Cookies on the Gambling Commission website

The Gambling Commission website uses cookies to make the site work better for you. Some of these cookies are essential to how the site functions and others are optional. Optional cookies help us remember your settings, measure your use of the site and personalise how we communicate with you. Any data collected is anonymised and we do not set optional cookies unless you consent.

Set cookie preferences

You've accepted all cookies. You can change your cookie settings at any time.

Skip to main content


The prevention of money laundering and combating the financing of terrorism

Gambling Commission guidance for remote and non-remote casinos: Fifth edition (Revision 3).

  1. Contents
  2. Part 2 - Risk-based approach
  3. 4 - Dynamic risk management

4 - Dynamic risk management

A money laundering or terrorist financing risk assessment is not a one-off exercise. Casino operators must therefore ensure that their policies, procedures and controls for managing money laundering and terrorist financing risks, including the detection of criminal spend, are kept under regular review.


For example, industry innovation may expose operators to new risks and an appropriate assessment of the risk is recommended before implementing any new product, system, control, process or improvement.36

Casino operators need to continually identify, assess and manage risks

This should be done just like any other business risk. They should assess the level of risk in the context of how their business is structured and operated, and the controls in place to minimise the risks posed to their business by money launderers and terrorist financers, including those engaged in criminal spend. The risk-based approach means that casino operators focus their resources on the areas which represent the greatest risk. The benefits of this approach include a more efficient and effective use of resources, minimising compliance costs and the flexibility to respond to new risks as money laundering and terrorist financing methods change.

There is a specific requirement in the Regulations that, when new products, business practices or technology are adopted by casino operators, appropriate measures are taken in preparation for, and during, the adoption of such products, business practices or technology to assess and, if necessary, mitigate any money laundering or terrorist financing risks the new product, business practice or technology may cause.37

Proliferation financing risk assessment

Casino operators must also compile a proliferation financing risk assessment (see section '2 - Identifying and assessing the risks' within this guidance). This risk assessment must take into account the following:

  • the size and nature of its business
  • information in the report by Treasury referred to in Regulation 16A (the proliferation financing risk assessment).

The risk assessment must also take into account risk factors relating to:

  • its customers
  • the countries or geographic areas in which it operates
  • its products or services
  • its transactions
  • its delivery channels.38

It is recommended that casino operators follow the same approach and methodology as that used for the money laundering and terrorist financing risk assessment discussed in the preceding paragraphs.


36 In relation to specific requirements for the adoption of new products, business practices or technology.
37 Regulation 19(4)(c).
38 Regulation 18A.

Previous section
Risk assessments
Is this page useful?
Back to top