Emerging money laundering and terrorist financing risks from June 2022
24 June 2022
Our latest emerging risks update looks at the money laundering risks associated with operators failing to comply with data protection requests, under the Data Protection Act 2018 (DPA) (opens in new tab), from law enforcement, the addition of Gibraltar to the Financial Action Task Force’s (FATF) ‘grey list’ and common operator failings, including other general risk areas.
Failure to comply with DPA requests
The Commission has come across instances of operators failing to comply with DPA requests from law enforcement. This includes instances where customer accounts have been closed by operators following a DPA request from the police.
Operators are reminded that such actions can significantly hinder any police investigations and can lead to a potential breach of sections 342 and 333A of the Proceeds of Crime Act 2002 (opens in new tab) under the offences of ‘prejudicing an investigation’ and ‘tipping off’.
Such a breach is a criminal offence with a maximum imprisonment term of 5 years for the ‘prejudicing an investigation’ offence and a maximum imprisonment term of 2 years for the ‘tipping off’ offence.
Operators must carefully consider their actions upon receipt of a DPA request from law enforcement, consider the consequences of their actions and liaise with the law enforcement agency.
Further information can be found in Paragraphs 8.87 to 8.89 of the Gambling Commission’s prevention of money laundering and combating the financing of terrorism guidance.
Updated FATF ‘grey list’
Gibraltar has been added to the list of jurisdictions that are under an increased level of monitoring by the Financial Action Task Force (FATF). Such jurisdictions are placed on the FATF’s ‘grey list' due to strategic deficiencies in their regimes to counter money laundering, terrorist financing and proliferation financing. The current list of jurisdictions is as follows:
- Burkina Faso
- Cayman Islands
- South Sudan
- United Arab Emirates
Malta has been removed from the FATF's 'grey list'.
Operators are reminded to conduct robust due diligence checks in any business and customer relationships which are associated to the above jurisdictions in order to mitigate the risk of money laundering and terrorist financing, including proliferation financing.
Common operator failings
Ongoing regulatory action against operators has shown the following failings, which carry significant money laundering risks. These include failures to:
- establish and maintain policies, controls and procedures to mitigate and effectively manage the risks of money laundering and terrorist financing identified in a risk assessment
- establish and maintain appropriate risk-sensitive policies and procedures
- appropriately scrutinise transactions throughout customer business relationships and obtain Source Of Funds (SOF) evidence in accordance with the customer’s risk profile
- establish and maintain adequate customer due diligence measures, including, but not restricted to, scrutiny of transactions undertaken throughout the course of the business relationship (including, where necessary, the SOF) to ensure that the transactions were consistent with their knowledge of the customer, the customer’s business and risk profile.
Further information on regulatory action the Commission has undertaken can be found on our public statements page.
The Commission is also reminding operators of ongoing, significant risks that they should be vigilant against. This includes risks associated with money services businesses, the acceptance of e-wallet payments from customers and the risk of ‘mule accounts’.
For further information on these risk areas and how to mitigate the chance of such risks from occurring, please refer to our money laundering and terrorist financing risks assessment of the gambling industry.Previous page
Emerging money laundering and terrorist financing risks Next page
Emerging money laundering and terrorist financing risks from February 2022
Last updated: 30 May 2023
Show updates to this content
Following an audit corrected link formatting issues only.