Cookies on the Gambling Commission website

The Gambling Commission website uses cookies to make the site work better for you. Some of these cookies are essential to how the site functions and others are optional. Optional cookies help us remember your settings, measure your use of the site and personalise how we communicate with you. Any data collected is anonymised and we do not set optional cookies unless you consent.

Set cookie preferences

You've accepted all cookies. You can change your cookie settings at any time.

Skip to main content
  1. Home
  2. About us
  3. Raising Standards for consumers - Compliance and Enforcement report 2019 to 2020

Report

Raising Standards for consumers - Compliance and Enforcement report 2019 to 2020

The Gambling Commission's report on Compliance and Enforcement action 2019 to 2020

Published
6 November 2020

Last updated
4 March 2023 - Changes

Document actions
Print or save

  1. Contents
  2. 4 - Anti-money laundering and counter terrorist financing

4 - Anti-money laundering and counter terrorist financing

Work to ensure gambling stays free from crime and the proceeds of criminal finance continues to be a major area of concern for the Commission. Significant and substantial assessment continued for both land- based and online gambling businesses, including money service businesses activities offered by the casino sector.

Compliance activity and enforcement cases continue to show that some licensees’ money laundering (ML) and terrorist financing (TF) risk assessments, and policies, procedures and controls are not fit for purpose.

We expect licensees to comply fully with the terms of their licence as relevant to anti-money laundering (AML) and counter terrorist financing (CTF). Casino licensees must additionally comply with the requirements of The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (the Regulations), and pay close regard to the various guidance documents we publish which are available on the AML section of the Commission’s website. We provide regular updates on AML and CTF matters on our website and through industry newsletters.

There continues to be a lack of understanding of how to conduct a robust and appropriate risk assessment for the prevention of money laundering (ML) and terrorist financing (TF) for gambling businesses.

Areas where operators fall down often include:

  • Insufficient depth of knowledge demonstrated by Personal Management Licence holders which has led to concerns as to competency and integrity.
  • Operators adopting a ‘one size fits all’ approach to their Risk Assessment when it should be tailored to the specific ML and TF risks pertinent to their business
  • Failure to adequately demonstrate their Risk Assessment has due regard to the Commission’s Risk Assessment and that they are keeping up to date with fluctuating standards in alternative jurisdictions whilst rigorously meeting GB legislation and standards.
  • Where the over-arching Risk Assessment is deficient, this can naturally lead to ineffective policies, procedures and controls.
  • Operators and PML holders failing to learn lessons from the Commission’s compliance and enforcement activity.
  • Failure to provide regular, quality training to staff including Money Laundering Reporting Officers and Nominated Officers and possess sufficient ‘Know Your Employee’ data.
  • Demonstrating a static and ineffective approach to customer risk profiling and enhanced customer due diligence when it should be dynamic and capable of identifying both current and developing risks.

We are encouraged to see positive examples where some operators have more closely integrated their VIP management teams with their AML and CTF teams. Integrating social responsibility and the prevention of financial crime, which are frequently co-dependent issues, is a positive and encouraging improvement and we encourage other operators to consider embedding this approach into their existing practices. We have also been encouraged by significant investment by some operators in systems and techniques to profile customers. AML and CTF are areas where collaboration and evaluation of what works could be shared between operators to reap additional benefit for themselves and consumers.

Our notable enforcement cases

Case studies:

Further failures at land-based casinos which resulted in Commission action include:

  • Failures to carry out effective source of funds checks, including on one customer who was allowed to drop approximately £3,500,000 and lose £1,600,000 over three months.
  • Failure to obtain adequate source of funds evidence for a politically exposed person (PEP) who lost £795,000 over 13 months.
  • Failure to carry out enhanced customer due diligence on a customer who lost £240,000 over 13 months.
  • A customer whose stated profession was a waitress who was allowed to buy in for £87,000 and lose £15,000 over 12 months.

Online licensees’ compliance and enforcement activity revealed:

  • A customer who had been the subject of 18 risk and fraud team reviews being permitted to deposit more than £494,000 over 17 months. The customer was subsequently convicted of fraud.
  • An operator failing to independently verify source of funds information originating from the customer and relying on only open source checks and representations by the VIP manager. The customer was able to deposit more than £8,000,000 in 4 years until the account was ultimately closed following police contact.
  • An unemployed customer depositing £1,600,000 and losing in excess of £700,000 over three years. The operator failed to conduct independent checks and relied upon open source information and unverified information from the customer
  • A customer being permitted to deposit over £1,000,000 and lose more than £270,000 despite their level of activity and spend not being supported by their stated income, their use of a business bank account, providing an address different to that linked to either bank account and the identified use of pay day loans.

Good practice

During the year we published advice to operators through public statements. You should consider the following to ensure you are complying with the terms of your licence:

  • Is risk being ‘owned’ at an appropriately senior level within your business, and are conflicts of interest avoided? If a casino business, do you have a Senior Manager or a Board Director who has oversight of AML and CTF compliance? Have you notified the Commission who this is? Do you inform the Commission of changes to those positions within 14 days?

  • Are you confident commercial considerations do not outweigh your regulatory responsibilities and compliance with the conditions of your licence?

  • Is your money laundering and terrorist financing risk assessment appropriate to your business? Have you taken into account the Commission’s Money Laundering and Terrorist Financing Risk Assessment, and the high-risk factors detailed in our guidance?

  • Have you ensured you have clear, up to date, and fit for purpose AML and CTF policies, procedures and controls available to all who require guidance within your business?

  • Have you reviewed your risk assessment, and policies, procedures and controls in accordance with your licence requirements?

  • Have you ensured your policies, procedures and controls have been informed by our most up to date Commission guidance for AML and CTF? Are you assuming if you comply with the AML and CTF requirements of an overseas regulator that you are in compliance with the Commission’s requirements?

  • Are your policies, procedures and controls informed by the risks identified in your business’s money laundering and terrorist financing risk assessment? Are they revised when the risks change? Are they revised when the Commission publishes information on emerging risks or revises its guidance?

  • Are your systems and controls appropriate for your business? Do you regularly assess the adequacy of your systems and controls and their effectiveness in mitigating your business’s identified money laundering and terrorist financing risks?

  • Do you ‘Know Your Customer’ (KYC) and are you gaining a complete picture of the customer’s source of funds, particularly in relation to VIP customers and PEPs (casinos only)? Are you critically assessing assurances you receive as to your customer’s source of funds? Are your procedures triggered at an appropriate stage of the relationship with the customer?

  • Do you require customers to provide their occupation upon registration and then profiling their income for affordability? Are you considering whether a declared occupation poses an increased risk of money laundering or terrorist financing?

  • Are your customer risk profiles informed by your money laundering and terrorist financing risk assessment, or are they treated as separate exercises with a disconnection between the risk assessment and risk profiles? Is your ongoing monitoring of customers sufficiently risk sensitive and timely?

  • Are you placing an over-reliance on monetary thresholds for customers’ risk triggers and ignoring other risk factors, such as source of funds, affordability and jurisdictional risk? Are you sufficiently curious about your customers source of funds and, if a Politically Exposed Person (PEPs), their source of wealth (casinos only)?

  • Is the level of customer due diligence (CDD) you conduct on specific customers informed by their risk profile? Do you scrutinise transactions to ensure they are consistent with the customer’s risk profile?

  • When conducting enhanced customer due diligence (ECDD) upon your customers (casinos only), are you being sufficiently curious about their source of funds, jurisdictional risk, product choice, and payment method and channel used, and considering what that means to your business and how it increase ML and TF risks?

  • Have you allocated sufficient resources to AML and CTF compliance within your business? Do you have an identified Nominated Officer (casino only) and/or Money Laundering Reporting Officers (MLRO)? Does your business give adequate resources to the NO and/or MLRO to undertake their specific legal duties sufficiently?

  • Do you have an accessible policy for employees setting out the role of the NO and/or MLRO within your business, and how employees can submit internal reports of suspicion of ML and TF to the NO and/or MLRO, including what employees should or should not do following such an internal report?

  • Are you regularly training employees about their AML and CTF responsibilities? Are you retaining records of AML and CTF training for future scrutiny? Are emerging risks, lessons learned from enforcement action and known risks provided to employees, to ensure that their knowledge is current for ML and TF risks?

  • Are you supporting your nominated officer with the appropriate resources and training, and do they have the authority to operate objectively and independently?

  • Is your approach based on a framework to mitigate risk? Once an internal money laundering alert has been raised, do you have in place procedures to ensure the alert is properly reviewed in a timely manner? Are decisions appropriately recorded, retained and available for scrutiny?

  • Have you ensured your staff have, and continue to receive, adequate training on AML and CTF matters, including how to recognise and deal with unusual transactions, account behaviour and other activities which may indicate money laundering or terrorist financing activity?

  • Are you making records of customer interactions and transactions where necessary? Are you making records of your decisions as a MLRO and/or a NO in respect of customers, and decisions to report or not to report suspicions to the United Kingdom Financial Intelligence Unit?

  • Do you have sufficient oversight of third-party partner’s compliance with your licence conditions when promoting gambling facilities on your behalf? Are customer interactions and source of funds records being maintained? Are third-party employees acting contrary to your licence conditions and exceeding the terms and conditions of the service agreed with them?

Previous section
Customer Interaction and Social Responsibility failings Next section
Personal Management Licence Reviews
Is this page useful?
Back to top