The prevention of money laundering and combating the financing of terrorism
Gambling Commission guidance for remote and non-remote casinos: Fifth edition (Revision 3).
16 - Reliance
A casino operator may rely on certain third parties to apply the required CDD measures, however, the operator remains liable for any failure to apply such measures.130
The third parties which may be relied on are:
- other persons who are subject to the requirements of the Regulations (financial institutions, credit institutions, auditors, insolvency practitioners, external accountants, tax advisers, independent legal professionals, trust or company service providers, estate agents, high value dealers, and other casinos)
- persons who carry on business in a third country who are subject to requirements in relation to CDD and record keeping which are equivalent to those in the Directive, and are supervised for compliance with those requirements.131
A casino operator may not rely on a third party established in a high risk third country.132
When a casino operator relies on a third party to apply CDD measures
- immediately obtain from the third party all the information needed to satisfy the requirements for the identification and verification of the customer, any beneficial owner and any person acting on behalf of the customer
- have an arrangement with the third party that enables the operator to obtain from the third party immediately on request copies of any identification and verification data and other relevant documentation on the identity of the customer, beneficial owner or any person acting on behalf of the customer
- require the third party to retain copies of such data and documents for a period of five years beginning on the date that the business relationship with the customer ended.133
A casino operator will be treated as having complied with the requirements listed previously:
- if the operator is relying on information provided by a third party which is a member of the same group as the operator (for example, in the case of group companies with overseas casinos)
- if that group applies CDD measures, rules on record keeping and programmes against money laundering and terrorist financing in accordance with the Regulations, the Directive or rules having equivalent effect
- the effective implementation of these requirements is supervised at group level by an authority of an EEA state with responsibility for implementation of the Directive or by an equivalent authority of a third country.134
A casino operator is permitted to apply CDD measures by means of an agent or an outsourcing service provider, provided that the arrangements between the operator and the agent or service provider make clear that the operator remains liable for any failure to apply the CDD measures.135
In this context, an outsourcing service provider is a person who performs a process, service or activity on behalf of the casino operator and is not an employee of the operator.136
We recommend also refering to our information on the purpose of this guidance which highlights the need for operators to consider the risks posed by third parties they contract with.
130 Regulation 39(1).
131 Regulation 39(3).
132 Regulation 39(4) and 33(3).
133 Regulation 39(2).
134 Regulation 39(6).
135 Regulation 39(7).
136 Regulation 39(8).
Simplified customer due diligence Next section
Requirements to cease transactions or terminate relationship
Last updated: 30 May 2023
Show updates to this content
Updated in line with version 3 of the guidance. References to 'proliferation financing' added.