Guidance
The prevention of money laundering and combating the financing of terrorism
Gambling Commission guidance for remote and non-remote casinos: Fifth edition (Revision 3).
4 - Dynamic risk management
A money laundering or terrorist financing risk assessment is not a one-off exercise. Casino operators must therefore ensure that their policies, procedures and controls for managing money laundering and terrorist financing risks, including the detection of criminal spend, are kept under regular review.
Example
For example, industry innovation may expose operators to new risks and an appropriate assessment of the risk is recommended before implementing any new product, system, control, process or improvement.36
Casino operators need to continually identify, assess and manage risks
This should be done just like any other business risk. They should assess the level of risk in the context of how their business is structured and operated, and the controls in place to minimise the risks posed to their business by money launderers and terrorist financers, including those engaged in criminal spend. The risk-based approach means that casino operators focus their resources on the areas which represent the greatest risk. The benefits of this approach include a more efficient and effective use of resources, minimising compliance costs and the flexibility to respond to new risks as money laundering and terrorist financing methods change.
There is a specific requirement in the Regulations that, when new products, business practices or technology are adopted by casino operators, appropriate measures are taken in preparation for, and during, the adoption of such products, business practices or technology to assess and, if necessary, mitigate any money laundering or terrorist financing risks the new product, business practice or technology may cause.37
Proliferation financing risk assessment
Casino operators must also compile a proliferation financing risk assessment (see section '2 - Identifying and assessing the risks' within this guidance). This risk assessment must take into account the following:
- the size and nature of its business
- information in the report by Treasury referred to in Regulation 16A (the proliferation financing risk assessment).
The risk assessment must also take into account risk factors relating to:
- its customers
- the countries or geographic areas in which it operates
- its products or services
- its transactions
- its delivery channels.38
It is recommended that casino operators follow the same approach and methodology as that used for the money laundering and terrorist financing risk assessment discussed in the preceding paragraphs.
References
36 In relation to specific requirements for the adoption of new products, business practices or technology.
37 Regulation 19(4)(c).
38 Regulation 18A.
Risk assessments
Last updated: 30 May 2023
Show updates to this content
Updated in line with version 3 of the guidance. References to 'proliferation financing' added.