Purple Color Circle - Gaming Associates is 35+ years of expertise in compliance, game testing, certification and global market services for the gaming industry.
Orange Color Circle - Gaming Associates is 35+ years of expertise in compliance, game testing, certification and global market services for the gaming industry.
Orange Color Trinagle - Gaming Associates is 35+ years of expertise in compliance, game testing, certification and global market services for the gaming industry.
Orange Color Trinagle - Gaming Associates is 35+ years of expertise in compliance, game testing, certification and global market services for the gaming industry.
Orange Border Color Trinagle - Gaming Associates is 35+ years of expertise in compliance, game testing, certification and global market services for the gaming industry.
Orange Border Color Trinagle - Gaming Associates is 35+ years of expertise in compliance, game testing, certification and global market services for the gaming industry.
Purple Color Circle - Gaming Associates is 35+ years of expertise in compliance, game testing, certification and global market services for the gaming industry.
Orange Color Circle - Gaming Associates is 35+ years of expertise in compliance, game testing, certification and global market services for the gaming industry.

The Biggest Gap in AI and Blockchain Compliance Isn’t What You Think

Compliance Isn't What You Think

Dr. Aftab Rizvi, CEO of Gaming Associates, sat down with Jenny Ortiz-Bolivar at AIBC Eurasia in Dubai to talk compliance, culture, and what the next decade of certification really looks like.

When you’re at a conference built around artificial intelligence, blockchain, and crypto, you expect the conversation to be about technology. Dr. Aftab Rizvi flipped that expectation within the first minute.

There is no gap in technology. The gap is in culture.

It’s a statement that stops you in your tracks, and it sets the tone for one of the most honest conversations about compliance and certification to come out of AIBC Eurasia.

Why Culture Is the Real Compliance Problem

The innovation happening in AI and blockchain right now is extraordinary. But according to Dr. Rizvi, the industry’s relationship with compliance hasn’t kept pace, not because the technology is too complex, but because the mindset hasn’t caught up.

Companies building in this space aren’t trained to think about compliance as part of the creation process. And at the same time, regulators are struggling to define requirements fast enough to keep up with what’s being built.

We are in an era where technology is changing every day. Regulators are far behind.

The result is a gap, not in capability, but in culture. Innovators are focused on building the next big thing. Regulators are focused on protecting people. And somewhere in the middle, compliance gets treated as someone else’s problem.

But as Dr. Rizvi put it simply: the reason regulators exist hasn’t changed, regardless of the technology involved.

The real reason why regulators do that is that they want to protect the vulnerable. And who is that vulnerable? That's us.

The Myth That Needs to Die

Ask a product team what they think of auditors and certifiers, and the answer is usually some version of the same thing, they slow things down. They’re blockers. They don’t get innovation.

Dr. Rizvi has heard it all before.

The biggest myth is that anybody who is testing you, auditing you, or certifying you is a showstopper.

The reality is the opposite. Independent testing bodies aren’t trying to kill innovation — they’re trying to protect it. Their job is to ask the uncomfortable questions before the product reaches the public, before the regulator gets involved, and before something goes wrong in the market.

Our role is to ask the hard questions before the product goes to public, before the regulator asks these questions.

The problem, as Dr. Rizvi acknowledged, is that compliance is almost always brought in at the end of the development process. By then, it’s genuinely difficult to course-correct. The earlier compliance thinking enters the room, the better the outcome for everyone.

Compliant Is Not the Same as Secure

This is where the conversation got particularly sharp.

There’s a widespread assumption in the industry that if a product is compliant, it must be secure. Dr. Rizvi pushed back on this directly, and clearly.

Compliance does not mean that the functionality is perfect. Compliance does not mean that it is perfectly secure. It means that it complies with the minimum set of requirements.

In fast-moving technology environments, compliance frameworks are often still being defined. Standards lag behind the technology they’re meant to govern. A product can tick every available compliance box and still carry real vulnerabilities — because the moment it goes live, things change.

"You comply once and the product is live, things will change tomorrow."

Security isn’t a certificate. It’s an ongoing commitment.

AI and Blockchain Are Changing How Testing Works

So what does compliance actually look like when the technology itself is constantly evolving?

For AI, the challenge is fundamental. Traditional testing worked because systems were deterministic, you could read the code, trace the logic, and know exactly what a product would do. AI doesn’t work that way.

AI depends on a lot of data. The integrity of data, how it is being utilised, how the results are being derived, it's a different way of testing.

Blockchain presents a different kind of challenge. In decentralised systems, trust shifts away from people and institutions and toward code and smart contracts. Decisions happen in milliseconds. The traditional model of reviewing and approving simply can’t keep up.

When decisions are being taken in milliseconds, there should be a different way of testing.

Test labs, regulators, and compliance bodies that don’t adapt to this reality risk becoming exactly what they’re accused of being: blockers. Not because they want to be, but because their methods haven’t evolved to match the technology they’re assessing.

What the Next Decade Looks Like

Looking 5 to 10 years ahead, Dr. Rizvi’s vision is clear, and it’s a significant departure from how things work today.

Point in time testing, certification at one stage, that will be an older story. Your systems will be tested every second. That is continuous compliance.

The annual penetration test is already becoming outdated. The six-month compliance report is on its way out. What replaces them is real-time monitoring, continuous certification, and live reporting that regulators can access at any moment.

Regulators won't be expecting 'guys, I need a report every six months.' No, you should be able to see the report every second.

Operators, regulators, testing bodies, and compliance companies will need to work much more closely together to make this a reality. And while machines will take on far more of the heavy lifting, because you can’t have a human observe a decision made in a millisecond, people aren’t going anywhere.

Machines can provide the right data so that people can make the right decisions.

A Final Word to Operators and Regulators

If all of this sounds overwhelming, Dr. Rizvi’s message is straightforward: it doesn’t need to be.

The gaming industry has always been an early adopter. Operators and technology providers have the means and the motivation to embrace what’s coming. The shift toward continuous compliance isn’t a threat; it’s an opportunity for the businesses that get ahead of it.

Someone has to look at where this technology is going. Someone has to approve it. Someone has to make sure it’s heading in the right direction.

That conversation starts with culture.

The future of gaming won’t be won by who innovates fastest. It will be won by who builds trust most consistently. Gaming Associates has been helping the industry do exactly that for 25+ years, across 50+ jurisdictions worldwide. To learn more about our independent testing and certification services.