Are We Really Protected?
Holding White Hat Gaming To Account
Following the inquest into the death of Ellen Mulvey, who continued gambling through unlicensed operators after self-excluding via Gamstop, the Gambling Commission stated that licensed operators are subject to a ‘robust regulatory framework’ designed to identify gambling-related harm and protect consumers, implying that meaningful safeguards exist within the licensed UK market.
If operators are required to identify gambling-related harm and take appropriate action to protect consumers, why do failures in self-exclusion, behavioural monitoring, and AML safeguards continue to occur at White Hat Gaming?
This website serves as an open letter to Sarah Gardner, Acting Chief Executive Officer of the Gambling Commission, asking what is meant by a ‘robust regulatory framework’ when documented and evidence-based failures in self-exclusion, behavioural monitoring, safer gambling interaction, and AML safeguards continue to arise within the licensed UK gambling sector.
Uncovering Gaps in Player Protection
NotSoWhiteHatGaming.com highlights documented failures in affordability checks, AML controls, self-exclusion accessibility, and behavioural monitoring at Casilando.com operated by White Hat Gaming
CEO & Chief Legal & Compliance Officer on Notice
Phil Gelvan CEO & Paul Arnold CLCO
5
Regulatory Concerns Raised
Gambling Commission
"robust regulatory framework" in place requiring licensed operators to identify signs of gambling-related harm and to take appropriate action to protect consumers.
Buried Self-Exclusion Controls
Casilando.com Live Chat Transcripts
Operated by White Hat Gaming under licence from the UK Gambling Commission
Live Chat Dated 23/03/2026
(05:10) Mason: (Senior Support Agent)
I will raise this with our Safer Gambling team so that we make it that you are able to set a self-exclusion on your end. However, in the meantime I would advise that should you wish to set a self-exclusion, kindly join us on live support and we will have it applied.
(05:12) CUSTOMER:
At present, there is no self-exclusion option available for users to activate directly within their account, and it must be applied via support. Please confirm that this is correct.
(05:12) Mason: (Senior Support Agent)
Yes, this is correct.
(05:22) Mason: (Senior Support Agent)
Secondly, it was an error on my part to have confirmed that the user can apply a self-exclusion and after going through the interface on my end, and read the policy states that the user can join customer support to request a self-exclusion.
Live chat Dated 13/04/2026
(05:48) CUSTOMER:
however within my account interface under responsible gambling, there is no self-exclusion option available, only limits and time-out.
(06:40) Mason: (Senior Support Agent)
I can confirm that a self-exclusion can be applied via the interface, to my knowledge I haven't seen the instance that you're providing right now.
Weak Affordability Checks
Casilando.com allowed an unemployed single mother to deposit and spend £3,660 in less than 16 hours without safeguards being triggered.
Limited AML Oversight
Casilando.com allowed a customer to deposit over £3,500 in 10 days using a third-party card without anti-money laundering controls being triggered, highlighting critical gaps in AML enforcement and monitoring.
Critically, technology capable of detecting mismatches between the account-holder name and the payment-card holder is already widely available and used by many operators to decline deposits before transactions are completed. Why, then, does a so-called ‘state-of-the-art platform’ not utilise this technology?
Insufficient Behavioural Monitoring
24/02/2026 14:36 -£10
25/02/2026 15:24 -£20
25/02/2026 15:32 -£20
25/02/2026 15:50 -£20
25/02/2026 15:57 -£50
25/02/2026 16:18 -£300
25/02/2026 16:35 -£500
25/02/2026 17:09 -£500
25/02/2026 17:14 -£750
26/02/2026 00:07 -£750
26/02/2026 06:43 -£750
Casilado.com allowed rapidly escalating deposits totalling £3,660 in less than 16 hours without safeguards being triggered.
