Guidance
The 2023 money laundering and terrorist financing risks within the British gambling industry
The Gambling Commission's money laundering and terrorist financing risk assessment for the British gambling industry in 2023.
2 - Stages of the money laundering and terrorism financing risk assessment
The risk assessment is completed in the following stages: identification, assessment and evaluation, and management.
Identification
In this stage, known or suspected threats and vulnerabilities are used to identify emerging risks and previously unidentified risks relating to money laundering and terrorist financing to the specific sectors within the gambling industry. Risks identified in this paper were gathered from a variety of sources, including:
- the industry
- research led by in-house qualified professionals
- findings from reported data
- intelligence
- licensing
- compliance and enforcement casework
- media sources
- government
- regulatory partners
- law enforcement agencies
- Financial Action Task Force (FATF).
Our identification of risk extends to both domestic and international evidence and best practice.
Assessment and evaluation
In this stage, an assessment of the likelihood and impact of those risks occurring is conducted, considering controls and consequences.
The methodology uses an approach that can be represented as likelihood × impact = risk rating. This is conducted using the Commission’s Money Laundering and Terrorist Financing Risk Assessment Matrix (ML/TF RAM).
In addition to considering risk in the context of individual licensees, we consider systemic risk in the context of the collective actions or vulnerabilities in sectors, thematic indicators or the wider industry.
A moderation process, including reviews by qualified professionals, is utilised to evaluate the scores allocated to each risk, its likelihood of occurring and the impact should this occur.
Management
The management process is conducted through reviewing The Gambling Commission's money laundering and terrorist financing risk assessment: 2020 and reporting on the current status of the risks previously identified. Each of the risks have been assessed using information sources as referred to above in the assessment section. New risks identified during the time parameter of this report, and previously identified risks have been assessed using consistent methodology.
Application of Approach
The application of relevant concepts in this assessment are set out as follows.
Risk – risk is considered to be the potential that an event, action, or series of events or actions will have an adverse effect on the Money Laundering and Terrorist Financing and Transfer of Funds (Information on the Payer) 2017 (the Regulations), Proceeds of Crime Act (POCA), The Terrorism Act 2002 (TACT), the Gambling Commission Act 2005 (the Act) licensing objectives or the Licence Condition of Codes of Practice (LCCP).
Threats – threats can manifest through the intentional ‘washing’ of criminal funds, through criminal spending or terrorist financing. They can relate to people seeking control of gambling businesses for illegal purposes or responsible people recklessly or unwittingly facilitating money laundering or terrorist financing through their failures to discharge their responsibilities effectively.
Vulnerabilities – the Commission has grouped the relevant factors that are assessed as vulnerabilities into five categories:
- licensee controls and vulnerabilities, including the levels of awareness and compliance with Money Laundering Regulations, POCA, TACT, Money Service Business (MSBs) (where applicable) LCCP and Commission guidance and public learning
- licensing and integrity related vulnerabilities
- customer-related vulnerabilities
- geographic vulnerabilities
- product-related vulnerabilities
- means of payment related vulnerabilities.
Controls – the assessment of vulnerabilities requires assessment of the effectiveness of the controls in place. The absence of, or ineffectual application of controls would indicate a high level of vulnerability. The Commission considers controls to include:
- ongoing employee training
- the design, application and review of policies, procedures and controls
- the monitoring of their effectiveness
- licensees acting upon identified threats and vulnerabilities to reduce the likelihood of money laundering and terrorist financing risks materialising.
Controls are primarily the responsibility of the licensees but may also include actions taken by the Commission through its licensing, compliance or enforcement actions and its supervisory authority role.
Consequences – this is a high-level commentary of what the Commission is seeing, to support the risk assessment produced by Commission specialists. It references information and evidence which depicts what is arising from the vulnerabilities in question.
Likelihood – in assessing the likelihood of a threat materialising, the Commission may also consider:
- the volume, variety (from different gambling activities) and the speed of monetary transactions
- the levels of suspicious activity report (SAR) submissions by licensees to the UK Financial Intelligence Unit (UKFIU)
- the complexity of products and services present within each sector
- the sectors global connectivity
- instances reported to the Commission.
Impact – the impact is assessed to be the extent at which the risk materialising will influence the licensing objectives and the general interest of consumers. It also allows the Commission (as a supervisory authority) to:
- assess, review and monitor the effectiveness of the regulatory framework in place to minimise ML/TF in the British gambling market and provides evidence and information
- enable its approach to be adapted to the highest risks being posed by organised criminal gangs or individual perpetrators of money laundering and terrorism financing.
Introduction to Methodology Next section
Gambling Commission’s risk assessment matrix (ML/TF RAM)
Last updated: 30 November 2023
Show updates to this content
No changes to show.