Cookies on the Gambling Commission website

The Gambling Commission website uses cookies to make the site work better for you. Some of these cookies are essential to how the site functions and others are optional. Optional cookies help us remember your settings, measure your use of the site and personalise how we communicate with you. Any data collected is anonymised and we do not set optional cookies unless you consent.

Set cookie preferences

You've accepted all cookies. You can change your cookie settings at any time.

Skip to main content


Raising Standards for consumers - Compliance and Enforcement report 2020 to 2021

The Gambling Commission's report on Compliance and Enforcement action 2020 to 2021. Archived: Report represents information and guidance valid at the time of publication.

AML health-check good practices

Due diligence measures:

Having robust KYC/CDD and EDD measures in place to monitor customer activity. This includes not basing AML and customer interaction triggers on financial thresholds only. A range of risk factors should be considered by the operator when conducting due diligence checks such as customer, transactional and product risk. Operators should also satisfy themselves as to a full range of risks to which they may be exposed. For example, carrying out local or open-source information checks such as press reports may be useful.

Review and update of ML/TF risk assessments:

Reviewing and updating the ML/TF risk assessment in the light of any changes of circumstances, including the introduction of new products or technology, new methods of payment by customers, changes in the customer demographic or any other material changes, and in any event reviewed at least annually. Operators’ policies, procedures and controls should then be updated accordingly based on any changes to the ML/TF risk assessment.

Commission guidance:

Take account of Commission issued guidance in order to formulate and develop a ML/TF risk assessment. This risk assessment should then be used to develop and implement policies, procedures, and controls.

ML/TF risk assessment methodology:

Operators are required to have a clear risk assessment methodology in place. The casino and non-casino anti-money laundering guidance requires operators to consider:

…the nature, sources, likelihood, impact and consequences of the identified risks or risk factors – assign a relative value or importance to each risk or risk factor.

The Commission’s current Risk Assessment of the gambling industry assesses the risk of ML and TF in terms of ‘likelihood’ and ‘impact.’

High financial thresholds:

The casino and non-casino anti-money laundering guidance states that, ‘…there is no minimum financial threshold for the management and reporting of known or suspected money laundering or terrorist financing activity.’ One casino operator was found to have only carried out CDD checks once a customer deposited £5k in 24 hours. By having high financial thresholds in place, operators run the risk of falling foul of the requirements under the LCCP, The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (opens in new tab), the Proceeds of Crime Act 2002 (opens in new tab), the Terrorism Act 2000 (opens in new tab), and the Gambling Act 2005 (opens in new tab). ML triggers must be reviewed to ensure they are fit for purpose, aligned to the licensees specific business risks and include rigorous checks on individuals at the appropriate points.

Staff supervision:

Do you have adequate supervision of table gaming and gaming machines to minimise the risk of ML, criminal lifestyle spend, cheating and collusion?

Casino sector:

Casinos face several enhanced legal responsibilities under the Regulations (as they are part of the financial regulated sector). These include having policies, procedures and controls that must detail:

  • risk management practices
  • internal controls
  • customer due diligence (CDD) monitoring and ongoing monitoring, including enhanced measures for high-risk customers
  • reliance and record keeping
  • monitoring and management of compliance with, and the internal communication of, such policies, procedures, and controls.

Please refer to our casino guidance for further information that casinos are required to include in their policies, procedures, and controls

Nominated Officer:

Casinos must appoint a member of the firm as their Nominated Officer, as well as a member of the board of directors (or equivalent) as their officer responsible for compliance with the Regulations.

Regulation 21 require that casino businesses:

  • appoint one individual who is a member of the board of directors (or if there is no board, of its equivalent management body) or of its senior management as the officer responsible for compliance of relevant persons with these Regulations
  • establish an independent audit function with the responsibility to examine and evaluate the adequacy and effectiveness of the policies, controls and procedures adopted by the casino
  • appoint a Nominated Officer with the requisite skills, knowledge, and expertise to fulfil the role
  • conduct screening of any individuals appointed by the relevant person both before and during their appointment
  • inform the supervisory body of the appointee and any subsequent appointments.

Where the nominated officer has received a disclosure, that officer must consider it in the light of any relevant information which is available to the relevant person and determine whether it gives rise to knowledge or suspicion or reasonable grounds for knowledge or suspicion that a person is engaged in money laundering or terrorist financing.

Previous section
Guidance and lessons learned
Is this page useful?
Back to top