The Gambling Commission website uses cookies to make the site work better for you. Some of these cookies are essential to how the site functions and others are optional. Optional cookies help us remember your settings, measure your use of the site and personalise how we communicate with you. Any data collected is anonymised and we do not set optional cookies unless you consent.

Set cookie preferences

You've accepted all cookies. You can change your cookie settings at any time.

Skip to main content

White Hat Gaming Ltd Public Statement

Our public statements make reference to breaches of the Licence Conditions and Codes of Practice (LCCP) requirements which were in effect at the time of the breach. In some cases, the requirements have since been updated.

Key failings

Anti-Money Laundering:

Safer Gambling:

Operators are expected to consider the issues here and review their own practices to identify and implement improvements in respect of the management of customers.


  • Licensed gambling operators have a legal duty to ensure that their gambling facilities are being provided in compliance with The Gambling Act 2005 (opens in new tab) (the Act), the conditions of their licence and in accordance with the licensing objectives, namely to:
  • prevent gambling from being a source of crime or disorder, being associated with crime or disorder or being used to support crime
  • ensure that gambling is conducted in a fair and open way
  • protect children and other vulnerable people from being harmed or exploited by gambling.

White Hat Gaming Ltd Executive Summary

This case concerns White Hat Gaming Ltd (White Hat Gaming) which holds a combined remote operating licence.

The Commission investigated White Hat Gaming’s handling of seven customers’ accounts, following concerns identified at a compliance assessment (referred to as a corporate evaluation) in March 2019.

Our investigation identified failings in the way White Hat Gaming identified and managed customers who were at higher risk of money laundering and problem gambling. These failings stemmed from inadequate anti-money laundering (AML) and safer gambling policies and processes.

On 16 January 2020 we gave White Hat Gaming notice that we were commencing a review of its operating licence.

That review revealed that White Hat Gaming breached two conditions of its operating licence.

White Hat Gaming cooperated with our enquiries throughout the course of the investigation and has accepted that its policies and procedures in respect of AML and safer gambling were not adequate. It has accepted it failed to act in accordance with conditions on its operating licence between October 2016 and March 2019.

In line with our Statement of principles of licensing and regulation, White Hat Gaming will pay a payment in lieu of financial penalty of £1,334,053.18. It will also pay Commission costs of £9,816.63.

White Hat Gaming Ltd Findings

Failure to identify problem gambling behaviour

Social responsibility code provision (SRCP) 3.4.1

Social responsibility code 3.4.1 states that ‘Licensees must put into effect policies and procedures for customer interaction where they have concerns that a customer’s behaviour may indicate problem gambling. The policies must include …

  • specific provision for making use of all relevant sources of information to ensure effective decision making, and to guide and deliver effective customer interactions, including in particular:
  • provision to identify at risk customers who may not be displaying obvious signs of, or overt behaviour associated with, problem gambling: this should be by reference to indicators such as time or money spent.
  • specific provision in relation to customers designated by the licensee as ‘high value’, ‘VIP’ or equivalent.…

Our investigation identified weaknesses in White Hat Gaming’s safer gambling controls and found it had failed to put into effect policies and procedures for customer interaction with specific provision for making use of all relevant sources of information to ensure effective decision making and to guide effective customer interactions, contrary to SRCP 3.4.1 paragraph 1.e.

Examples of social responsibility failings include:

  • Customer A started gambling with White Hat Gaming in October 2018 and within three months had lost approximately £70,000. When the customer met an internal trigger White Hat Gaming created a customer intelligence report which eventually indicated the consumer had an apparently successful previous career and owned an expensive property without a mortgage. However, source of funds (SOF) were not identified and the customer’s account was not immediately locked. White Hat Gaming prioritised creating a customer intelligence report rather than intervening immediately; a decision it has accepted was incorrect.
  • Customer B had a short period of gambling and lost approximately £2,000 in early 2018. This initial period involved a customer interaction triggered by the amount deposited. Ten days later the customer recommenced gambling and lost £50,000 in approximately six hours before self-excluding. The customer received four interactions in total, however we found the total lost by the customer demonstrated the interactions were not delivered effectively in accordance with the social responsibility code.
  • Customer C opened his account in January 2019 and on the same day lost £85,500 in 1 hour 25 minutes. This customer received four interactions advising them of the amounts deposited and one higher level interaction with additional safer gambling messaging. White Hat Gaming locked the account on the same day. However, we found the total lost by the customer demonstrated the interactions were not delivered effectively in accordance the social responsibility code.

Failure to have in place appropriate AML controls

Licence condition 12.1.1 relates to the Prevention of Money Laundering and Terrorist Financing

Licence condition 12.1.1(2) requires:

following completion of and having regard to the risk assessment and any review of the assessment, licensees must ensure they have appropriate policies, procedures and controls to prevent money laundering and terrorist financing.

Licence condition 12.1.1(3) requires:

licensees must ensure that such policies, procedures and controls are implemented effectively, kept under review, revised appropriately to ensure that they remain effective, and take into account any applicable learning or guidelines published by the Commission from time to time.

White Hat Gaming has accepted that it was in breach of this licence condition as its policies, procedures and controls to prevent money laundering were not appropriate or implemented effectively.

During our investigations, we identified customers who were able to gamble significant sums of money without adequate EDD and SOF checks being conducted.

The Commission examined the following customer accounts:

  • Customer D lost approximately £70,000 between March 2017 and January 2019. White Hat Gaming acknowledged that its limited knowledge about the customer’s SOF meant the customer should not have been allowed to continue gambling until a full customer intelligence report, which would involve considering information regarding the customer’s SOF, had been completed
  • Customer E lost £55,000 between May 2017 and March 2019. In response to a period of increased gambling, White Hat Gaming completed a report and, nearly a month later, requested evidence from the customer regarding the source of the funds. The customer provided bank statements, including a statement showing a deposit of £30,000. The customer provided an explanation that the deposit was as a result of a win at a named land-based casino. White Hat Gaming provided representations that a risk based approach was taken, though accepted that the actual trace of funds was not explicitly evident. The Commission found White Hat Gaming failed to sufficiently scrutinise the source of the £30,000 deposit because it did not request additional information to corroborate the explanation.

Licence condition 12.1.2

Licence condition 12.1.2 requires:

Licensees to put into place and implement the measures described in Parts 2 and 3 of the Money Laundering Regulations 2007 (superseded by the 2017 Regulations), insofar as they relate to casinos.

The Commission’s investigation identified weaknesses in White Hat Gaming’s AML controls and found breaches of the measures described in the MLR 2007 and MLR 2017, which it has accepted. This was because:

It failed to keep full records of the evidence and supporting documents it considered as part of its customer due diligence checks and business relationship with the customer contrary to Regulation 19 of the 2007 Regulations It failed to adequately apply customer due diligence (CDD) including SOF checks and enhanced CDD contrary to regulations 19 and 28 of the 2017 Regulations.

White Hat Gaming Ltd Actions taken by White Hat Gaming

In addition to accepting these failings, White Hat Gaming has committed to an ongoing programme of improvements to strengthen its policies and procedures, including, but not limited to, the following specific remedial action:

  • Introduction of backstop limits (commonly known as a handbrake limit): the automated prevention of a customer spending further money where a trigger is met until AML and SR checks are completed.
  • Ongoing improvements to the gathering and use of information to conduct affordability checks, leading to an increase in customer interactions focused on safer gambling and SOF.
  • Enhanced meeting minute and regular quality assurance reviews of anti-money laundering controls and processes.
  • Enhanced scrutiny processes implemented to provide full traceability of SOF.

White Hat Gaming Ltd Regulatory Settlement

This regulatory settlement consists of:

  • £1,334,053.18 payment in lieu of a financial penalty, which will be directed towards delivering the National Strategy to Reduce Gambling Harms
  • Agreement to the publication of a statement of the facts in relation to this case
  • Payment of £9818.63 towards the Commission’s costs of investigating the case.

In considering an appropriate resolution to this investigation, the Commission has had regard to the following aggravating and mitigating factors:

Aggravating factors

  • There were repeated breaches of licence conditions as a result of the historical weakness of internal controls and procedures.
  • The breaches gave rise to financial gain for the licensee and had an impact on consumers.
  • The Licensee should have been aware of the breaches.
  • Many of the breaches were serious and had an impact on the licensing objectives.

Mitigating factors

  • There was timely co-operation with the investigation undertaken by the Commission and no attempt to conceal the extent of the breaches.
  • There is no evidence the breaches were committed intentionally.
  • An ongoing programme of remedial action was commenced in response to the breaches being brought to the Licensee’s attention.
  • The Licensee has shown insight into the seriousness of the breaches.
Is this page useful?
Back to top