Why operators at scale move from 1% commission crypto rails to flat-fee SaaS providers. Breakeven math, MiCA, Travel Rule, implementation guide.
Most iGaming operators bolt on crypto payments through a commission-based processor — BitPay, Coinbase Commerce, NOWPayments, CoinGate — and quietly pay 1% to 3% of every deposit forever. There is now a credible alternative: SaaS-model crypto payment providers that charge a flat monthly fee regardless of volume, and for any operator above roughly €200K–€300K monthly crypto throughput, the maths gets uncomfortable fast. This guide explains how both models work, where the breakeven sits, and how to migrate without breaking your AML stack.
Crypto payment processors split into two camps. The first — the camp most operators know — is the commission-based processor. You pay nothing or a token amount to onboard, and the provider takes a percentage of every transaction. The headline rate looks innocuous; the cumulative bill at scale does not.
The second is the SaaS or flat-fee model. You pay a meaningful onboarding charge (typically €5,000 to €25,000) and a fixed monthly subscription (typically €2,000 to €10,000). In exchange, transaction volume is unbounded — €100,000 a month or €100 million a month, the fee is the same. Multi-chain infrastructure, on-chain analytics, KYC/AML screening, and Travel Rule tooling are bundled.
The commission camp is well-known because it markets to anyone with a website. The SaaS camp is quieter — these are operator-grade providers that prefer warm introductions and a serious KYB review before they switch you on. Most iGaming founders never discover the second category until someone tells them it exists.
Commission rates from the major consumer-grade processors sit between 0.5% and 2%. BitPay charges 1%. Coinbase Commerce takes 1% of completed checkouts. NOWPayments runs a sliding 0.5% to 1% scale. CoinGate publishes 1%. Triple-A typically lands between 1% and 2% for higher-risk verticals including iGaming.
That percentage is just the headline. The total cost of commission rails usually includes:
Add it up and an operator running €5M/month in crypto deposits at a nominal 1% rate plus 30bps of FX spread and miscellaneous network fees is closer to €65,000 a month in total cost — €780,000 a year. Most operators never run that calculation in one place because the line items hit different sub-ledgers.
SaaS-model providers price the infrastructure, not the throughput. The typical commercial structure is a one-off implementation fee (€5,000 to €25,000) plus a monthly subscription (€2,000 to €10,000 depending on chain coverage, settlement options, and SLA). Volume is unmetered.
What's bundled at that price varies, but a competitive offering usually includes:
The KYB onboarding is heavier than for a consumer commission processor. Expect 4 to 6 weeks, a full corporate document pack, UBO screening, a gambling-licence review, source-of-funds questions on initial treasury, and a technical due diligence pass on your MLRO stack.
The simplest way to see whether SaaS makes sense is to model it directly. The table below assumes a 1% commission rate and a €5,000 monthly SaaS fee with a €15,000 amortised one-off, normalised across 24 months (€625/month). All-in SaaS cost: €5,625/month.
| Monthly crypto volume | Commission cost (1%) | SaaS all-in cost | Monthly saving | Annual saving |
|---|---|---|---|---|
| €100,000 | €1,000 | €5,625 | -€4,625 | -€55,500 |
| €300,000 | €3,000 | €5,625 | -€2,625 | -€31,500 |
| €500,000 | €5,000 | €5,625 | -€625 | -€7,500 |
| €1,000,000 | €10,000 | €5,625 | €4,375 | €52,500 |
| €5,000,000 | €50,000 | €5,625 | €44,375 | €532,500 |
| €10,000,000 | €100,000 | €8,000* | €92,000 | €1,104,000 |
at €10M+ volume tiers SaaS providers typically quote a higher tier (~€8K/month) to cover throughput SLAs and dedicated support.
Breakeven against a 1% commission rail sits at roughly €560,000 a month. Against a 1.5% commission rail (typical for iGaming-classified merchants on Triple-A or CoinGate) breakeven drops to around €375,000. Against 2% commissions, breakeven is around €280,000.
The crossover is the inflection point. Below it, the commission model is cheaper and simpler. Above it, every additional euro of crypto volume goes straight to the SaaS provider on a percentage basis — and to your margin on a flat-fee basis.
Not all "crypto payment processors" sit in the same category. The distinction matters because the commercial terms, custody model, and onboarding posture differ sharply.
| Category | Examples | Pricing | Custody | Onboarding | Best for |
|---|---|---|---|---|---|
| Consumer commission | BitPay, Coinbase Commerce, NOWPayments | 0.5–1% per tx | Custodial | Days, light KYB | <€200K/month |
| Operator-grade commission | CoinGate, Triple-A, Coinbox | 1–2% per tx | Custodial | 2–4 weeks, full KYB | €200K–€500K/month |
| SaaS / flat-fee | Specialist providers (GetBanked-introduced) | €2K–€10K/month flat | Self-custodial | 4–6 weeks, deep KYB + tech DD | >€500K/month |
The consumer-grade tier is genuinely fast to integrate but classifies iGaming as a restricted vertical and reserves the right to freeze accounts on suspicious activity. The operator-grade tier is built for regulated gambling, supports higher transaction sizes, and offers fiat settlement to EMI or bank accounts. The SaaS tier is structurally different — you own the wallet stack and the provider rents you the infrastructure.
Not every provider supports every chain or asset. The table below maps typical coverage. Specific provider support shifts month to month; verify with each shortlisted vendor before committing.
| Asset / chain | Consumer commission | Operator commission | SaaS flat-fee |
|---|---|---|---|
| BTC | Yes | Yes | Yes |
| ETH (L1) | Yes | Yes | Yes |
| ETH L2 (Arbitrum, Optimism, Base) | Partial | Yes | Yes |
| USDT (ERC-20) | Yes | Yes | Yes |
| USDT (TRC-20) | Partial | Yes | Yes |
| USDC | Yes | Yes | Yes |
| Solana / SOL | Partial | Partial | Yes |
| Polygon / MATIC | Partial | Yes | Yes |
| Stablecoins on Solana / Polygon | Rare | Partial | Yes |
| Lightning Network (BTC) | Rare | Rare | Selective |
For iGaming specifically, USDT on TRON dominates player deposits because of low fees and fast confirmation. USDC is gaining share with players who care about issuer transparency. Native BTC and ETH remain culturally important but increasingly route through stablecoins for actual gameplay.
Migrating from commission rails to SaaS infrastructure is not a one-evening integration. The realistic path runs through eight stages.
Pull the last 6 months of crypto deposit and withdrawal volume, broken down by chain and asset. Calculate the rolling 90-day average and the trend. If you're under €200K/month and not growing fast, SaaS won't pay back in any reasonable horizon — stay on commission rails.
Build the spreadsheet using your real numbers. Plug in the commission rate you actually pay (check your processor invoices, not the website headline) and the SaaS quote from a shortlist of providers. Include FX spread, network fees, and any compliance surcharges on the commission side.
Apply to two or three SaaS providers in parallel. Expect each to want full corporate documents, UBO packs, gambling-licence detail, MLRO contact, source-of-funds on treasury, and a technical questionnaire covering your cashier, KYC vendor, and existing custody arrangement. This stage typically takes 4–6 weeks.
Decide your hot wallet / cold wallet split per chain. Industry practice is 5–15% in hot wallets for day-to-day flow, 85–95% in cold storage. Document the signing policy, threshold-signature scheme if you're using one, and the disaster-recovery procedure.
Integrate the deposit and withdrawal endpoints into your cashier. Most SaaS providers expose REST and webhook patterns; some offer SDKs. Build the reconciliation layer that maps on-chain confirmations to your player ledger.
Configure deposit screening thresholds, sanctions list integration, and the on-chain analytics rule pack. Set the risk score cut-offs that auto-block versus those that flag for manual MLRO review. Document the rules — your regulator will ask.
Run SaaS in parallel with the existing commission rail on a small fraction of player traffic (5–10%) for two to four weeks. Watch for failed deposits, withdrawal delays, reconciliation drift, and player support tickets. When the error rate is acceptable, ramp gradually to 100%.
Wind down the commission rail. Settle outstanding balances, export historical data, and close the merchant account. Keep records per your gambling licence requirements (typically 5+ years).
Crypto payment integration is not regulator-free. The compliance frame for an iGaming operator running crypto deposits in 2026 includes at least four distinct regimes.
The Markets in Crypto-Assets regulation came into full force in December 2024. If you take custody of player crypto balances anywhere in the EU, you likely need a CASP licence — Crypto-Asset Service Provider authorisation under MiCA. The bar is meaningful: paid-up capital, governance requirements, capital adequacy, segregation of client assets, and ongoing reporting to the national competent authority. The European Banking Authority publishes technical standards at eba.europa.eu.
The SaaS model partially sidesteps custody risk because you can run self-custodial wallets where the player effectively controls the deposit address until confirmation, but the moment your operator pools funds, you are providing custody and need authorisation. Read the crypto business banking and VASP guide for the wider regulatory picture.
The FATF Travel Rule requires originator and beneficiary information to travel with crypto transfers above a threshold (€1,000 in the EU under the Transfer of Funds Regulation, USD 3,000 in the US) between VASPs. As an iGaming operator taking crypto deposits, you are a beneficiary VASP. Your counter-party VASP must share originator data, and you must store it.
SaaS providers bundle Travel Rule tooling — Sumsub, Notabene, VerifyVASP, or Shyft are the common integrations. Commission processors handle it on your behalf because they custody, but you inherit any breach risk if their compliance fails.
In the UK, the FCA registers crypto-asset firms providing custody, exchange, or arranging services. If you operate in the UK and custody player crypto, registration is mandatory. The Financial Conduct Authority publishes the regime at fca.org.uk. Note this is registration for AML purposes, not full authorisation — the FCA has signalled a fuller regulatory regime is coming.
In the United States, FinCEN treats most crypto payment processors as Money Services Businesses — MSB registration is federal, money-transmission licensing is state-by-state. Details at fincen.gov. For most non-US iGaming operators this is moot because you don't accept US players, but if your processor is US-organised the chain runs back to you.
Running crypto deposits at scale requires day-to-day operational discipline that commission processors largely handle for you. Under the SaaS model you own this.
The standard practice is 5–15% of working capital in hot wallets to cover immediate withdrawal demand, 85–95% in cold wallets under multi-signature or threshold-signature schemes. Some operators run a "warm" middle tier in MPC custody for hourly rebalancing. The exact split should be modelled against your daily withdrawal P95 — never your average.
Match on-chain confirmations against your fiat books every business day, even if you settle in crypto. Drift creeps in through network reorganisations, decimal precision errors in the cashier integration, or stuck transactions. Catching a €500 reconciliation gap on day one is easy. Catching a €50,000 gap that compounded over a month is a forensic accounting project.
On-chain analytics through Chainalysis, Elliptic, or TRM Labs is no longer optional for any regulated iGaming operator taking crypto. Every deposit address gets risk-scored on receipt. Sanctioned-address exposure, mixer proximity, darknet-market history, and exchange routing patterns generate the score. Cut-offs and manual review thresholds should be documented in your AML policy and signed off by the MLRO.
Most iGaming licences require KYC re-verification when deposits cumulatively cross thresholds — typically €2,000 or €5,000 in a rolling period. Crypto deposits count. Your cashier must trigger re-verification on the right counter and your SaaS provider must pause withdrawals until verification clears. This sits firmly within wider iGaming banking requirements.
Crypto deposits surface compliance questions fiat deposits don't.
Source of funds for crypto deposits is established through on-chain provenance, not bank statements. Chain analytics flag mixer exposure (Tornado Cash, Wasabi historic CoinJoin output), darknet-market lineage, and OFAC sanctions list exposure. The OFAC SDN list now includes specific wallet addresses, not just persons — and any deposit that touched a sanctioned address creates regulatory exposure regardless of how many hops back.
Suspicious activity patterns specific to crypto include:
Each of these is a SAR trigger and should be wired into your MLRO review queue. The AML compliance for online gambling article goes deeper.
Sanctions screening runs against OFAC, EU consolidated sanctions, UK OFSI, UN sanctions, and the address-level lists published by Chainalysis and TRM Labs. Screening on receipt is not enough — re-screen periodically because list updates can flag a previously clean wallet.
The decision boils down to volume and trajectory.
GetBanked maintains direct introductions to several SaaS-model crypto payment providers and can help operators model the breakeven, navigate the 4–6 week KYB onboarding, and integrate the technical stack. Most operators we work with at €500K+ monthly crypto volume save between €30,000 and €150,000 a year on rail costs alone. The introduction is part of a wider conversation about acquiring, treasury, and banking — see the iGaming acquirer guide and iGaming treasury management for adjacent context.
At roughly €560,000 monthly crypto volume against a 1% commission rate, and at €280,000 against a 2% rate. Below that the percentage rail is cheaper. Above it, every additional euro of volume saves you money. The crossover depends on your specific commission rate, FX spread, and the all-in SaaS quote — model it with real numbers, not website rate cards.
If you custody player crypto balances in the EU, almost certainly yes — a CASP authorisation under MiCA. The bar includes paid-up capital, governance, segregation of client assets, and ongoing reporting. The self-custodial SaaS model can reduce custody footprint but does not eliminate it once funds pool at the operator level. Speak to specialist counsel; the regime is jurisdiction-specific within the EU.
For a €5,000/month SaaS fee plus €15,000 amortised onboarding against 1% commissions: roughly €560,000/month. Against 1.5% commissions: €375,000/month. Against 2%: €280,000/month. These are indicative — your numbers will move with the actual SaaS quote and any volume tiers.
Yes, and many iGaming operators do. USDT on TRON and USDC on Solana or Polygon dominate player deposit volume because of low fees, fast confirmation, and price stability. Some operators offer only stablecoins and skip native BTC/ETH entirely. Be aware that issuer risk is real — USDC froze addresses in 2022 under OFAC pressure, and Tether has done the same. Your operator-level risk policy should account for issuer freezes.
Through a Travel Rule provider — Sumsub, Notabene, VerifyVASP, or Shyft are the major integrations. The originating VASP (the exchange the player withdrew from) shares originator data with your VASP (or your SaaS provider acting as such). You store this data alongside the deposit record. Above the threshold (€1,000 EU, USD 3,000 US) data exchange is mandatory; below, it's good practice. FATF sets the standard at fatf-gafi.org.
It depends on what you're optimising for. Self-custody removes counter-party risk — you can't lose funds because your processor went bankrupt or got frozen. It adds operational risk — you can lose funds because of a key-management failure on your side. The right answer for most regulated operators above €500K/month volume is self-custodial with institutional-grade key management (MPC, threshold signatures, hardware modules), audited by a third party. Custodial is fine at smaller volume where the simplicity is worth more than the counter-party exposure.
[!cta]
Submit a free pre-approval in 2 minutes. We respond within 24 hours.
Submit a free pre-approval in 2 minutes. We respond within 24 hours with a realistic outcome.
Get Free Pre-Approval