Notifications
Clear all
Topic starter
22/06/2026 10:23 am
TL;DR: Bonus abuse now accounts for 63.8% of all fraud in iGaming, and European operators are losing an estimated 10 to 20 percent of marketing turnover to it as multi-accounting, mule activity, account purchase, and AI-assisted deception scale, according to Sumsub. The real failure is assuming bonus controls can stay commercial while the fraud model has become a lifecycle and identity problem.
NHIMG editorial — based on content published by Sumsub: bonus abuse in iGaming and how to prevent it across the player lifecycle
By the numbers:
- Bonus abuse now accounts for 63.8% of all fraud in iGaming.
- European operators are losing somewhere between 10 and 20 percent of marketing turnover to it.
- The UK's 10x wagering cap, in force from January 19, 2026, removes one older defense against bonus abuse.
Questions worth separating out
Q: How should operators detect bonus abuse without blocking real players?
A: Start by combining device intelligence, behavioural scoring, and account-link analysis rather than relying on a single KYC result.
Q: Why does bonus abuse become harder to stop when fraud is organised?
A: Organised fraud turns one-off abuse into a repeatable network.
Q: What do operators get wrong about KYC and bonus fraud?
A: They often treat KYC as the finish line when it is only the start of identity assurance.
Practitioner guidance
- Correlate player identity across the full lifecycle Link registration, gameplay, device, payment, and withdrawal events into one player risk view so the same actor cannot appear clean at each stage.
- Use device intelligence as an identity signal Treat device fingerprinting, IP reputation, and proxy detection as identity evidence, not just security telemetry.
- Add duplicate-account and network detection Flag shared device traits, payment instruments, referral patterns, and behavioural similarity before the bonus is monetised.
What's in the full article
Sumsub's full guide covers the operational detail this post intentionally leaves for the source:
- Step-by-step examples of the main bonus abuse patterns, including multi-accounting, gnoming, affiliate fraud, and account purchase.
- Detection workflow detail for combining device intelligence, liveness checks, duplicate-account checks, and dynamic risk scoring.
- Practical guidance on balancing wagering requirements against conversion without creating avoidable friction for legitimate players.
- Commentary from regulators and industry groups on how the abuse landscape is changing across major markets.
👉 Read Sumsub's guide to preventing bonus abuse across the player lifecycle →
Bonus abuse in iGaming: what fraud teams need to change?
Explore further
22/06/2026 11:16 am
Bonus abuse is no longer a promotions problem, it is an identity governance problem. The article shows that the same fraud ring can move from sign-up to payout using multiple identities, devices, and payment paths. That pattern looks commercial on the surface, but it is really lifecycle abuse across a player identity estate. The implication is that fraud control has to be governed like identity risk, not just converted into campaign rules.
A few things that frame the scale:
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to Ultimate Guide to NHIs.
- Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them, according to Ultimate Guide to NHIs.
A question worth separating out:
Q: Who is accountable when bonus abuse drives marketing losses?
A: Accountability sits with the operator’s fraud, compliance, and product teams together because the abuse touches promotion design, onboarding, and payout controls. The practical framework is to treat bonus abuse as a governed identity risk. That means shared ownership for detection thresholds, escalation paths, and exception handling across the player journey.
👉 Read our full editorial: Bonus abuse in iGaming is now a fraud programme problem
