Skip to main content

The prevention of money laundering and combating the financing of terrorism

Risk-based approach

Introduction

2.1 The Regulations impose compulsory requirements and a breach can constitute a criminal offence (Regulation 86.). However, within this legal framework of requirements, casinos have flexibility to devise policies, procedures and controls which best suit their assessment of the money laundering and terrorist financing risks faced by their business. The Regulations require the identification and assessment of money laundering and terrorist financing risks, and the establishment and maintenance of proportionate policies, procedures and controls to mitigate and manage effectively the risks identified. (Regulations 18 and 19.)

2.2 Operators are already expected to manage their operations with regard to the risks posed to the licensing objectives in the Act, and measure the effectiveness of the policies, procedures and controls they have put in place to manage the risks to the licensing objectives. The approach to managing the risks of the operator being used for money laundering or terrorist financing is consistent with the regulatory requirements. 

2.3 Most operators manage their commercial or business risks and measure the effectiveness of the policies, procedures and controls they have put in place to manage those risks. A similar approach is appropriate to managing the operator’s regulatory risks, including money laundering and terrorist financing risks. Existing risk management systems should, therefore, address the regulatory and money laundering terrorist financing risks, or a separate system should be in place for that purpose. The detail and complexity of these systems will depend on the operator’s size and the complexity of their business.

2.4 The risk-based approach involves a number of discrete steps in assessing the most proportionate way to manage and mitigate the money laundering and terrorist financing risks faced by the operator. These steps require the operator to:

  • identify the money laundering and terrorist financing risks that are relevant to the operator
  • design and implement appropriate policies, procedures and controls to manage and mitigate these assessed risks
  • monitor and improve the effective operation of these controls
  • record what has been done, and why.

2.5 The possibility of gambling facilities being used by criminals to assist in money laundering or terrorist financing poses many risks for casino operators. These include criminal and regulatory sanctions for operators and their employees, civil action against the operator and damage to the reputation of the operator, leading to a potential loss of business.

2.6 Casino operators can offset any burden of taking a risk-based approach with the benefits of having a realistic assessment of the threat of the operator being misused in connection with money laundering or terrorist financing. It focuses the effort where it is most needed and will have most impact. It is not a blanket one size fits all approach, and therefore operators have a degree of flexibility in their methods of compliance.

2.7 A risk-based approach requires the full commitment and support of senior management, and the active co-operation of all employees. It should be part of the casino operator’s philosophy and be reflected in the operator’s policies, procedures and controls. There needs to be a clear communication of the policies, procedures and controls to all employees, along with robust mechanisms to ensure that they are carried out effectively, weaknesses are identified, and improvements are made wherever necessary. Where the casino operator forms part of a larger group of companies, there needs to be sufficient senior management oversight of the management of risk.

Next chapter: Identifying and assessing the risks