Written by Andrew Tait
UK Government Treasury published its draft Money Laundering Regulations 2017 on 15 March 2017. This draft factored in the outcome of a National AML Risk Assessment which sought to identify areas of high risk across the multitude of Regulated Industries subject to the 4AMLD. This determination between high and low risk is key as it allows national regulators to exempt low risk elements from the ambit of the 4AMLD. The draft is open to further consultation and comments with a deadline of 12 April 2017. Following this final stage, the 4AMLD will be transposed into UK law by 26 June 2017.
The 4AMLD dictates that providers of high risk products and services must adhere to minimum standards of customer and third party due diligence, ongoing monitoring and record keeping. Plus they must ensure that they have systems and processes in place to detect, report and mitigate against instances of potential money laundering and terrorist financing. This ecosystem of detection and reporting must be based on their own unique assessment of the risks in their particular business, taking into account their customer base, the type of transactions they take part in, their geographical spread and other such relevant factors.
The aim is to enable providers to identify potential AML risks themselves, which although commendable, will undoubtedly take a significant toll on resources and operating costs. It is also likely to hamper the providers’ ability to handle certain types of high risk customers and transactions, thereby hitting their revenue streams as well.
So on the face of it it’s good news that the Treasury held that only providers of casinos services were deemed to be high risk. Retail sportsbooks in particular will be relieved, given the logistical nightmare of having to conduct customer due diligence and tracking, a huge obstacle for pure land-based businesses.
It is also somewhat of a surprise that the majority of other EU states such as Germany who have completed their national risk assessments, deemed all gambling sectors except Slot halls, lotteries and on-course tote betting as being in the high risk category. This is in line with European Commission guidance which views lotteries, bingo and some slot machines as low risk. For instance Gibraltar has treated all forms of remote gambling as being subject to enhanced due diligence and monitoring since 2010. Their proposed new AML code strengthens this even further by extending due diligence and monitoring obligations to B2B suppliers involved in the user experience (e.g. Poker Network platforms).
There is no time for complacency, as the UK Gambling Commission can of course exceed the minimum requirements of current and future money laundering regulations based upon its own assessment of risk. Indeed, virtually all forms of gambling are already subject to strict AML rules under their Licensing Conditions and Codes of Practice (“LCCP”) which aims to enforce one of the three licensing objectives and pillars of the Gambling Commission, namely to keep crime out of gambling.
In particular the UK GC’s November 2016 advice to operators (excluding casinos) on their AML and prevention of terrorism financing responsibilities under the under the Proceeds of Crime Act 2002 (“POCA”), sets out in detail the expected level of compliance in this area. When compared to the UKGC advice just for the casino sector, there is not much to separate them. Both will need to carry out comprehensive AML Risk Assessments, appoint a suitably qualified and senior nominated officer, carry out due diligence on new customers and ongoing monitoring using a risk based approach, etc. In fact some of the main differences centre round the requirement for casinos to ensure that all new customers give their name, address and date of birth details before they proceed to deposit and gamble. These registration details will then need to be verified against official documentation or reliable (mainly electronic) data sources on or soon after they hit €2000 in stakes (remote) or purchased casino chips (land based) in any 24 hour period or in linked transactions. These same customers will then need to be monitored against perceived AML risk indicators, whereas non-casino operators’ obligation to monitor is only triggered once customers appear to pose an AML risk.
The requirement for carrying out an AML Risk Assessment has been a compulsory requirement under the LCCP since 31 October 2016 across all gambling sectors. Specific guidance has been given by the UK GC which if followed properly will involve a major review of an operator’s customers base, risk platform and escalation procedures, reliance on third party verification systems and a myriad of other factors. Once completed the AML Risk Assessment will give risk profiles for a multitude of scenarios, against which the operator will need to match a corresponding and appropriate level of control.
The fact that the UKGC has such stringent existing AML measures was instrumental in the decision to exclude other gambling sectors from the high risk category. Indeed in a recent workshop the UKGC stated that they would have been happy to exclude all forms of gambling from the money laundering regulations due to their own strict requirements more than covering this area. This coupled with the active enforcement measures taken by the UKGC against operators who exhibit AML failings, makes it clear that even stronger measures would be taken against breaches of LCCP, using license reviews and high fines rather than the more conciliatory voluntary settlements of the past.
To conclude, the seemingly favourable treatment of the UK Treasury to the gambling sector is not all it seems. Many in the industry feel that there was no real need to increase AML measures in this industry over and beyond what is already there. It is only a matter a time before the UK GC will be reviewing operators’ AML Risk Assessments, starting with casinos and working downwards.
Gordon Dadds is uniquely set up to assist in 4AMLD compliance by:
- Completing your AML Risk Assessment using our own industry proven methodology
- Update all your AML policies & procedures to tie into your risk assessment
- Due diligence of 3rd parties involved in the AML flow
- AML training Program
- Auditing system & annual review of risk assessment
We also collaborate with best-of-breed third party providers who provide AML complimentary solutions including automated AML verification services and ad-hoc in-depth monitoring, with the overall aim of keeping costs and internal resources low whilst meeting all regulatory requirements.
If you would like to receive more free articles and legal updates on this and similar topics please email email@example.com with the subject line ‘AXT: Free Subscription’.
Contact the Author
I have over 20 years of experience in betting & gaming, regulation & compliance, intellectual property and commercial contracts. Prior to joining Gordon Dadds regulatory solutions team in 2017, I was General Counsel & Chief Compliance Offer at Mansion Group for 10 years. My key specialisms are gambling law and regulation, compliance, governance and risk management, AML policies and procedures, IT contracts and technology licensing, entertainment and media contracts and copyright licensing, sports sponsorship agreements, ecommerce and internet law. I am a member of IMGL (International Masters of Gaming Law), GBGA (Gibraltar Betting & Gaming Association) and ICA (International Compliance Association).