Cookies on the Gambling Commission website

The Gambling Commission website uses cookies to make the site work better for you. Some of these cookies are essential to how the site functions and others are optional. Optional cookies help us remember your settings, measure your use of the site and personalise how we communicate with you. Any data collected is anonymised and we do not set optional cookies unless you consent.

Set cookie preferences

You've accepted all cookies. You can change your cookie settings at any time.

Skip to main content

Guidance

The prevention of money laundering and combating the financing of terrorism

Gambling Commission guidance for remote and non-remote casinos: Fifth edition (Revision 3).

  1. Contents
  2. Part 6 - Customer due diligence
  3. 17 - Requirements to cease transactions or terminate relationship

17 - Requirements to cease transactions or terminate relationship

Where a casino operator is unable to apply the required CDD measures in relation to a particular customer, the operator:

  • must not carry out a transaction with or for the customer through a bank account
  • must not establish a business relationship or carry out a transaction with the customer other than through a bank account
  • must terminate any existing business relationship with the customer
  • must consider whether they are required to make a report, or a further report, to the NCA.137

Where the casino operator is required not to carry out a transaction with or for a customer through a bank account, this does not prevent money deposited in a customer's gambling account being repaid to the customer, provided that, where the operator is required to make a report to the NCA, the operator has a defence (appropriate consent) under POCA, or consent under the Terrorism Act (opens in a new tab), to the transaction.138

Casinos must therefore have clear policies in place on how they will manage situations where they are unable to apply the CDD measures.

Requirements for remote casinos

Where remote casino operators are unable to complete or apply the required CDD measures139 in relation to a particular customer at the point the CDD threshold for transactions140 is reached, and are accordingly required to cease transactions or terminate the business relationship with the customer,141 they should adopt the following procedure:

  • at the point where the threshold is reached, remote casino operators should put all funds owed to the customer into an account (or equivalent) from which no withdrawals can be made
  • further deposits can be made to that account as long as they are also locked into it until CDD is completed
  • bets can be made from the account, again providing any winnings are locked until CDD is completed
  • once CDD is completed, the account can be unlocked and business continue as normal
  • if CDD cannot be completed, then the operator must proceed in line with regulation 31(1)(c) and terminate the existing business relationship with the customer
  • if funds are to be repaid, then the amount repaid should consist of all funds owed to the customer at the point that the threshold was reached, plus all deposits made at that point and thereafter
  • funds should be refunded back to the originating account, and there should be appropriate risk mitigation. Where it is suspected that the funds are the proceeds of crime, remote casino operators should submit SARs or seek a defence (appropriate consent) before refunding any of the funds
  • if the refund is to be completed back to another account (whether partially or completely), a risk assessment must be done that should take into account information such as: multiple destinations – is the customer requesting that the money be sent to several bank accounts? High-risk destination – is the customer requesting that the money be returned to a country where there is a significant money laundering or terrorist financing concern? Above €2,000 – is the amount above the threshold for CDD?
  • there should be appropriate risk mitigation
  • where it is known or suspected that the funds are the proceeds of crime, remote casino operators should submit SARs or seek a defence (appropriate consent) before refunding any of the funds
  • there should be ongoing monitoring of the account and, if necessary, reporting of findings via relevant fraud monitoring services in the public and private sector.

The customer should be made fully aware of the procedures adopted by the remote casino operator when they first register with the operator so that there is no misunderstanding at a later stage.

References

137 Regulation 31.
138 Regulation 31(2).
139 These measures are discussed in customer due diligence measures
140 See customer due diligence requirements
141 In accordance with regulation 31(1).

Previous section
Reliance
Next section
List of persons subject to financial restrictions
Is this page useful?
Back to top