California Sweeps the Leg: AB 831 and the Expanding Radius of Liability

In the evolution of gaming regulation, there are moments when policy theory becomes praxis, and everything downstream reorganizes. California AB 831, effective January 2026, represents such a moment. The statute did two things: it banned sweepstakes casinos (a category the state had never explicitly prohibited before), and it imposed liability on third-party vendors who materially contributed to the operation of illegal casinos.

The vendor liability provision was the innovation. California defined "operator" broadly to include not just the platform owner, but also any entity that "materially contributes" to the operation of an illegal gambling business. This includes: payment processors; geolocation technology providers; media platforms that accept advertising; software development firms that provide backend infrastructure; customer service vendors; and analytics firms.

The liability structure is civil and financial. Victims of illegal gambling (specifically, players who lost money to sweepstakes casinos) can sue any party in the chain of operation. Class actions become exponentially more likely. The plaintiff's bar had immediately begun circling sweepstakes operators; AB 831 opened the legal aperture to include every vendor in the supply chain.

The effect was immediate and devastating. VGW began planning exits from multiple states. Payment processors began terminating merchant accounts. Technology vendors de-platformed sweepstakes casino software. Marketing platforms began blocking sweepstakes casino advertising. Within 60 days of AB 831 taking effect, the industry had lost approximately 20% of its US revenue.

But the economic effect was secondary to the regulatory effect. California had established a precedent: you can regulate not just the direct operator, but the entire ecosystem that enables the operator. This principle is now being replicated.

New York, through Senator James' S5935 (passed in early 2026), implemented nearly identical vendor liability provisions. Tennessee's enforcement campaign against sweepstakes operators explicitly targeted vendors and affiliates, not just the platform operators themselves. Illinois ordered payment processors to decline gaming-related merchant accounts. Maryland and Connecticut are considering similar frameworks.

What makes vendor liability so effective is that it collapses the regulatory arbitrage that operators depend on. An operator can relocate offshore and evade state jurisdiction. But a payment processor, a technology vendor, or a media platform has legitimate business interests in California, New York, and other major markets. Those companies face genuine liability exposure and cannot simply relocate to avoid enforcement.

Payment processors learned this lesson first. Stripe, Square, and PayPal all updated their terms of service in 2025-2026 to reflect explicit prohibitions on gaming-related payments except where operators are properly licensed in their state of operation. The terms are not mere guidelines; they are enforced. Operators that lose payment processor access lose the ability to monetize.

Technology vendors faced similar pressure. AWS, Google Cloud, and other infrastructure providers began reviewing their terms of service to identify and terminate gaming operator accounts. While these providers initially resisted taking sides on gaming regulation (the regulatory landscape was ambiguous), they quickly realized that liability exposure from California and New York made maintaining gaming operator customer relationships untenable.

Media platforms (Facebook, Google Ads, TikTok) implemented blanket restrictions on gambling advertising in the United States. These restrictions predate AB 831, but they were reinforced by it. If a media platform accepts advertising from an illegal gambling operator, the platform can face joint liability under California's vendor liability framework.

The vendor liability model is so effective that other states are rapidly adopting it. New Jersey is considering similar expansion. Pennsylvania is drafting comparable language. Massachusetts is evaluating whether to extend vendor liability to offshore operators of any kind.

The long-term implication is that regulatory enforcement is shifting from direct regulation (licensing operators, imposing licensing conditions) to indirect regulation (holding vendors liable for enabling unlicensed operators). The shift is more effective because it targets the operational dependencies of gaming operators. An operator can survive state litigation. It cannot survive the simultaneous loss of payment processing, technology infrastructure, and advertising channels.

For vendors, the risk profile has fundamentally changed. A payment processor that previously viewed gaming as a morally neutral, profit-generating vertical now views gaming as a liability-generating vertical. The cost of staying in gaming (legal expense, liability insurance, regulatory monitoring) exceeds the profit. Smart vendors are exiting.

For startups and smaller gaming operators, the vendor liability framework is devastating. They cannot operate without payment processing and technology infrastructure. If vendors are liable for enabling them, vendors will not work with them. The result is consolidation: only the largest, most legitimate gaming operators will have access to mainstream vendors. Everyone else operates in the shadows, using crypto and offshore infrastructure, accepting the enforcement risk.

AB 831's vendor liability framework represents the future of gaming regulation. It is more effective than direct regulation because it does not require states to regulate the operators themselves. States regulate the vendors that support operators. Vendors respond by terminating operator relationships. Operators cannot operate. The category shrinks or formalizes.

Legal Landscape

Vendor liability under AB 831 and similar statutes creates a novel legal landscape:

**Vendor Liability Scope**: California AB 831 defines "material contribution" broadly. This creates ambiguity about which vendors face liability. **Recommendation**: If you operate as a vendor (payment processor, technology provider, media platform, geolocation service, etc.), implement a KYC process for gaming operator clients. Verify licensing status in all states where the operator claims to operate. Maintain written documentation of licensing. Terminate relationships with operators who cannot provide evidence of proper licensing. This documentation will be critical if you face liability claims. The more diligent you are, the more defensible your position becomes.

**Joint and Several Liability**: California courts have recognized joint and several liability for vendors who enable illegal gaming. This means that a payment processor could potentially be liable for 100% of a sweepstakes casino operator's ill-gotten gains, not just a proportionate share. **Recommendation**: Obtain comprehensive general liability and E&O insurance that covers gaming-related claims. Maintain robust documentation of all compliance efforts. If you receive a cease-and-desist notice or learn that an operator client is unlicensed, terminate immediately and document the termination. Do not continue processing payments for operators you know are unlicensed.

**Geographic Scope**: AB 831 applies to anyone doing business in California. If you process payments for an operator that serves California residents, you are exposed to AB 831 liability even if you operate outside California. **Recommendation**: Understand that vendor liability is extraterritorial. A payment processor based in New York that processes payments for a sweepstakes operator that serves California residents is subject to California's AB 831. Implement state-by-state compliance policies that treat California, New York, and Massachusetts (three states with aggressive vendor liability provisions) with heightened scrutiny.

**Class Action Risk**: California's consumer protection framework allows class actions with treble damages. Class actions against sweepstakes operators will inevitably extend to vendor defendants. **Recommendation**: If you are a vendor with significant exposure to gaming operators, maintain litigation reserves and insurance. Assume that class action exposure is material and will increase over time. Consider proactive settlement discussions if you face class action complaints.

**Successor Liability**: Companies that acquire gaming companies or their assets may inherit vendor liability exposure. **Recommendation**: If you are acquiring a gaming company or technology, conduct thorough due diligence on the target's vendor relationships and compliance status. Negotiate for representations and warranties around licensing and compliance. Obtain indemnification for historical vendor liability exposure. Do not assume you are acquiring only assets; you may be acquiring significant contingent liabilities.

**Expansion Timeline**: Expect vendor liability frameworks to be adopted in at least 5-10 additional states by late 2026. Expect federal consideration of a national vendor liability framework (possibly as part of broader gaming reform legislation). By 2027, vendor liability will likely be the dominant enforcement mechanism against unlicensed gaming operators. Prepare accordingly.