Your top affiliate sends you 400 FTDs a month. Half of them come from sources you have never seen, cannot trace, and are not contractually responsible for. That is not a partnership structure. That is an attribution black hole — and it is more common in iGaming than most operators want to admit.
⚡ DIRECT ANSWER
A sub-affiliate structure is a tiered partner arrangement where a parent affiliate recruits and manages their own network of traffic sources — sub-affiliates — who send players to the operator through the parent’s tracking links. The operator pays the parent affiliate a commission on the combined NGR of all players referred through their network, and the parent affiliate manages commission passthrough to their sub-affiliates independently. When configured correctly, the structure multiplies acquisition reach without multiplying operator overhead. When configured incorrectly, it creates attribution gaps, fraud liability, and compliance exposure that the operator may not discover until a regulator or a payment dispute forces the issue.
What a Sub-Affiliate Structure Is — and When It Makes Commercial Sense
The standard affiliate model is bilateral: operator and affiliate, one tracking link, one commission plan. The sub-affiliate model adds a third layer. The parent affiliate — typically an experienced iGaming operator with their own publisher relationships, SEO network, or media buying infrastructure — recruits sub-affiliates who drive traffic through links issued by the parent, not directly by the operator.
The player acquisition chain is: sub-affiliate → parent affiliate → operator → player.
From the operator’s perspective, the parent affiliate looks like a single, high-volume partner. They send significant FTD volume. They have one commission plan. They issue one monthly invoice.
What is invisible — unless the operator has specifically architected for visibility — is that the parent affiliate’s volume is itself an aggregate of five, fifteen, or fifty sub-affiliates, each with their own traffic sources, traffic quality, and compliance posture.
When Sub-Affiliate Networks Are the Right Structure
The sub-affiliate model makes commercial sense in three specific scenarios:
Parent affiliates with established publisher networks. A parent affiliate who has spent years building relationships with smaller content sites, SEO publishers, and media buyers in your vertical can deliver traffic quality and volume that would take your affiliate team two years to replicate through direct outreach. The sub-affiliate network is the delivery mechanism for that relationship capital. Denying the structure means losing the parent affiliate’s full reach to a competitor who will accommodate it.
Geographic expansion with local expertise. An operator expanding into a new market — LATAM, Southeast Asia, specific European regulated markets — may work with a parent affiliate who has deep local publisher relationships. Those local publishers are effectively sub-affiliates. The parent affiliate’s local credibility and relationship management is the value being purchased. The sub-affiliate structure is the operational form that value takes.
Managed affiliate network partners. Some operators work with affiliate network aggregators — organizations that manage large portfolios of smaller publishers under a single commercial relationship. These are structurally sub-affiliate arrangements whether they are labeled as such or not. The attribution and compliance considerations are identical regardless of terminology.
When Sub-Affiliate Networks Create More Risk Than Reward
Sub-affiliate structures are not appropriate for all parent affiliates or all operator contexts. Operators with limited compliance infrastructure, programs in tightly regulated markets with strict third-party supplier requirements, or parent affiliates who cannot demonstrate adequate sub-affiliate vetting processes are scenarios where the sub-affiliate structure’s fraud and compliance exposure outweighs its acquisition benefits. The framework below helps operators assess which scenario they are in before signing the commission plan.
Commission Passthrough Models: Two Architectures, One Choice
The single most consequential structural decision in a sub-affiliate arrangement is who pays the sub-affiliates. Two models exist. They are not interchangeable, and choosing the wrong one for your operator context creates financial and compliance exposure that is difficult to unwind.
| Model | How It Works | Operator Exposure | Attribution Control | Best For |
|---|---|---|---|---|
| Parent Pays Sub (Indirect) | Operator pays parent affiliate full network commission. Parent manages and pays sub-affiliates from their own funds. | Low — single commercial relationship, single invoice | Limited — operator sees parent-level data only unless platform exposes sub tiers | Established parent affiliates with proven compliance track record; operators with limited sub-affiliate oversight capacity |
| Operator Pays Both (Direct) | Operator pays parent affiliate an override on sub-affiliate NGR. Operator also pays sub-affiliates directly on their individual commission plans. | Higher — multiple commercial relationships, multiple invoices, multiple compliance obligations | Full — operator sees sub-affiliate performance data independently; can act on individual sub-affiliate fraud or compliance issues without involving parent | Operators with compliance infrastructure to manage multi-party relationships; regulated markets requiring per-publisher traceability |
The indirect model is operationally simpler. The operator has one counterparty, one commission calculation, one payment. Sub-affiliate management — including their compliance vetting, their payment terms, their fraud monitoring — is entirely the parent affiliate’s responsibility. The operator’s commercial and legal exposure stops at the parent affiliate level.
In Scaleo, this model requires no special configuration beyond the parent affiliate’s standard commission plan — the SubID parameter slots in as a reporting dimension without touching commission calculation logic.
The direct model is operationally heavier but commercially safer in regulated environments. The operator maintains independent visibility into sub-affiliate performance, can identify and act on fraudulent or non-compliant sub-affiliates without the parent affiliate as an intermediary, and maintains per-publisher attribution data that satisfies regulatory audit requirements.
The choice between them is not primarily a cost decision. It is a compliance architecture decision. Operators in UKGC-regulated environments or MGA-regulated environments who cannot demonstrate per-publisher attribution traceability are carrying regulatory exposure regardless of which model they have chosen on paper. If a regulator asks which publisher referred a specific player, “our parent affiliate manages that” is not a compliant answer.
Attribution Chain Integrity: How Click IDs Must Propagate
This is the technical section most operators skip, and it is the section that determines whether your sub-affiliate structure produces meaningful data or a commission spreadsheet with an unexplained source column.
In a standard bilateral affiliate relationship, the attribution chain is straightforward: the affiliate’s tracking link fires a click ID, the player registers and deposits, the S2S postback fires back to the affiliate platform carrying the click ID, and the player is attributed to the affiliate. One link. One click ID. One attribution event.
In a sub-affiliate structure, the attribution chain has an additional node. The sub-affiliate has their own tracking link, which fires their click ID. That click then passes through the parent affiliate’s system before reaching the operator’s landing page. For the operator to maintain player-to-source traceability — knowing not just that the player came through parent affiliate X, but specifically through sub-affiliate Y within X’s network — the sub-affiliate’s click ID must propagate through the parent affiliate’s link and be carried in the postback to the operator’s platform.
We, the team behind Scaleo, built multi-tier SubID propagation into the core tracking schema specifically because operators running sub-affiliate networks kept losing attribution fidelity at this exact handoff point.
There are two ways this propagation can work. In the first, the parent affiliate’s tracking system is configured to append the sub-affiliate’s source identifier as a sub-ID parameter on the outbound click to the operator’s tracking link. The operator’s platform receives the click with both the parent affiliate ID and the sub-affiliate source ID, stores both, and fires the postback carrying both. The operator sees player-level attribution at two tiers.
In the second — and far more common — scenario, the parent affiliate’s system does not pass the sub-affiliate source identifier. The operator’s platform receives a click from the parent affiliate’s link with no sub-tier data. Every player from every sub-affiliate in the parent’s network looks identical at the operator level. Fraud from one sub-affiliate is indistinguishable from clean traffic from another. NGR quality differences between sub-affiliates are invisible. Attribution is, in practice, broken — it just does not look broken because the commission statement still produces a number.
⚠️ The SubID requirement is non-negotiable for compliant sub-affiliate tracking: Before activating any sub-affiliate arrangement, require the parent affiliate to demonstrate that their tracking system passes a sub-affiliate source identifier as a SubID parameter on every outbound click to your platform. Test it with a sample click chain before any volume goes live. If the parent affiliate’s system cannot pass SubIDs — or if they are unwilling to configure it — you are operating a sub-affiliate network with no attribution visibility. That is both a fraud risk and, in regulated markets, a compliance risk. It is not an operational inconvenience to be accepted and managed around.
SubID Architecture in Scaleo
Scaleo’s tracking architecture supports multi-tier SubID propagation natively. When a parent affiliate’s click arrives carrying a SubID parameter — the sub-affiliate source identifier appended by the parent’s system — Scaleo stores the SubID alongside the parent affiliate’s click ID at the event level. The postback carries both identifiers back to the parent affiliate’s platform. The operator’s reporting stack shows player activity broken down by both parent affiliate and sub-affiliate source, without any manual data mapping.
In the direct payment model — where the operator pays sub-affiliates directly — Scaleo’s commission plan architecture supports separate commission plans at the parent tier (override on aggregate network NGR) and the sub-affiliate tier (individual RevShare or CPA plans). Both commission calculations run automatically at each commission cycle. The parent affiliate sees their override commission in their portal. The operator sees the full performance breakdown by sub-affiliate source. No manual reconciliation between the two tiers is required.
SubID Architecture in Modern Affiliate Tracking Systems
Modern affiliate tracking systems support SubID propagation by storing the sub-affiliate source identifier alongside the parent affiliate click data at the event level. When implemented properly, postbacks can return both identifiers, allowing operators to analyze player activity by parent affiliate and by sub-affiliate source without manual reconciliation.
In the direct payment model — where the operator pays sub-affiliates directly — the platform must also support separate commission logic at the parent tier and the sub-affiliate tier. That means an override commission for the parent affiliate on aggregate network NGR, and individual RevShare or CPA plans for the sub-affiliates. If the platform cannot calculate both tiers cleanly from the same underlying NGR logic, the operator will end up doing manual reconciliation at payment time — which is exactly where tiered partner structures start to break down.
Fraud Risk in Sub-Affiliate Networks: The Vouching Problem
The fraud risk profile of a sub-affiliate arrangement is fundamentally different from the fraud risk of a direct affiliate relationship. In a direct relationship, the operator’s fraud screening applies to the affiliate’s traffic from day one. In a sub-affiliate arrangement, the parent affiliate’s traffic has typically passed the operator’s screening — which is why they have a live commission plan. The sub-affiliates operating within the parent’s network may have had no direct interaction with the operator’s fraud controls at all.
This creates what experienced affiliate managers call the vouching problem: the parent affiliate’s established reputation effectively vouches for every sub-affiliate in their network, regardless of those sub-affiliates’ actual traffic quality. A parent affiliate with three years of clean NGR history and a trusted relationship with your program can introduce ten sub-affiliates — some legitimate, some operating click farms, some running bonus-abuse schemes — and the operator’s initial trust filters will not distinguish between them because the traffic arrives through the parent affiliate’s tracking domain.
Sub-Affiliate Fraud Patterns to Monitor
Registration velocity clustering by SubID. If one sub-affiliate source within a parent affiliate’s network generates an unusual concentration of registrations within short time windows — ten registrations in 90 seconds, for instance — while other sub-affiliate sources in the same network show normal distribution patterns, the clustering is almost certainly not organic. This pattern requires SubID-level visibility to detect. Without it, the velocity spike is diluted into the parent affiliate’s aggregate metrics and becomes statistically invisible.
Device fingerprint overlap concentrated in one SubID. Multiple new player registrations sharing hardware entropy — screen resolution, browser version, installed font set, GPU renderer signature — from a single sub-affiliate source is a strong indicator of a device farm or automated registration tool. The fingerprint overlap will not appear if you are looking at parent-affiliate-level data. It requires sub-affiliate source segmentation in your fraud scoring engine.
NGR quality divergence between sub-affiliate sources. In a healthy parent affiliate network, sub-affiliate sources will show some variance in NGR quality but should cluster reasonably close to the parent’s overall cohort performance. A sub-affiliate source showing consistently high FTD count with near-zero NGR — players who deposit, claim the bonus, and immediately withdraw — is a bonus-abuse channel within the network. Without SubID-level NGR reporting, this pattern is masked by the better-performing sub-affiliate sources in the same parent network.
Deposit-to-withdrawal timing anomalies by source. Scaleo’s anti-fraud engine scores player behavior at the event level — registration-to-FTD interval, deposit-to-withdrawal timing, session interaction patterns. When these scores are broken down by SubID source, patterns that are statistically noise at the parent-affiliate level become statistically significant at the sub-affiliate level. A single fraudulent sub-affiliate generating 30 players per month can run undetected for six months in aggregate reporting. At SubID-level scoring, it typically surfaces within the first billing cycle.
Scaleo internal data, 2025: Across operator programs running sub-affiliate networks on Scaleo with SubID-level fraud scoring enabled, 23% of identified fraudulent traffic events originated from sub-affiliate sources that showed no fraud signals at the parent-affiliate aggregate level. These events were only detectable through SubID-segmented behavioral analysis. In programs without SubID tracking, the same fraud patterns were generating an average of €4,200 per month in fraudulent CPA payouts before detection — typically surfacing only at manual commission reconciliation, not in real-time monitoring.
Liability Clauses: Who Is Responsible for Sub-Affiliate Compliance Violations
The compliance liability question in sub-affiliate arrangements is not resolved by the commission passthrough model you choose. It is resolved — or not resolved — by your affiliate agreement. In the absence of explicit sub-affiliate liability language, the default legal position in most jurisdictions places compliance responsibility for all traffic entering an operator’s platform on the operator, regardless of how many intermediaries exist between the original traffic source and the player registration event.
That means: if a sub-affiliate in your parent affiliate’s network runs non-compliant advertising — targeting under-18 audiences, making false bonus claims, operating in a jurisdiction where your license does not cover their audience — the operator carries the regulatory exposure. The parent affiliate’s contract with their sub-affiliate is a private commercial arrangement that a regulator does not recognize as a transfer of the operator’s compliance obligations.
This is not just theory. The UK Gambling Commission’s LCCP on responsibility for third parties makes clear that licensees remain responsible for the actions of contracted third parties, and UK advertising guidance treats affiliate marketing as part of the operator’s compliance perimeter. ASA guidance on gambling affiliates is blunt on this point, and the CAP Code’s gambling rules impose the same socially responsible advertising standard regardless of whether the message is distributed by the operator directly or through affiliates.
What the Affiliate Agreement Must Say
A sub-affiliate arrangement requires specific contract language on four points:
1. Sub-affiliate disclosure requirement. The parent affiliate must disclose to the operator the identity of all sub-affiliates they intend to include in the network before those sub-affiliates begin sending traffic. Undisclosed sub-affiliates — traffic sources the operator has not reviewed — represent unvetted compliance exposure. The disclosure requirement puts the identification obligation on the parent affiliate while giving the operator the information needed to conduct their own due diligence.
2. Parent affiliate compliance responsibility. The parent affiliate is contractually responsible for ensuring that all sub-affiliates in their network operate in compliance with the operator’s program terms, the applicable advertising standards in each jurisdiction they operate in, and any specific regulatory requirements the operator’s license imposes. This clause makes the parent affiliate the first line of compliance enforcement for their own network — not a substitute for operator oversight, but a contractual accountability layer that creates consequences for the parent affiliate if a sub-affiliate violates terms.
3. Operator’s right to exclude sub-affiliates. The operator must retain the unilateral right to remove any specific sub-affiliate from the network — or to require the parent affiliate to remove them — without terminating the parent affiliate relationship. This is the operational lever the operator needs when a specific sub-affiliate source is identified as fraudulent or non-compliant. Without this clause, the only action available is terminating the entire parent affiliate relationship, which is disproportionate and commercially damaging when the issue is isolated to one sub-affiliate source.
4. Commission clawback for sub-affiliate fraud. If a sub-affiliate source is identified as generating fraudulent traffic — bonus-abusing players, click farm registrations, duplicate accounts — the commissions paid on that traffic must be recoverable. The clawback clause specifies the lookback period, the evidence standard required to trigger the clawback, and the mechanism (deduction from future commissions, direct repayment, or offset against the parent affiliate’s NGR balance).
Operator Visibility: Should You See Sub-Affiliate Performance Data?
The answer is yes, always, without qualification. The question is not whether operators should see sub-affiliate performance data — they should — but how much friction exists in obtaining it, and whether the visibility is real-time or retrospective.
The argument sometimes made for limiting operator visibility is that sub-affiliate identities are the parent affiliate’s proprietary business relationships — their “book of business” — and that full operator visibility into sub-affiliate identity creates a risk that the operator bypasses the parent and recruits sub-affiliates directly. This argument is not without merit as a concern. It is also not a reason to accept attribution blindness.
The resolution is SubID-based reporting rather than full identity disclosure. The operator does not need to know that sub-affiliate source “SubID_047” is specifically “John Smith’s casino review site.” The operator needs to see that SubID_047 is generating 40 FTDs per month at an NGR quality that is 60% below the parent affiliate’s network average and that its deposit-to-withdrawal timing is in the 97th percentile of suspicious behavior. That performance data, broken down by SubID, gives the operator the fraud detection capability they need without requiring the parent affiliate to expose their full publisher list.
When a SubID source triggers fraud thresholds, the operator exercises their contractual right to exclude that source and asks the parent affiliate to remove it from the network. The parent affiliate knows which publisher corresponds to that SubID. The operator does not need to. The accountability and the commercial protection are both preserved.
Configuring Sub-Affiliate Commission Plans: The Technical Setup
Sub-affiliate commission configuration has two components that must be set up independently and correctly: the parent affiliate’s commission plan and the SubID tracking parameter. Getting the commission plan right without the SubID tracking produces correct commission payments but no attribution visibility. Getting the SubID tracking right without the commission plan produces visibility into traffic sources that are not correctly remunerated. Both must be configured before any sub-affiliate traffic goes live.
Parent Affiliate Commission Plan in the Indirect Model
In the indirect model, the parent affiliate receives a commission on the aggregate NGR of all players referred through their network — including all sub-affiliate sources. The commission plan is structurally identical to a standard RevShare or hybrid plan. The only difference is that the NGR base includes sub-affiliate-sourced players aggregated under the parent affiliate’s tracking domain. No separate sub-affiliate commission plans exist in the operator’s system because sub-affiliates are not directly known to the operator’s platform.
Scaleo handles this without any bespoke configuration — the parent affiliate’s plan runs as standard, and SubID data populates the reporting layer automatically as traffic flows in.
No separate sub-affiliate commission plans exist in the operator’s system because sub-affiliates are not directly known to the operator’s platform.
The SubID tracking parameter is configured as an additional reporting dimension — it does not affect commission calculation, only attribution reporting. The parent affiliate’s tracking links are issued with a SubID parameter slot that the parent affiliate populates per sub-affiliate source. The operator’s platform stores the SubID alongside the click event and surfaces it in reporting without using it in commission calculation logic.
Commission Plans in the Direct Model
In the direct model, the commission architecture has two tiers. The parent affiliate is on an override plan — they earn a percentage of the aggregate NGR produced by their sub-affiliate network, typically a lower rate (5–15%) that reflects their network management role rather than their direct traffic contribution. Sub-affiliates are each on their own commission plans — standard RevShare or CPA structures configured at the sub-affiliate account level.
The technical requirement is that sub-affiliate commission plans calculate on the same NGR base as the parent override — both must use the same deduction formula to avoid a situation where the sub-affiliate’s RevShare commission and the parent’s override commission together exceed the operator’s actual NGR margin. This is a commission plan design error that is easy to make and expensive to discover at the first payment run.
In practice, the direct model only works cleanly when the platform can link individual sub-affiliate accounts to a parent override structure while preserving a unified reporting view. If the reporting and commission logic are split across tools or spreadsheets, the parent override plan will eventually drift away from the underlying player-level data.
Frequently Asked Questions
What is a sub-affiliate in an iGaming affiliate program?
A sub-affiliate is a publisher or traffic source that operates within a parent affiliate’s network rather than having a direct commercial relationship with the operator. The parent affiliate recruits and manages sub-affiliates, who send players to the operator through tracking links issued by or routed through the parent. The operator typically has a single commission plan with the parent affiliate covering the aggregate traffic from the entire network. Sub-affiliates are either invisible to the operator (indirect model) or are known as separate tracked sources within the parent’s network (direct model with SubID tracking).
How does sub-affiliate commission passthrough work?
In the indirect model, the operator pays the parent affiliate a commission on the full network’s NGR, and the parent affiliate independently pays their sub-affiliates from those earnings. The operator has no visibility into or responsibility for the sub-affiliate payment structure. In the direct model, the operator pays sub-affiliates directly on individual commission plans and pays the parent affiliate an override commission — typically 5–15% of network NGR — for their network management role. The direct model requires more operator infrastructure but provides full attribution control and eliminates the parent affiliate’s ability to obscure sub-affiliate performance data.
How do I detect fraud in a sub-affiliate network?
Sub-affiliate fraud is only detectable at the SubID level — you cannot identify fraudulent sub-affiliate sources from parent-affiliate aggregate data. Require the parent affiliate to pass a SubID parameter on all outbound clicks, then apply behavioral fraud scoring (registration velocity, device fingerprint overlap, deposit-to-withdrawal timing) at the SubID level in your affiliate platform. Fraud patterns that are statistically invisible in aggregate parent-affiliate reporting become identifiable within one billing cycle when scored by sub-affiliate source. Scaleo’s anti-fraud engine supports SubID-level behavioral scoring natively, flagging anomalous sources without requiring manual data segmentation.
Who is liable for compliance violations by sub-affiliates?
The operator carries the primary regulatory compliance liability for all traffic entering their platform, regardless of how many intermediaries exist in the acquisition chain. The parent affiliate can be made contractually responsible for their sub-affiliates’ compliance through explicit agreement language — disclosure requirements, compliance obligations, clawback clauses — but this contractual responsibility does not transfer the operator’s regulatory exposure to the parent affiliate. Regulators do not recognize private commercial arrangements as a substitute for operator compliance obligations. The operator must maintain sufficient visibility into sub-affiliate sources to conduct their own compliance assessment, which requires SubID-level tracking at minimum.
Can I see sub-affiliate performance data without knowing their identity?
Yes, and this is the recommended approach for most sub-affiliate arrangements. SubID-based reporting gives the operator full performance visibility — FTD count, NGR quality, fraud scores, cohort behavior — broken down by sub-affiliate source identifier, without requiring the parent affiliate to disclose the actual identity or URL of each sub-affiliate publisher. The operator can identify, flag, and require the removal of underperforming or fraudulent SubID sources without knowing or needing to know which specific publisher corresponds to that SubID. This resolves the tension between the parent affiliate’s legitimate interest in protecting their publisher relationships and the operator’s legitimate need for attribution control and fraud detection capability.
A Sub-Affiliate Network Without SubID Tracking Is Not a Network — It Is a Risk
The commercial upside of a well-structured sub-affiliate network is real — multiplied reach, local market expertise, and established publisher relationships you cannot replicate through direct outreach alone. The risk is equally real, and it is concentrated at the attribution layer. Without SubID propagation, fraud scoring at the source level, and contractual liability architecture that matches the commercial structure, you are financing an acquisition channel you cannot audit and accepting compliance exposure you cannot quantify.
See how Scaleo’s multi-tier commission architecture handles SubID propagation, parent-affiliate override plans, and sub-affiliate-level NGR reporting — and how the anti-fraud engine applies behavioral scoring at the SubID level so fraudulent sources surface before the commission run, not after.
FAQ
What is a sub-affiliate in iGaming and how does the structure work?
A sub-affiliate is a traffic source managed by a parent affiliate, who acts as an intermediary between the sub-affiliate and the operator. In practice, the parent affiliate recruits their own network of publishers, SEO sites, or media buyers, who drive players to the operator through links issued by the parent rather than directly by the operator. The operator pays the parent affiliate a commission on the combined NGR of all players referred through their network, and the parent manages commission passthrough to sub-affiliates independently. From the operator’s perspective, the parent affiliate appears as a single high-volume partner — but the actual traffic originates from multiple sources with potentially different quality levels and compliance postures.
What are the two commission models for sub-affiliate arrangements and which is better?
The two models are indirect (parent pays sub) and direct (operator pays both). In the indirect model, the operator pays the parent affiliate a single combined commission and the parent manages sub-affiliate payments from their own funds. This is operationally simple — one commercial relationship, one invoice — but gives the operator limited visibility into individual sub-affiliate performance and compliance. In the direct model, the operator pays the parent an override commission and also pays each sub-affiliate directly on individual commission plans, giving full performance visibility and the ability to act on fraud or compliance issues without involving the parent as an intermediary. The choice is primarily a compliance architecture decision: operators in UKGC or MGA regulated environments who cannot demonstrate per-publisher attribution traceability carry regulatory exposure regardless of which model they have selected on paper.
How should click IDs propagate through a sub-affiliate tracking chain?
In a standard bilateral affiliate relationship, a single click ID is generated and carried from click through to postback. In a sub-affiliate structure, the attribution chain has an additional node: the sub-affiliate fires their own click ID, which must then propagate through the parent affiliate’s link and be carried in the postback to the operator’s platform. For the operator to maintain player-to-source traceability — knowing not just which parent affiliate referred a player but which specific sub-affiliate within that network — the sub-affiliate’s identifier must be passed as a SubID parameter that survives all redirect stages and appears as a distinct field in the conversion postback. Platforms without native multi-tier SubID propagation in their tracking schema produce parent-level attribution data only, leaving sub-affiliate source completely invisible in commission and fraud reports.
What compliance risks do sub-affiliate structures create for regulated iGaming operators?
The primary compliance risks are three: undisclosed traffic sources in markets requiring per-publisher regulatory approval or disclosure (particularly UKGC and some MGA jurisdictions), fraud liability for sub-affiliate traffic that the operator cannot independently audit or action, and AML exposure if the operator cannot demonstrate the beneficial ownership of traffic sources referred under a parent affiliate’s account. In UKGC-regulated environments, if a regulator asks which publisher referred a specific player, “our parent affiliate manages that” is not a compliant answer — the operator is expected to be able to trace the player to a specific traffic source independently. Operators considering sub-affiliate arrangements should verify that their affiliate platform supports independent sub-affiliate reporting and that their affiliate agreements include sub-affiliate vetting and compliance obligations on the parent affiliate.
When does a sub-affiliate network make commercial sense for an iGaming operator?
Sub-affiliate networks make commercial sense in three scenarios: when the parent affiliate has an established publisher network in the operator’s vertical that would take two or more years to replicate through direct outreach; when the operator is expanding into a new market where the parent affiliate has deep local publisher relationships that serve as a compliance and commercial bridge; and when working with managed affiliate network aggregators who operate large portfolios of smaller publishers under a single commercial relationship. Sub-affiliate structures are not appropriate for operators with limited compliance infrastructure, programs in tightly regulated markets with strict third-party supplier requirements, or parent affiliates who cannot demonstrate an adequate sub-affiliate vetting process.
