Home About Blog News Services Contact
Telegram WhatsApp Instagram

Compliance · 2026

India iGaming Compliance 2026: A Marketer's Guide

By Jagdish J Updated May 2026 ~12 min read

Most India iGaming brands run into compliance trouble in one of three ways: a Meta or Google ad account gets banned and the team does not know how to recover, a state-level regulator notice arrives because the platform was marketing in a state where it should not have been, or an influencer campaign attracts ASCI attention because the disclosure was sloppy. None of these are catastrophic if handled correctly. All of them are expensive if handled badly.

This is a marketer-side primer on the compliance landscape that actually shapes how India iGaming brands operate in 2026. State-by-state legality, ASCI rules for ads and influencers, GST implications for bonus economics, KYC and PMLA, DLT for SMS and BSP for WhatsApp, and the Meta and Google policies that determine which brands can scale paid media without losing accounts every quarter.

This article is operator guidance, not legal advice. The compliance landscape changes, and specific brand circumstances always need legal counsel familiar with India gaming law. What follows is the framework we use day-to-day when running marketing for India iGaming brands. Use it to ask better questions, not to replace lawyers.

State-by-State Legality: The Foundation Everything Else Sits On

India does not have a single national gambling law. The Public Gambling Act of 1867 (yes, that 1867) is the colonial-era baseline, and each state has its own legislation layered on top. The result is that the same iGaming product can be legal in Maharashtra and illegal in Tamil Nadu, with state-by-state differences that any operator marketing in India needs to map before campaigns go live.

The skill-versus-chance distinction

Indian courts have consistently distinguished "games of skill" from "games of chance." Games of skill (where outcome is materially influenced by player decisions) are generally permitted under the Public Gambling Act and most state laws. Games of chance (purely random outcomes) are generally restricted except in specifically licensed jurisdictions.

What courts have ruled as skill-based in various cases: fantasy sports (Dream11 cases in multiple state courts), rummy (Supreme Court ruling), and horse racing wagering (Supreme Court ruling). What is generally treated as chance: pure casino slots, roulette, and lottery-style products. The legal classification of poker and certain card games has gone different directions in different states.

States with explicit restrictions

States that have specifically restricted online real-money gaming through state laws, court rulings, or both: Tamil Nadu (Online Gaming Prohibition Act 2022, contested in court), Andhra Pradesh, Telangana, and Karnataka (with various carve-outs and ongoing legal challenges). Some restrictions have been struck down in court; others remain in force. The legal landscape moves quarterly.

What this means for marketing

State-level compliance is not optional. Brands marketing in India need to either operate uniformly across all states with the most restrictive interpretation, or geo-target campaigns to only states where their product is legal. Most serious operators do the latter, which means Meta and Google campaigns are state-targeted (not just India-targeted), creative is reviewed for state-specific content, and CRM systems flag and exclude users from restricted states. Sloppiness here is the single biggest legal exposure for an India iGaming brand.

ASCI Rules for Ads and Influencers

ASCI (Advertising Standards Council of India) is the self-regulatory body governing advertising standards. ASCI codes are not laws, but ASCI complaints get publicised, the press picks up violations, and increasingly regulators reference ASCI determinations. For practical purposes, ASCI compliance is mandatory for any serious brand.

The key ASCI provisions for iGaming advertising:

  • Risk disclaimers — every ad must carry a clearly visible disclaimer about financial risk. The exact wording requirements have tightened in 2025 updates
  • No targeting users under 18 — applies to creative content and platform targeting; brands must demonstrably restrict ad delivery to verified adults
  • No misleading skill claims — products that are predominantly chance-based cannot be marketed as skill-based
  • No guarantees of returns — language like "guaranteed wins" or "easy money" is prohibited; bonus framing must be accurate and conditional
  • Influencer disclosure — #ad or #paidpartnership labels are mandatory in the first 3 lines of caption, plus the platform's native paid-partnership tag
  • Responsible gambling language — clear references to responsible play and helpline information are increasingly expected

ASCI complaints can be filed by competitors, consumer groups, or any individual. The process is faster than litigation and the publicity damage of an upheld complaint often exceeds the regulatory penalty. We run all creative through ASCI compliance review before launch.

GST and Bonus Economics

The 2023 GST Council decision applied 28 percent GST on the full face value of online gaming bets, not just on platform revenue or gross gaming revenue. This took effect October 2023 and changed the unit economics of every India iGaming brand significantly.

What this means for marketing math: a player who deposits INR 1,000 and bets it all generates INR 280 in GST liability for the operator. The bonus offers brands ran in 2022 at 100 percent welcome bonus up to INR 5,000 are no longer the same product in 2026 — the post-GST take rate makes that level of bonus aggression unprofitable for most brands. Operators have repriced bonuses, restructured wagering requirements, and shifted toward retention economics rather than aggressive acquisition bonuses.

The legal challenges to the 28 percent rule continue in various forums. The rate could change. Until it does, marketing budgets and CPFTD targets need to factor it in. A brand running campaigns at INR 1,200 CPFTD with a 30 percent average gross margin pre-GST might be at break-even or worse post-GST depending on bet structure. Marketing optimisation that ignores GST is optimising for the wrong number.

KYC, AML, and PMLA

KYC requirements for India iGaming operators have tightened steadily since 2022. The current baseline practice across serious platforms:

  • Light KYC at registration — name, phone number with OTP verification, basic age confirmation
  • Full KYC before first withdrawal — Aadhaar or PAN verification, address proof, occasionally video KYC for higher-deposit accounts
  • Enhanced due diligence for high-value accounts — players depositing above PMLA threshold amounts get additional verification, source-of-funds checks where applicable
  • Ongoing monitoring — unusual deposit patterns, multiple accounts from same device, suspicious withdrawal patterns trigger review

The marketing implication: brands offering "instant deposit, instant play" with no KYC barriers are taking compliance risk that catches up. The brands that have integrated KYC into onboarding intelligently (light at registration, full only when needed) preserve conversion while staying compliant.

Meta Ads Policy for iGaming in India

Meta requires operators to be approved as authorised gambling and gaming advertisers. The certification workflow includes verification of operating jurisdiction, business documentation, and ongoing compliance with Meta's commerce policies. Brands that try to run iGaming creative without certification get accounts banned within weeks.

Even certified accounts operate under specific creative and targeting restrictions in India:

  • Geo-targeting restrictions — Meta enforces state-level targeting controls; ads cannot be served in states where iGaming is restricted
  • Age targeting — minimum 18 (often 21 or 25 in some categories), with ongoing audits of audience demographics
  • Creative restrictions — no explicit guaranteed-return claims, no aggressive bonus-numbers-as-hooks, no targeting that could reach minors via interest signals
  • Landing page policy — destination URLs must have visible age gates, responsible gaming messaging, and KYC disclosures

Account-recovery protocol after a ban: appeal through Meta's certified-advertiser support channel, document compliance corrections, and have backup Business Manager accounts ready to take over campaign delivery while the primary is in appeal. Brands running iGaming on Meta without backup accounts are one ban away from a 2-week dark window. Detail in our Meta Ads for iGaming India guide.

Google Ads Policy for iGaming in India

Google's gambling and games policy requires per-country certification. For India, the workflow is similar to Meta but with separate verification steps for each ad format (Search, Display, Performance Max, YouTube). Some product categories have additional restrictions even within certified accounts.

What gets accounts banned on Google for iGaming in India: targeting restricted states, sending traffic to non-compliant landing pages, using creative that misrepresents the product (chance products marketed as skill, for example), and failing to maintain the required age-gate and responsible-gambling infrastructure on destination URLs.

YouTube specifically has additional creative restrictions for iGaming because of its broad audience. Long-form influencer content featuring betting brands needs compliance review at the creator and platform level. Detail in our Google Ads service.

DLT, BSP, and Messaging Compliance

SMS in India runs through DLT (Distributed Ledger Technology) registration with TRAI. Every sender header registered, every template pre-approved, every consent capture logged in an auditable trail. The DLT framework is strict and the penalties for non-compliance include sender blacklisting that affects future deliverability across the operator network.

WhatsApp Business API messages route through Meta-approved Business Service Providers (BSPs) rather than DLT, but follow similar logic: pre-approved templates, opted-in recipients, audit-trail consent. Grey-tool WhatsApp senders that simulate WhatsApp Web at scale violate Meta's policy and get the underlying phone numbers banned permanently.

Email is less strictly regulated but still subject to IT Act provisions on unsolicited commercial communication. Sending bulk promotional email without opt-in or with deceptive subject lines is legally exposed regardless of whether enforcement has caught up.

Our WhatsApp and SMS marketing service handles DLT registration, BSP onboarding, template approvals, and audit-trail consent capture as part of the engagement.

Data Protection: DPDP Act 2023

The Digital Personal Data Protection Act 2023 introduced India's first comprehensive data protection framework. Operators handling player data must comply with consent collection, data minimisation, purpose limitation, breach notification, and data subject rights provisions. Phased enforcement is rolling out through 2025-2026.

What this affects in marketing operations: opt-in capture flows need explicit consent for marketing communication separate from operational communication, third-party data sharing (with affiliates, CRM vendors, analytics providers) needs clear disclosure, and data subjects have rights to deletion that need workable internal processes. Brands that built CRM databases pre-DPDP need to retrofit consent records.

Practical Marketing Compliance Checklist

The compliance work that actually needs to happen before campaigns go live:

  • Map states where the product is legal and configure geo-targeting on Meta, Google, and CRM accordingly
  • Get certified as authorised gambling advertiser on Meta and Google for India, with separate certification per ad format on Google
  • Review creative against ASCI guidelines: risk disclaimer, age targeting, no misleading skill claims, no guaranteed-return language
  • Confirm landing pages have visible age gate, responsible-gambling messaging, KYC and terms disclosure
  • Register DLT entity, sender headers, and SMS templates with TRAI before any bulk SMS sends
  • Onboard with a Meta-approved BSP for WhatsApp Business API; get marketing templates approved before launch
  • Build opt-in capture flow that satisfies DPDP consent standards
  • Set up backup Meta Business Manager accounts and warm them with non-iGaming spend before they are needed
  • Document the compliance trail so an ASCI complaint or regulatory inquiry can be answered with evidence rather than improvisation

How AdsTown Approaches Compliance for India iGaming Brands

Compliance is not a separate workstream from marketing for India iGaming brands. It is built into every campaign brief, creative approval, account structure, and reporting cadence. The pieces we handle as part of our engagements: ASCI creative review, Meta and Google certification support, DLT and BSP onboarding for messaging, opt-in capture design that meets DPDP standards, backup account warming, and the documentation trail that makes regulatory engagement workable.

The work scales with operator scale. A small brand running INR 5L monthly might handle compliance review internally with our framework. A brand spending INR 30L+ monthly across paid media usually needs dedicated compliance touch on every campaign. We size the engagement to the level of risk the operating budget creates.

FAQ

India iGaming Compliance 2026

No. India regulates gambling at the state level. Games of skill are permitted in most states under the longstanding skill-vs-chance legal distinction. Games of chance are largely prohibited except in licensed jurisdictions. States like Tamil Nadu, Andhra Pradesh, Telangana, and Karnataka have specifically restricted online real-money gaming. Operators need state-level compliance, not blanket India-wide compliance.
ASCI guidelines (2023, updated 2025) require visible disclaimers on financial risk, no targeting users under 18, no claims of guaranteed returns, no claims that misleadingly characterise gambling as skill-based, and clear paid-partnership labels on influencer content. ASCI is self-regulatory but ignoring guidelines has reputational and increasingly legal consequences.
Yes, with significant conditions. Both platforms require certification as authorised gambling and gaming advertisers, with country and state-level targeting restrictions. Both restrict creative content, prohibit targeting users under a minimum age, and audit accounts regularly. Restricted-market certification is a separate workflow most operators do not realise exists until their accounts get banned.
The 2023 GST Council decision applied 28 percent GST on the full face value of online gaming bets, not just on platform revenue. The change took effect October 2023 and significantly compressed operator margins. Marketers must factor GST into bonus structures and CPFTD economics. Legal challenges continue but the rate remains in force as of 2026.
Aadhaar or PAN-based KYC is standard practice and increasingly mandated by payment gateway providers. PMLA provisions apply to operators handling significant deposit volumes. Most operators run a 2-step KYC: light verification at registration, full Aadhaar/PAN verification before first withdrawal.
Yes, with different scope. SMS runs through DLT registration with TRAI: every sender header registered, every template pre-approved. WhatsApp Business API messages are not under DLT but fall under WhatsApp's own commerce and gambling policies plus standard consent requirements. Email is less strictly regulated but still subject to IT Act provisions.

Let's Talk

Want compliance-built-in marketing, not bolted-on?

ASCI review, Meta and Google certification support, DLT and BSP onboarding, DPDP-compliant opt-in flows, all built into the marketing engagement.

Let's Talk