The Gambling Commission website uses cookies to make the site work better for you. Some of these cookies are essential to how the site functions and others are optional. Optional cookies help us remember your settings, measure your use of the site and personalise how we communicate with you. Any data collected is anonymised and we do not set optional cookies unless you consent.

Set cookie preferences

You've accepted all cookies. You can change your cookie settings at any time.

Skip to main content

Guidance

The prevention of money laundering and combating the financing of terrorism

Guidance for remote and non-remote casinos: fifth edition

  1. Contents
  2. Part 6 - Customer due diligence
  3. 11 - Electronic verification

11 - Electronic verification

Increasingly casinos use reliable electronic systems to help with verification. Some of these systems also have the advantage of assisting with the identification of PEPs. The amount of electronic information available about individuals will vary, depending on the extent of their electronic 'footprint'.

Electronic data sources can provide a wide range of confirmatory material without necessarily requiring the customer to produce documents. Electronic sources can be a convenient method of verification. They can be used either as the sole method of verification, or in combination with traditional document checks, on a risk basis.

For an electronic check to provide satisfactory evidence of identity on its own it must:

  • use data from multiple sources, aacross time, and
  • incorporate qualitative checks that assess the strength of the information supplied.

An electronic check that accesses data from a single source, for example, a single check against the electoral roll is not enough on its own to verify identity.

Where such sources are used for a credit check, the customer’s permission is required under the Data Protection Act 2018 (the Data Protection Act) (opens in a new tab). Credit checks can provide inexpensive information on which to assess a customer’s access to funds and to obtain a credit profile to match against spending patterns. For example, a criminal spending large amounts of criminal property would most likely not match their credit profile. A search for identity verification for AML and CTF purposes, however, leaves a different footprint on the customer’s electronic record, and the customer’s permission is not required, but they must be informed that this check is to take place. There are systems available that give typical financial and lifestyle profiles of people in a given postcode. Such systems do not amount to a credit check and do not require the use of personal information, but can provide helpful indicators of someone’s expected financial profile.

Some external electronic databases are accessible directly by casinos, but it is more likely they will be purchased from an independent third-party organisation. The size of the electronic 'footprint' in relation to the depth, breadth and quality of data, and the degree of corroboration of the data supplied by the customer may provide a useful basis for an assessment of the degree of confidence in the product.

A number of commercial agencies which access many data sources are accessible online by casino operators and may provide a composite and comprehensive level of electronic verification through a single interface. Such agencies use databases of both positive and negative information, and many also access high-risk alerts that utilise specific data sources to identify high-risk conditions, for example, known identity frauds or inclusion on a sanctions list.

Positive and negative information

Positive information relating to full name, current address and date of birth can prove that an individual exists, but some can offer a higher degree of confidence than others. Such information should include data from more robust sources. This may be a source that requires an individual to prove their identity, or address, in some way in order to be included, as opposed to one where no such proof is required.

Negative information includes, but is not limited to:

  • consideration of lists of known fraudulent individuals
  • lists of known fraudulent identity documents
  • lists of persons associated with known fraudulent identity documents
  • lists of persons utilising documents made or obtained with fraudulent identity documents
  • registers of deceased persons
  • registers of PEPs
  • lists of sanctioned persons
  • information sources for current fraudulent trends or activity.

Checking against such information may be appropriate where other factors suggest an increased risk of impersonation fraud.

Previous section
Identification and verification
Next section
Criteria for use of an electronic verification provider
Is this page useful?
Back to top