he online gambling industry is booming with its gross value expected to exceed $160 billion by 2026, according to Global Market Insights. This level of growth and the increased number of individuals signing up to play, unfortunately, means that it’s at risk of financial crime.
Each gaming regulator and licensing authority regulates the industry that falls under their remit. Operators must be as sure as they can that they aren't vulnerable to money laundering and the threat of terrorism financing. As such, they are expected to meet a range of local and international AML regulations. These vary from country to country and where the target market is based.
In this article, we take a deeper look at the general AML regulations that cover the online gambling industry.
How do they do it?
The most common way that criminals use the online gambling industry to ‘clean’ money is by depositing a large sum into a betting account, making many small bets, and then withdrawing everything that is left. Some even make multiple accounts and deposit smaller amounts in each and repeat the process. This makes it even harder for operators and authorities to detect.
Every industry carries a risk of money laundering and financial crime. One of the best ways to begin tackling the issue is through a risk-based approach. For any AML approach to be successful, the operator must first identify and understand the risks, and then implement policies to combat them. These policies include Know Your Customer (KYC) and Customer Due Diligence (CDD) processes that should be conducted periodically throughout the relationship based on the risk assessed.
CDD and KYC for iGaming operators
Regardless of the jurisdiction that the gaming company is licensed in, operators are required to conduct customer due diligence and know your customer processes based on various factors including customer ID assessment and assessing the risk their customer would pose. Part of this is the collation and collection of customer information as per the relevant KYC requirements. There may also be the obligation that this information is updated periodically, or on a case-by-case basis depending on the activity of the account.
Not only must a passport or government-issued ID be verified but the operator must also check whether they are a PEP, appear on any sanction lists, and/or have adverse media relating to them. Often this can be done via software tailored for the operator's use. As per regulatory guidelines, individuals in any of those categories are ‘high-risk’ customers and should be subject to further checks and monitoring, or refused service.
Suspicious activity monitoring
In addition to checks undertaken at the initial identification stage and additional checks on a periodic or random basis, the operator is also required to monitor transactions. For example, transactions over a certain amount of money should be flagged, as should regular smaller transactions. Likewise, behaviour such as making a deposit, then a few small bets, then emptying the account should also draw attention. Operators need to keep their eyes open for patterns of deposit, betting, and withdrawal behaviour that could suggest the site is being used to clean illicit funds.
As the financial crime risk increases in the online gambling industry, regulators have raced to stay on top of things. By updating legislation, they hope to protect players, operators and the reputation of their industry. Penalties for failing to adhere to AML regulations include fines and administrative penalties on the operator, as well as possible revocation of license and even criminal charges. Of course, this depends on the individual situation and how often the issue has occurred. Global figures for AML penalties levied against online gambling companies run into hundreds of millions of dollars.
But it’s not just the rules of local regulators that operators have to abide by. There are some international and regional directives and frameworks that must be taken into account and adhered to.
Firstly, the Financial Action Task Force (FATF) has a list of 92 recommendations which are considered the gold standard of international anti-money laundering and terrorist financing processes. They provide a risk-based approach for sectors typically exposed to the risk of financial crime, including online gambling.
The EU also has its own set of rules known as the Money Laundering Directives which are currently in their 6th edition. These frameworks layout requirements for laws that must be transposed into national law by each Member State by a certain date. Each edition of the Directive provides updates that respond to the evolution of threats throughout the bloc. If you are operating in an EU Member State such as Malta, you will be bound by the national laws and the EU Directives.
A burden on operators?
To operators, especially startups or a smaller business, this may seem like a very heavy regulatory burden. Drafting policies and processes, hiring teams to oversee and manage the process, conducting ongoing monitoring, and ensuring full compliance with local and international requirements is not a small task. And of course, failure to comply can result in extremely serious consequences for the business and owners.
One of the easiest and most effective ways to manage the risk of money laundering and terrorist financing in an online gambling business is to partner with a service provider who has experience in this field. Fast Offshore can assist with risk assessment, policy and process drafting, compliance with local and international regulators, and even audits to assess your adherence to the rules.