Product Certification System
Product Certification System
eCOGRA’s Online Gambling Certification System uses product schemes that are classified as Type 1a schemes in accordance with ISO/IEC 17067:2013.
Online gambling products are certified against jurisdictional requirements based on a client’s request. Conformity assessments are conducted in accordance with ISO/IEC 17025:2017; ISO/IEC 17020:2012 and 17065:2012.
Online gambling products include, but are not limited to:
The relevant assessable certification standards
The certification system incorporates the requirements of:
eCOGRA is the owner of the certification system and controls all decisions on certifications. Certification agreements provide all the information to the client regarding the use of certificates.
Incorrect or fraudulent references to the certification system or the misleading use of certificates and other misleading mechanisms for indicating a product is certified, found in documentation or other publications, shall be dealt with by eCOGRA in a suitable manner.
Conformity assessment activities are undertaken impartially and structured and managed in a way to safeguard impartiality. eCOGRA ensures that all staff and committees that are involved in the conformity assessment activities are not exposed to commercial, financial, or other pressures that could compromise their objectivity and independence. To obtain and maintain independence, eCOGRA’s decisions are based on objective evidence of conformity (or nonconformity) obtained and its decisions are not influenced by other interests or by other parties.
eCOGRA ensures that potential liabilities/risks arising from its certification operations are mitigated and the amount of professional indemnity insurance cover reflects the risks associated with the services provided, which covers all geographic locations and all activities of eCOGRA’s operations. eCOGRA ensures that it has the financial stability and resources required for all its conformity assessment activities.
eCOGRA makes its services available to all applicants whose activities fall within the scope of eCOGRA’s operations. The policies and procedures under which eCOGRA operates, ensures that there is neither discrimination towards potential applicants nor an inhibition of access by potential clients.
eCOGRA, through legally enforceable agreements, has policies and arrangements to manage the confidentiality of all information obtained or created during the performance of conformity assessment activities at all levels of its organisation. eCOGRA informs the client, in advance, of the information it intends to place in the public domain. All other information, except for information that is made publicly accessible by the client, is considered as confidential and not shared. Information about a client that is obtained from sources other than the client, shall be treated as confidential.
eCOGRA maintains and provides all relevant information via online media platforms or upon request. Online platforms include the eCOGRA website and LinkedIn.
eCOGRA will review the effectiveness of the system on a periodic basis in order to confirm its validity and to identify aspects requiring improvement, considering feedback from stakeholders. The review will include provisions for ensuring that the system requirements are being applied in a consistent manner.
eCOGRA ensures that it has competent resources available to meet company, client and jurisdictional requirements. Competence is monitored on an ongoing basis.
All clients applying for certification services shall provide eCOGRA with the necessary information, including but not limited to:
eCOGRA conducts a review of the information obtained from the client submission to ensure that:
Based on the scope of the client’s certification needs, the client will be assigned a client relationship manager that will manage the certification activities. The client relationship manager will ensure that the work that needs to be conducted is assigned to competent staff.
The scope of certification is based on a combination of the client’s request and jurisdictional specific requirements. The client relationship manager ensures that the evaluation of the client’s product does not fall outside the agreed scope.
Once the evaluation process has been completed, an indepedent review of all the documentation, information and results is performed by senior management not involved in the evaluation process.
eCOGRA is responsible for and retains authority for its decisions relating to certification. The certification decision is decided by at least a single senior management member based on information, results, independent review and other relevant findings during the entire certification process. In some cases, the certification decision is assigned to multiple senior management members. All certification decisions are made by eCOGRA.
If eCOGRA decides to grant the certification, the client will be provided with a final certification report that provides information on the certification findings in accordance with the agreed upon scope. If eCOGRA decides not to grant the certification, it shall notify the client and provide the reasons for this decision.
eCOGRA will issue the client with a formal certificate in accordance with the following conditions:
eCOGRA maintains a directory of all certified products. This includes all working documents as well as the formal certificate of the certified product. The information retained includes, but is not limited to:
eCOGRA will make available the required documents to relevant parties upon request.
eCOGRA works in a dynamic and evolving industry and therefore requirements and standards are updated and changed often. In the case that International or jurisdictional requirements/standards/specifications are updated or changed, eCOGRA will communicate these updates and changes to all affected clients. eCOGRA will then verify the implementation of the changes by the client and shall act accordingly.
In cases where the client has initiated changes, eCOGRA will review, verify and take appropriate actions regarding the certification.
eCOGRA performs ‘point in time’ product certifications with records of digital signatures of critical software evaluated where applicable. Therefore eCOGRA would not ordinarily suspend certifications, but rather supersede them upon additional conformity assessment.
When a non-conformity with certification requirements is substantiated, eCOGRA will consider and decide upon appropriate action. This includes but is not limited to:
eCOGRA will supersede a certificate if the product has had a major update since the initial point in time conformity assessment. The product will go through the same full conformity assessment process and a new certificate will be issued which supersedes the previous certificate.
eCOGRA reserves the right to withdraw its certification if any non-conformities are subsequently detected by or reported to eCOGRA.
eCOGRA considers the professional handling of complaints, appeals and feedback from clients and staff to be very important.
Complaints about eCOGRA should be addressed via an email to the Chief Executive Officer of eCOGRA (firstname.lastname@example.org). If the complaint involves the Chief Executive Officer, then the complaint is to be addressed to the Board of Directors of eCOGRA (email@example.com).
Upon receipt of a complaint, eCOGRA will investigate the matter and deal with the complaint fairly and promptly.
The person or entity responsible for submitting the complaint will be kept informed of the results of the investigation and the outcome determined.
eCOGRA is responsible for all decisions at all levels of the complaints and appeals handling process. eCOGRA ensures that any submission, investigations, and decisions on appeals shall not result in any discriminatory actions against the organisation or individual making the appeal (appellant).
eCOGRA has established legally enforceable agreements for the provisions of conformity assessment activities it undertakes with its clients. The agreements cover all eCOGRA’s office sites and facilities, as well as all clients’ sites and facilities.
By completing and signing the certification agreement, the client agrees to fulfil the certification requirements which include but are not limited to: