ARTICLE
27 April 2026

India's Online Gaming Law Goes Live: Business Impact Breakdown

J
JSA

Contributor

JSA logo
JSA Advocates and Solicitors is a top-tier, full-service Indian law firm. Established in 1991, at the start of India’s economic liberalisation, the firm has built a strong reputation for handling complex and high-stakes legal and commercial matters. The firm is organised around specialist practice areas and industry sectors. It works closely with leading Indian corporates, Fortune 500 companies, global financial institutions, and government and statutory bodies on important corporate, financing, and disputes mandates. JSA has a team of over 700 legal professionals, including 180+ partners, and operates from 10 offices across seven cities in India: Ahmedabad, Bengaluru, Chennai, Gurugram, Hyderabad, Mumbai, and New Delhi. The firm is consistently recognised as a top-tier practice by leading international legal directories, including Chambers & Partners (Asia-Pacific and Global), Legal 500, and AsiaLaw.
Explore Firm Details
On April 22, 2026, the Ministry of Electronics and Information Technology (“MeitY”) notified the Promotion and Regulation of Online Gaming Act, 2025 (“PROGA”) and its underlying rules (“PROGA Rules”), constituted the Online Gaming Authority of India (“Gaming Authority”) and granted powers of investigation to the cyber cell officers to investigate offences under PROGA.
India Media, Telecoms, IT, Entertainment
Probir Roy Chowdhury and Rachana Rautray
Your Author LinkedIn Connections
Probir Roy Chowdhury’s articles from JSA are most popular:
  • within Media, Telecoms, IT and Entertainment topic(s)
  • with Senior Company Executives, HR and Inhouse Counsel
  • with readers working within the Technology, Oil & Gas and Law Firm industries

On April 22, 2026, the Ministry of Electronics and Information Technology (“MeitY”) notified the Promotion and Regulation of Online Gaming Act, 2025 (“PROGA”) and its underlying rules (“PROGA Rules”), constituted the Online Gaming Authority of India (“Gaming Authority”) and granted powers of investigation to the cyber cell officers to investigate offences under PROGA.

Notably, the PROGA Rules notified materially diverge from the draft rules released in 2025. This Prism maps key regulatory and compliance obligations that gaming businesses and industries associated closely with this sector, need to act on going forward.

Teeth of the Gaming Authority

The Gaming Authority has been constituted as an inter-ministerial body, drawing Joint Secretary-level representation from MeitY, finance, law and justice, information and broadcasting, youth affairs and sports. What warrants attention is that this is the second significant legislation in recent weeks to vest quasi-judicial powers in an executive body, i.e., the Gaming Authority can issue summons, inspect records, and issue binding directions. This continues a broader legislative pattern, visible also in other recent frameworks, of conferring on ministries and executive agencies powers that would ordinarily sit with statutory tribunals or courts.

The Gaming Authority is also empowered by the PROGA Rules to maintain and publish a list of online games determined as ‘online money game’, and a record of all online games determined and registered by it under PROGA, which may also be published.

Apart from this, the Gaming Authority may issue directions, guidelines and advisories to further the objectives of PROGA.

Business Impact: For businesses, this means regulatory engagement can no longer be siloed to a single ministry relationship. Gaming companies need Government affairs coverage across all 5 (five) represented ministries, because the risk of an adverse direction can originate from any of them. Additionally, and more urgently, the speed of enforcement under this framework means that internal compliance infrastructure needs to be built before an inquiry begins, not in response to one. A company that receives a notice under Rule 21 of the PROGA Rules and begins assembling its compliance records at that point is already behind.

A related concern is that of disclosure. Under Rule 6(1)(b) of the PROGA Rules, the Gaming Authority must maintain and publish a record of all determined and registered games. Under Rule 26 of the PROGA Rules, once a determination order is issued classifying a game as an online money game, its name and associated details are published on the Gaming Authority's website. The application for determination under Rule 23 of the PROGA Rules, meanwhile, requires operators to submit details of their revenue model, user safety features, gameplay mechanics, and technical architecture. The PROGA Rules treat information furnished to the Gaming Authority as confidential under Rule 6(3) of the PROGA Rules, but that protection applies to information submitted during proceedings, only. For operators with proprietary game mechanics or revenue structures, the line between regulatory disclosure and inadvertent public disclosure of commercially sensitive or IP-protected information is worth examining carefully before an application is filed.

Distinction between a ‘determination order’ vs. ‘mandate to register’

Section 8 (2) (a) of PROGA vests with the Gaming Authority the power to determine, (a) on receipt of an application from any person offering an online game; or (b) suo moto, whether a particular online game is an online money game. In furtherance of this power, the PROGA Rules clarify that, no determination is required, unless the Gaming Authority itself directs an online game service provider to have its games “determined” in accordance with Rule 10 of the PROGA Rules. Apart from this, a determination order may be required in case an online game is an e-sport, or if the Central Government, by notification requires an “online social game” to receive a determination order. The PROGA Rules further clarify that the risk of a determination order for an online social game will arise only for such games having regard to their nature, value and volume of transactions.

Seperately, PROGA envisaged registration of “e-sports” and “online social games” under Section 3 and 4 of PROGRA respectively. Pursuant to Rule 12 of the PROGA Rules, it has been clarified that an online game does not require registration, except in case of an e-sport (i.e., in line with PROGA) or for such games that the Central Government may by notification require registration.

Business Impact: At the outset, there is no requirement for most online social games to obtain a determination order or registration unless the game is to be offered as an e-sport or the Central Government notifies a category of games under Rule 12(1)(a) of the PROGA Rules. While this may appear to be a relaxation, the protection it offers is narrower than it looks.

Under Rule 8(1)(a) of the PROGA Rules, the Gaming Authority can suo motu direct any operator to submit its game for determination, without any application by the operator and without a Central Government notification having been issued. Once that door opens, Rule 10(1)(a) of the PROGA Rules requires the Gaming Authority to examine the game's technical architecture, gameplay mechanics, revenue model, and user interface, and allows it to seek expert or technical evaluation. Rule 6(5) of the PROGA Rules further allows the Gaming Authority to require any additional information it considers necessary from the operator or any person providing services to it.

The practical consequence, therefore, is that every operator of an online social game whether or not, registered or notified, is exposed to executive scrutiny of its payment flows, user base, and commercial structure at the Gaming Authority's discretion. The absence of a mandatory registration requirement does not mean the absence of regulatory risk. It means the risk is triggered by the Gaming Authority's assessment rather than by the operator's own filing.

Due diligence norms in relation to an online game

Rule 15 to Rule 19 of the PROGA Rules set out a slew of compliances that any participant in the gaming ecosystem may need to undertake. Operators are required to document evidence of the game's revenue model, technical architecture, user safety features, and grievance mechanism, all of which must be submission-ready at any point given the Gaming Authority's suo motu determination powers. Financial intermediaries are required to verify a determination order or registration certificate before processing any transaction. Advertisers and their agencies, that are "facilitating advertisements", are also required to verify the status of a gaming platform.

Rule 17 of the PROGA Rules also mandates a service provider to maintain all traffic data, metadata, and information regarding the location of a computer resource in accordance with, and per the timelines, subsequently prescribed by the Gaming Authority. A point of contact is also required to be appointed, akin to the requirements under the Indian Computer Emergency Response Team (CERT-In) Directions.

Business Impact: The PROGA Rules effectively impose a due diligence first operating model on every participant in the gaming ecosystem. Before any commercial engagement, whether processing a payment, placing an advertisement, or distributing a game, service providers must verify the regulatory status of the parties they are dealing with.

The burden is sharpest for operators who fall outside the mandatory registration regime, because the absence of a registration obligation does not mean the absence of regulatory exposure. An unregistered game that attracts suo motu determination proceeding faces the same scrutiny as a registered one, without the procedural preparation that a registration process would have prompted.

Regulating e-sports

To be offered as an e-sport, a game must first obtain recognition under the National Sports Governance Act, 2025 (“Sports Act”), i.e., a separate statute administered by the Ministry of Youth Affairs and Sports. Once approved, an e-sports can then apply to the Gaming Authority for determination and registration under Rule 12 and Rule 13 of the PROGA Rules. Critically, any game determined to be an online money game is categorically ineligible for e-sport status. Once registered, an e-sport certificate is valid for up to 10 (ten) years but is subject to cancellation if the underlying recognition under the Sports Act lapses or is withdrawn, if the game undergoes a material change that brings it closer to an online money game, or if the operator fails to comply with directions issued under PROGA.

Business Impact: For e-sports operators, the 2 (two) regulator structure is the defining operational challenge. Recognition and registration run sequentially across 2 (two) ministries with separate timelines, separate criteria, without a consolidated window. During the period pending recognition, these games exist in a gap. While it may not be an online money game it cannot yet be offered as an e-sport, leaving the operator with limited commercial options. Beyond launch, the ongoing condition that e-sport status survives only as long as Sports Act recognition remains valid creates a continuous compliance dependency that sits entirely outside the operator's control.

Conclusion

The gaming sector is under a reset, from operating largely without central regulatory architecture to one where every participant, from operators to payment processors to advertisers, carries a defined and enforceable compliance obligation. The framework is enforcement-first, and the Gaming Authority has been given the tools to move faster than most businesses are currently prepared for. The window between now and May 1, 2026 is narrow, but it is the most important compliance planning period the Indian gaming industry has faced. Those who treat this as a filing exercise are likely to be behind those that build their compliance infrastructure as a business function.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Probir Roy Chowdhury
Probir Roy Chowdhury
Photo of Rachana Rautray
Rachana Rautray
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More