The prevention of money laundering and combating the financing of terrorism
2.23 Product risk includes the consideration of the vulnerabilities associated with the particular products offered by the casino operator. In non-remote casinos there are a number of gambling opportunities that offer the potential for a money launderer to place funds and generate a winning cheque or similar with minimal play. These are more fully discussed in paragraph 2.22, and include the use of cash and casino deposit accounts, and the redemption of chips. Also, a number of gambling activities take place in remote and non-remote casinos where customers effectively play against each other. This offers the money launderer a means to transfer value by deliberately losing to the individual to whom they want to transfer the funds.
2.24 Products which may pose a money laundering risk for the casino operator therefore include:
- peer to peer gaming
- gaming where two or more persons place opposite, equivalent stakes on even, or close to even, stakes (for example, the same stake on red and on black in a game of roulette, including electronic roulette)
- gaming machines, which can be used to launder stained or fraudulent bank notes.
2.25 The risk categories or factors described above are not intended to be prescriptive or comprehensive. They will not apply universally to all casino operators and, even when they are present, there may be different risk outcomes for different operators and premises, depending upon a host of other factors. However, the factors are intended as a guide to help casino operators conduct their own risk assessments, and to devise AML/CTF policies, procedures and controls which accurately and proportionately reflect those assessments.
2.26 The weight given to the risk factors used by the casino operator in assessing the overall risk of money laundering and terrorist financing, both individually or in combination, may vary from one operator or premises to another, depending on their respective circumstances. Consequently, casino operators also must make their own determination as to the weight given to risk factors.
2.27 Risk levels may be impacted by a number of variables, which will also have an impact on the preventative measures necessary to tackle the risks in a proportionate manner. These variables include:
- whether the casino operator’s business model is focused on:
- attracting a large number of customers who gamble relatively small amounts
- attracting a small number of customers who gamble relatively large amounts
- speed and volume of business
- for non-remote casinos, the size of the premises
- the customer profile, for example whether:
- the majority of customers are regular visitors or are members
- the casino relies on passing trade, including tourists or those who are part of junkets (for non-remote casinos)
- for non-remote casinos, whether the casino has VIP rooms or other facilities for high rollers
- types of financial services offered to customers
- types of customer payments and payment methods
- types of gambling products offered
- the customers’ gambling habits
- staffing levels, and staff experience and turnover
- the type and effectiveness of existing gambling supervision measures and mechanisms
- whether the casino operator:
- owns or manages other non-remote and remote casinos
- offers different types of gambling
- has other internet gambling websites
- whether the casino is standalone or integrated with other leisure facilities
- whether the casino operator is based in one country or has a gambling presence in multiple countries.
- whether the casino is standalone or integrated with other leisure facilities
2.28 Deciding that a customer presents a higher risk of money laundering or terrorist financing does not automatically mean that the person is a criminal, money launderer or terrorist financer. Similarly, identifying a customer as presenting a low risk of money laundering or terrorist financing does not mean that the customer is definitely not laundering money or engaging in criminal spend. Employees therefore need to remain vigilant and use their experience and common sense in applying the casino operator’s risk-based criteria and rules, seeking guidance from their nominated officer as appropriate.
2.29 Many customers carry a lower money laundering or terrorist financing risk. These might include customers who are regularly employed or who have a regular source of income from a known source which supports the activity being undertaken (this applies equally to pensioners, benefit recipients, or to those whose income originates from their partner’s employment or income).
2.30 Conversely, many customers carry a higher risk of money laundering. These may include known criminals, customers who are not regularly employed or who do not have a regular source of income from a known source which supports the level of activity being undertaken, or problem gamblers.
2.31 Where a customer is assessed as presenting higher risk, additional information in respect of that customer should be collected. This will help the casino operator judge whether the higher risk that the customer is perceived to present is likely to materialise, and provide grounds for proportionate and recorded decisions. Such additional information should include an understanding of where the customer’s funds and wealth have come from. While the Commission recognises that some relationships with customers will be transient or temporary in nature, casino operators still need to give consideration to this issue.
2.32 If casinos adopt the threshold approach to CDD, part of the risk-based approach will involve making decisions about whether or when verification should take place electronically. Casino operators must determine the extent of their CDD measures, over and above the minimum requirements, on a risk-sensitive basis depending on the risk posed by the customer and their level of gambling.
2.33 In order to be able to detect customer activity that may be suspicious, it is necessary to monitor all transactions or activity (Regulation 8). The monitoring of customer activity should be carried out using the risk-based approach. Higher risk customers should be subjected to a frequency and depth of scrutiny greater than may be appropriate for lower risk customers. Casino operators should be aware that the level of risk attributed to customers may not correspond to their commercial value to the business.
2.34 Casino operators are best placed to identify and mitigate risks involved in their business activity. A crucial element of this is to have systems and controls to identify and link player activity, and for senior management to oversee risk management and determine whether their policies, procedures and controls are effective in design and application. Reliance on third parties to conduct risk assessment and management functions does not relieve the operator of its responsibility to assess and manage its own risks. Third party services should not be used in isolation or relied upon solely, and casino operators should be satisfied that the information supplied by the third party is sufficiently detailed, reliable and accurate.
2.35 There is a risk that customers will place and layer criminal proceeds through gambling transactions. We recommend that one way of mitigating this risk is to link the pay out of winnings with the means by which a customer pays for gambling transactions. We acknowledge that this will not eliminate the risk, but returning winnings in the same form, for example in cash or back to the same bank account, limits the opportunity for a money launderer to layer the proceeds of criminal activity. Where it is not feasible to return funds to the source or in the same form, casino operators should have controls in place to manage the risk of money laundering or terrorist financing occurring in these circumstances.
Next chapter: Examples