David Rebuck, former New Jersey Assistant Attorney General and director, New Jersey Division of Gaming Enforcement (DGE), on how US state and tribal gaming regulators should move forward.
Over the past several years, US state and tribal gaming regulators have accomplished something remarkable.
In just a few years, they have built legal sports betting and iGaming markets that are world-leading. They have protected consumers, generated meaningful public revenue, and replaced large portions of the illegal market with regulated alternatives that are transparent and accountable.
But at this moment of success, new challenges are emerging.
Across the policy landscape, the effectiveness of state regulation is being actively tested. Federal proposals like the SAFE Bet Act reflect a growing narrative that state frameworks may be insufficient to address the risks of digital gaming.
At the same time, new online entrants, such as social and sweepstakes gaming and prediction markets, are advancing arguments that they fall outside traditional state regulatory authority altogether, including claims that core compliance tools, such as geolocation, are not necessary or feasible.
Taken together, these developments represent more than policy debates. They are a direct challenge to the state-based model that has governed gaming in the United States for decades.
As a former regulator, I believe the most effective response is not rhetorical. It is demonstrable.
States have proven that new markets can be launched, now regulators must continue to prove that they can be sustained with the same level of rigor in the face of rapidly evolving risks.
The next phase of regulation: continuous vigilance
Regulation is not a static exercise. It is a living system that must evolve alongside technology, consumer behavior, and acts by bad actors and criminals.
The threats facing regulated gaming markets today are fundamentally different than they were even a few years ago. Advances in artificial intelligence are accelerating fraud capabilities. Sophisticated actors are testing the seams and vulnerabilities of technology and compliance systems. And the lines between legal and unregulated markets are increasingly blurred.
Against this backdrop, maintaining high standards is not enough. State and tribal regulators must also continuously test whether those standards are being met in practice.
Independent testing, ongoing audits, and real-world validation of compliance systems should not be viewed as burdens, they are essential tools for ensuring that regulatory frameworks function as intended.
This is particularly true in areas that form the backbone of modern digital gaming oversight: identity verification, fraud prevention, cybersecurity defenses, responsible gaming safeguards, anti-money laundering (AML) and suspicious activity monitoring, game integrity protections and location compliance.
These are not check-the-box requirements. They are the foundation of consumer protection and gaming integrity. They are also the very controls that distinguish regulated markets from unregulated ones, reinforcing the role of states as the primary regulators of gaming. It is exactly why claims that such safeguards are optional should be met with scrutiny.
The risk of gradual erosion
One of the less visible risks in any mature regulatory market is not an abrupt failure, but a gradual erosion.
As markets grow and competition among operators and technology compliance vendors increases, there can be subtle pressure to loosen interpretations of existing standards. Over time, expectations that were once clear can become inconsistently applied or enforced.
This is not a critique of any one operator, testing laboratory, vendor or regulator. It is a natural dynamic in growing markets.
But it is precisely why vigilance matters.
Even small gaps—whether in geolocation, KYC/AML, transaction monitoring, or fraud prevention—can be exploited at scale in digital environments. For consumers, this can mean increased exposure to fraud or harm.
For state and tribal regulators, it can mean diminished confidence in the effectiveness of oversight. And for the industry as a whole, it can threaten the credibility that has been so carefully built.
Maintaining high standards requires more than setting them. It requires continuously updating, testing and enforcing them.
Balancing strength and sustainability
None of this suggests that more regulation is always better.
Overly burdensome requirements can drive consumers back to unregulated markets. That is a risk regulators understand well.
The goal is balance: strong, enforceable protections that support a safe and competitive legal market and implements effective risk reduction standards.
But that balance depends on visibility. State and tribal regulators must know what is working, what is not, and where gaps and vulnerabilities may be emerging. That insight only comes through active oversight and enforcement.
The path forward
The foundation of legal gaming in the United States has always been trust. Trust from consumers, from policymakers, and from the public.
That trust is not self-sustaining. It must be reinforced through action.
For state and tribal regulators, that means leaning into the same tools that ensure accountability:
● Regular and independent testing of compliance systems.
● Clear and consistent enforcement of existing standards.
● Ongoing evaluation of emerging risks, testing methods, including AI-driven fraud, known and emerging threats, and evolving consumer behaviours.
● Open dialogue with industry stakeholders, technology providers, and public interest groups.
For industry participants, it means embracing these efforts as essential to the long-term viability of the market and their sustainability.
The past several years have demonstrated what state regulators can build. The years ahead will determine what they can sustain.