Australian regulator set to decide fate of Picklebet

Dig Deeper

Related stories

2025/06/09: Australian regulator warns betting companies over self-exclusion breaches 2025/07/28: Australian regulator issues remedial direction to ReadyBet for targeting self-excluded players 2025/10/17: Australian media regulator blocks seven illegal online gambling sites 2025/07/30: Betfair fined over AU$871,000 by Australian regulator for gambling violations

The Backstory

Why Picklebet is under the microscope

Australia’s crackdown on gambling harm protections has intensified, and Picklebet now sits at the sharp end. The Australian Communications and Media Authority has investigated a cluster of wagering businesses over breaches tied to BetStop, the national self-exclusion register, after finding some operators allowed self-excluded people to open accounts or kept marketing to them. That probes-to-penalties progression has already played out for larger brands. The regulator has fined big names, issued remedial directions that force rapid operational fixes and, in notable cases, secured court-enforceable undertakings requiring independent audits. The pattern suggests Picklebet’s outcome will hinge on how quickly and credibly it can prove its customer verification, marketing and data-matching controls are airtight.

The BetStop regime is simple in concept and strict in practice: once a person self-excludes, all licensed wagering providers must close any related accounts and cease all direct marketing. Enforcement since 2023 has shown the regulator’s willingness to escalate when systems fall short, from formal warnings to six-figure penalties and multi-year oversight. The question for Picklebet is less about whether the rules apply than about the scale of any breach, the speed of remediation and whether the authority opts for a remedial direction, a fine, a court-enforceable undertaking or a combination.

Repeated failures on self-exclusion safeguards

The case against Picklebet does not stand alone. Earlier this year, the authority warned four betting companies for similar lapses involving BetStop. In that action, officials found that Buddybet, Ultrabet, Topbet and VicBet sent marketing material to self-excluded people, and Buddybet failed to close accounts for users who had registered with the national register. PointsBet was fined AU$500,000 in a related enforcement for failing to exclude self-excluded individuals from its platform, underscoring how data integration gaps or manual process errors can quickly carry financial and reputational costs.

The regulator’s message has been consistent: companies must build systems that respect a customer’s decision to self-exclude, or face consequences. The mandate covers account closures and all direct messaging, including texts, emails and app push notifications. Firms that pause marketing but do not promptly close accounts are still at risk for breaches. The agency has treated those delays as serious, even when no bets are placed during the self-exclusion period.

Escalating penalties point to rising stakes

Recent outcomes illustrate the scale of exposure for noncompliance. In one of the largest actions to date, Unibet’s parent, Betchoice Corporation, was fined AU$1,014,120 for more than 100,000 violations tied to 954 self-excluded customers. The breaches included accounts left open up to 190 days and the reuse of old accounts once self-exclusions expired. Alongside the fine, Unibet accepted a two-year court-enforceable undertaking mandating an independent review of systems and commitments to refund affected customers. That outcome shows the regulator’s focus on both forward-looking controls and remediation for past lapses.

Marketing to the wrong customers has also become a costly problem. Betfair paid an AU$871,660 penalty for sending promotional messages to VIPs without consent or an unsubscribe option, and must now undergo a two-year independent review with regular reporting. Separately, the authority has not hesitated to target high-profile operators for spam breaches. In June 2025, Tabcorp was fined AU$4 million for sending thousands of unlawful messages, a case referenced in the agency’s more recent action against ReadyBet. The clear direction of travel: marketing controls and self-exclusion enforcement are converging as core compliance tests, and VIP programs are drawing heightened scrutiny.

What effective remediation looks like

The authority has used remedial directions to force rapid improvements when failings are systemic but fixable. ReadyBet received such an order after investigators found it had sent 273 messages to self-excluded individuals and omitted BetStop promotion in 2,342 push notifications between August and December 2023. The direction requires ReadyBet to enable an external auditor to conduct a written audit within 30 days and to roll out staff training to prevent future breaches. The agency also flagged that noncompliance with the direction could lead to civil penalties, signaling that remedial measures are not leniency but a first step in a zero-tolerance framework.

For operators, the playbook is now familiar: automate BetStop matching with near-real-time checks, hard-block account creation and marketing delivery when a match is found, document consent rigorously, and keep suppression lists synchronized across all channels and vendors. Independent audits and staff training are becoming standard outcomes, not just for violators but as preemptive risk management. Where firms have implemented these controls after earlier warnings, enforcement has sometimes stopped short of monetary penalties. Where gaps persist, fines and undertakings follow.

Beyond licensed books: pressure on the gray and illegal fringe

The regulator’s campaign is not confined to licensed sportsbooks. It has continued to order network-level blocks on offshore gambling sites that breach the Interactive Gambling Act. In August, the agency directed internet providers to block seven additional operators, including Crown Gold, Malina Casino and Spins of Glory. Since the first blocking request in 2019, 1,338 illegal gambling and affiliate sites have been blocked and about 220 services have exited the Australian market. The authority argues that unauthorized platforms often lack responsible gambling protections entirely, exposing consumers to fraud and heightened financial harm.

This two-track strategy—tightening compliance among licensed operators while limiting access to illegal sites—seeks to narrow avenues for harmful play. For companies under investigation, it also removes a ready excuse: as enforcement pushes out noncompliant competitors, regulators will expect stronger compliance from those that remain licensed.

What to watch as the decision nears

Several outcomes are plausible for Picklebet, based on recent precedents. A remedial direction, like the one issued to ReadyBet, would force immediate audits and training with deadlines. A financial penalty could follow or arrive concurrently if breaches are deemed serious or prolonged. The agency could also seek a court-enforceable undertaking, as it did with Unibet, to lock in independent oversight for up to two years. In less severe cases, formal warnings have been used, but that has been the exception for repeat or systemic failures.

The stakes go beyond one operator. Each action reshapes the industry’s compliance baseline, raising expectations for identity verification, data hygiene and marketing governance. As penalties climb and audits become routine, the cost of lagging controls now rivals the cost of prevention. For Picklebet and its peers, the lesson from recent cases is clear: regulators are testing whether BetStop guardrails work in real time, and they are prepared to escalate when they do not.