufficient audit trail for verification of the source of the wagers.
(a) Payment or advance deposit methods for funding sports wagering accounts may be funded by forms or methods approved by the racing commission including:
1. All forms of payment authorized in KRS 230.805;

2. Cash equivalents converted to cash;

3. Electronic funds transfers (EFTs), such as automated clearing house and other electronic methods;

4. Promotional or bonus credit;

5. Winnings;

6. Adjustments made by the licensee with documented notification to the account holder; and

7. Any other form of payment authorized by the commission.

(b) The sports wagering account shall be credited for any deposit in accordance with the internal controls as submitted by the licensee and approved by the racing commission.

(c) For credit or debit cards, and EFTs, the account holder may be liable for any charges imposed by the transmitting or receiving licensee and the charges may be deducted from the account holder's sports wagering account.

(3) Where financial transactions are conducted through EFT, the licensee shall have security measures and controls to prevent EFT fraud. A failed EFT attempt is not considered fraudulent if the account holder has successfully performed an EFT on a previous occasion with no outstanding chargebacks. Otherwise, the licensee shall do the following:
(a) Temporarily block the account holder's sports wagering account for investigation of fraud after five (5) consecutive failed EFT attempts within a ten (10) minute period. If there is no evidence of fraud, the block may be vacated; and

(b) Suspend the account holder's sports wagering account after five (5) additional consecutive failed EFT attempts within a ten (10) minute period.

(4) An account holder shall be allowed to withdraw the funds maintained in their sports wagering account, whether the account is open or closed, except as otherwise provided in these regulations, or any other applicable state or federal laws.
(a) A licensee shall employ a mechanism that can detect and prevent any withdrawal activity initiated by an account holder that would result in a negative balance of the sports wagering account.

(b) A licensee shall not allow a sports wagering account to be overdrawn unless caused by payment processing issues outside the control of the licensee.

(c) A licensee shall honor the account holder's request to withdraw funds within five (5) business days after the request, unless the conditions established in paragraph (d) of this subsection are met.

(d) The licensee may decline to honor an account holder's request to withdraw funds only if the licensee believes in good faith that the account holder engaged in either fraudulent conduct or other conduct that would put the licensee in violation of the act and these regulations. In such cases, the licensee shall do the following:
1. Suspend the account holder's sports wagering account and provide notice to the account holder; and

2. Conduct its investigation in a reasonable and expedient fashion, providing the account holder additional written notice of the status of the sports wagering account every 10th business day starting from the day the original notice was provided to the account holder.

(e) For purposes of this subsection, a request for withdrawal is considered honored if it is processed by the licensee notwithstanding a delay by a payment processor, credit or debit card issuer, or the custodian of a financial account.

(5) All adjustments to sports wagering accounts for amounts of $500 or less shall be periodically reviewed by supervisory personnel as established in the licensee's internal controls. All other adjustments shall be authorized by an authorized supervisory personnel of the licensee before being entered.

Section 7. Account Information. Upon request of the account holder, the licensee shall provide a statement detailing account activity for the past year, including wagers, deposit amounts, withdrawal amounts, and bonus or promotion information.

Section 8. Patron-Imposed Limits. A licensee shall allow an account holder to limit the amount of money that may be deposited into an account and spent through an account.

(1) A deposit limit shall be offered on a daily, weekly and monthly basis and shall specify the maximum amount of money an account holder may deposit into their sports wagering account during a particular period of time.

(2) A wager limit shall be offered on a daily, weekly and monthly basis and shall specify the maximum amount of account holder funds that may be put at risk during a particular period of time.

(3) Any decrease to these limits shall be effective immediately or at the point in time (e.g., next login, next day) that was clearly indicated to the account holder. Any increase to these limits shall become effective only after the time period of the previous limit (e.g., day, week, month, etc.) has expired and the account holder reaffirms the requested increase.

Section 9. Breaks from Wagering.

(1) A licensee shall enable an account holder to request a break from wagering for a period of time the account holder specifies, which shall not be less than seventy-two (72) hours, by submitting a request to the licensee through its Web site or mobile application.

(2) The licensee shall provide to an account holder who requests a break from wagering information concerning:
(a) Available resources addressing addiction and compulsive behavior;

(b) How to close an account and restrictions on opening a new account during the break;

(c) Requirements to reinstate an account at the end of the break;

(d) The ability to enroll in the voluntary self-exclusion program and a link to such site; and

(e) How the licensee addresses bonuses or promotions and account balances during and after the break, and when the account holder closes their sports wagering account.

Section 10. Suspension and Restoration of Sports Wagering Accounts.

(1) A sports wagering account may be placed into a suspended mode by the Licensee for any reason, not otherwise prohibited by state or federal law, at the sole discretion of the licensee.

(2) A sports wagering account shall be placed into a suspended mode by the licensee under any of the following conditions:
(a) When the account holder requests a break from wagering under subsection (1) of this section;

(b) When required by the racing commission;

(c) If the licensee determines it lacks sufficient information to verify the age and eligibility of the account holder;

(d) Upon a determination by a licensee that an account holder:
1. Has provided any false or misleading information in connection with the opening of the account or has engaged in collusion, cheating or other unlawful conduct;

2. Is barred from placing sports wagers in the Commonwealth of Kentucky; or

3. Is a prohibited patron; or

(e) When the licensee has evidence that indicates any of the following:
1. Illegal activity including providing any false or misleading information in connection with the opening of the account, or engaging in collusion, cheating, or other unlawful conduct;

2. A negative sports wagering account balance; or

3. A violation of the terms and conditions has taken place on an account holder's sports wagering account.

(3) When a sports wagering account is in a suspended mode, the licensee shall:
(a) Prevent the account holder from placing sports wagers;

(b) Prevent the account holder from depositing funds unless the account is suspended due to having a negative sports wagering account balance but only to the extent the sports wagering account balance is brought back to zero dollars;

(c) Prevent the account holder from withdrawing funds from their sports wagering account, unless the licensee acknowledges that the funds have cleared, and that the reason(s) for suspension would not prohibit a withdrawal;

(d) Prevent the account holder from making changes to their sports wagering account;

(e) Prevent the removal of the sports wagering account from the sports wagering system;

(f) Prominently display to the account holder that the sports wagering account is in a suspended mode, the restrictions placed on the sports wagering account, and any further course of action needed to remove the suspended mode; and

(g) Remove the account holder from any advertising or marketing distribution lists.

(4) A sports wagering account in a suspended mode may be restored for any of the following reasons:
(a) Upon completion of the break from wagering established by the account holder under subsection (1) of this section;

(b) If authorized by the racing commission;

(c) When the account holder is no longer a prohibited patron; or

(d) When the licensee has lifted the suspended status.

(5) If the sports wagering account is terminated in accordance with this section, any funds remaining in the sports wagering account shall be refunded to the account holder, provided that the licensee acknowledges that the funds have cleared, and that the reason(s) for termination would not prohibit a withdrawal.

Section 11. Account Closure.

(1) A sports wagering system shall provide a conspicuous and readily accessible method for an account holder to close their sports wagering account through the account management or similar page or through the licensee's customer support team.

(2) Upon closure, any funds remaining in the sports wagering account shall be refunded to the account holder, provided that the licensee acknowledges that the funds have cleared and no racing commission investigation regarding the funds is pending.

Section 12. Dormant Accounts. Any sports wagering account with no log-in activity for at least two (2) years may be closed by the licensee.

(1) Within two (2) weeks following the closure of an account due to inactivity, the licensee shall notify the account holder by both electronic mail and certified mail to his or her last-known physical address. The notification shall clearly inform the account holder of his or her right to withdraw the funds within a period of at least six (6) months following the account's closure date.

(2) The notification shall include the balance of funds due to the account holder and enumerate reasonable methods through which the account holder can request these funds. Such means shall include electronic transfer or check, but any include additional methods. In following the procedure provided by the licensee in this notice, the account holder shall be able to elect to withdraw these funds. The notification shall clearly state any processing fees that will be deducted from the account balance upon the disbursement of funds. Such processing fees shall be approved by the commission in internal controls if exceeding three (3) percent of the funds disbursed.

Section 13. Test Accounts. A licensee may establish test accounts to be used to test the various components and operation of a licensee pursuant to the internal controls, which shall address the following:

(1) The procedures for issuing funds used for testing, including the identification of who may issue the funds and the maximum amount of funds that may be issued;

(2) The procedures for assigning each test account for use by only one (1) individual, unless each user's activities are separately logged;

(3) The maintenance of a record for all test accounts, to include when they are active, to whom they are issued, and the employer of the individual to whom they are issued;

(4) The procedures for auditing testing activity by the licensee to ensure the accountability of funds used for testing and proper adjustments to adjusted gross revenue; and

(5) The procedures for authorizing and auditing out-of-state test activity.

STATUTORY AUTHORITY: KRS 230.260(16), 230.361(2), 230.805

Disclaimer: These regulations may not be the most recent version. Kentucky may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.