The FIAU and MGA have published a joint consultation document on the application of AML/CFT requirements to remote gaming licencees. The purpose of this document is to provide a general explanation of the main AML/CFT obligations and a general outline of how licensees will be expected to comply with these obligations. This document will serve as the basis for a more detailed sector-specific guidance document that will be issued at a later stage following due consultation with the remote gaming sector.
The key points to note at this stage of the consultation relate to the following:
1. Business Risk Assessment: the FIAU and MGA are presently not considering applying any derogation from the requirement to carry out business specific risk assessments for the gaming sector, which is possible in terms of article 8(2) of the Fourth Anti-Money Laundering Directive. Licensees will therefore be required to carry out a business risk assessment to identify the ML/FT risks they are exposed to and ensure that the measures, policies, controls and procedures adopted are sufficiently robust to prevent and mitigate the same. The business risk assessment has to be documented and approved by the Board of Directors (or equivalent) of the licensee, and made available upon request. To this effect, the consultation document includes an appendix which is intended to assist licensees in performing their assessment as to the level of risk posed by games, funding methods, and channels used. Although the rating provided in the appendix is indicative, and not necessarily mandatory, any wide deviation therefrom would necessitate an explanation.
2. Business relationships and occasional transactions: A licensee will be considered as a subject person whenever it is providing services to a customer so that he may wage a stake with monetary value in a game of chance, including those with an element of skill. In the event that the licensees carry out occasional transactions, the obligation to carry out CDD will be dependent on the value of the said transaction reaching or exceeding €2,000. Licensees would find themselves subject to the said obligation also in the case where they execute a series of linked transactions which, though individually below €2,000 threshold, when taken cumulatively meet or exceed the said threshold.
3. Syndicates: Where licensees provide their services and products to syndicates funding one or more players, the funds would typically be collected from multiple persons who will share in any winnings, the particular transaction will not only be considered as having been undertaken on behalf of the customer but also on behalf of those other persons providing the necessary funding. The persons are to be considered as beneficial owners and licensees are therefore required to identify and verify their identity.
4. Simplified due diligence: When approached to open an account, the licensee is to carry out a customer risk assessment. To the extent that it does not result from the customer risk assessment to be carried out that the business relationship presents a high risk of ML/FT, or that the customer is a PEP or linked to one, the business relationship can be deemed a low risk one and the licensee will be able to apply SDD. Thus, in these circumstances the licensee may limit itself to carrying out identification and a level of on-going monitoring and delay carrying out the other CDD measures up until certain events happen or thresholds are met (as set out in point 2 above). Thus, it will not be necessary to verify the customer’s identity nor to collect information on the source of wealth at the outset of the relationship.
5. Source of wealth information: Where from the risk assessment the licensee concludes that the customer presents a low, medium or high level of ML/FT risk, the licensee will have to carry out SDD, CDD or EDD accordingly. In all cases, the licensee will have to gather information on the source of wealth and, in fulfilling this requirement, licensees should obtain sufficient information even from the customer himself in relation to the activities through which he generates his wealth and which will allow him to fund transactions carried out in the course of the business relationship. At this point it will be sufficient if the licensee obtains detailed information on the source of wealth from the customer himself. Where the risk assessment leads the licensee to consider a customer as high risk, the licensee is required to apply EDD measures and, in such circumstances, licensees will have to obtain more specific information and supporting documentation (e.g. it will not be sufficient for the licensee to be told that the source of wealth is the result of the customer’s income derived from his employment but it will be necessary for the licensee to obtain copies of the employment contract, statements of earnings, and other supporting documents as relevant). The extent of the information and documentation to be collected cannot be pre-set but has to be appreciated on a case-by-case basis and until the licensee can be said to have any questions answered or doubts dispelled.
6. Other: The other sections of the consultation document include reference to reliance and outsourcing, as well as the reporting of suspicious transactions.
The consultation period closes on 11 August 2017 and the full consultation document can be accessed here.