Cookies on the Gambling Commission website

The Gambling Commission website uses cookies to make the site work better for you. Some of these cookies are essential to how the site functions and others are optional. Optional cookies help us remember your settings, measure your use of the site and personalise how we communicate with you. Any data collected is anonymised and we do not set optional cookies unless you consent.

Set cookie preferences

You've accepted all cookies. You can change your cookie settings at any time.

Skip to main content


The prevention of money laundering and combating the financing of terrorism

Gambling Commission guidance for remote and non-remote casinos: Fifth edition (Revision 3).

  1. Contents
  2. Part 6 - Customer due diligence
  3. 3 - Customer due diligence requirements

3 - Customer due diligence requirements

Casino operators must apply CDD measures if they:

Regardless of whether they have established a business relationship with the customer, suspect money laundering or terrorist financing, or doubt the veracity or adequacy of documents or information previously obtained for the purposes of identification or verification, casino operators must also apply CDD measures in relation to any transaction that amounts to €2,000 or more, whether the transaction is executed in a single operation or in several operations which appear to be linked.78.

'Transaction' consists of:

The wagering of a stake, including:

  • the purchase from, or exchange with, the casino of tokens for use in gambling at the casino
  • payment for the use of gaming machines
  • the deposit of funds required to take part in remote gambling, or
  • the collection of winnings, including the withdrawal of funds deposited to take part in remote gambling or winnings arising from the staking of such funds.79

In determining whether a transaction amounts to €2,000 or more, casino operators do not need to take account of winnings from a previous transaction which had not been collected from the casino, gaming machine or remote gambling, but are being re-used in the transaction in question.80 This means that casino operators do not need to include restaked winnings (so called 'recycled winnings', 'turnover' or 'churn') when determining whether a customer has reached the €2,000 threshold.

Casino operators must also apply CDD measures:

  • at other appropriate times to existing customers on a risk-based approach
  • when the operator becomes aware that the circumstances of an existing customer relevant to its risk assessment for that customer have changed.81

In determining when it is appropriate to apply CDD measures to existing customers, casino operators must take into account the following, among other things:

  • any indication that the identity of the customer, or of the customer’s beneficial owner, has changed
  • any transactions which are not reasonably consistent with the operator’s knowledge of the customer
  • any change in the purpose or intended nature of the operator’s relationship with the customer
  • any other matter which could affect the operator’s assessment of the money laundering or terrorist financing risk in relation to the customer.82


76In this context, 'transfer of funds' means any transaction at least partially carried out by electronic means on behalf of a payer through a payment service provider, with a view to making funds available to a payee through a payment service provider, irrespective of whether the payer and the payee are the same person and irrespective of whether the payment service provider of the payer and that of the payee are one and the same, including: (a) a credit transfer as defined in point (1) of Article 2 of Regulation (EU) No 260/2012; (b) a direct debit as defined in point (2) of Article 2 of Regulation (EU) No 260/2012; (c) a money remittance as defined in point (13) of Article 4 of Directive 2007/64/EC, whether national or cross border; (d) a transfer carried out using a payment card, an electronic money instrument, or a mobile phone, or any other digital or IT prepaid or postpaid device with similar characteristics.
77Regulation 27(1).
78Regulation 27(5).
79Regulation 27(6).
80Regulation 27(7).
81Regulation 27(8).
82Regulation 27(9).

Previous section
Risk-based customer due diligence and risk profiling
Next section
Customer due diligence measures
Is this page useful?
Back to top