Online casino companies and their senior management have faced widespread action from the gambling regulator, as part of an ongoing investigation into the way the industry combats problem gambling and money laundering.

Nearly £14m in penalty packages will be paid by three companies as result of their failings to put in place effective safeguards to prevent money laundering and keep consumers safe from gambling-related harm. Following licence reviews, the Commission has ordered Daub Alderney to pay a financial penalty of £7.1m (as previously announced) and Casumo  has been ordered to pay a financial penalty of £5.85m. Videoslots will pay £1m in lieu of a financial penalty.

Another company – CZ Holdings – will no longer be able to provide gambling services to consumers in Britain as it surrendered its licence after a licence review had been commenced. Nine other operators have been issued with Advice to Conduct letters and a further six are still under investigation.

The Commission has also taken regulatory action against the individuals responsible for the failings. Three Personal Licence Holders (PML) have now surrendered their licenses, four have been issued with a warning and two have been issued with Advice as to Conduct notices. A further three individuals who hold PMLs are still under investigation.

Neil McArthur, Commission CEO, said: “I hope today’s announcement will make all online casino operators sit up and pay attention, as our investigations found that a large number of operators and their senior management were not meeting their obligations.

“It is not enough to have policies and procedures in place. Everyone in a gambling business must understand its policies and procedures and take responsibility for properly applying them.

“We expect operators to know their customers and to ask the right questions to make sure they meet their anti-money laundering and social responsibility obligations.”

Mr McArthur added: “Anyone in a position of authority needs to be aware that we will not only act against businesses when we take regulatory action – we will also hold individuals to account where they are responsible for an operator’s failings.”

Jeremy Wright, Secretary of State for Digital, Culture, Media and Sport, said: “Any online operator that thinks it can ignore its duty to protect players should take note today – there will be consequences. Protecting vulnerable consumers is our prime concern, and it must be the priority for gambling operators too.

“There are robust requirements to safeguard players and prevent money-laundering which all businesses must adhere to if they wish to operate in the British market. I am pleased to see the Gambling Commission taking the strongest possible action when companies fail to meet their obligations.”

Operators are advised to read: lessons to be learned regarding this investigation

Review of Casumo Services Limited’s operating licence

Breach of conditions relating to anti-money laundering and failure to comply with social responsibility codes

Introduction

On 16 January 2018 the Gambling Commission gave Casumo Services Limited (the Licensee) notice that we were commencing a review of its operating licence granted in respect of its services to customers in Great Britain under section 116(2) of the Gambling Act 2005 (the Act) because:

• we had reason to suspect that activities may have been carried on in purported reliance on the licence but not in accordance with a condition of the licence (section 116(2)(a));
• we suspected that the Licensee may be unsuitable to carry on the licensed activities (section 116(2)(c)(i)); and
• we were of the view that a review would be appropriate (section 116(2)(c)(ii)).

On 10 May 2018 it was decided by the Commission to refer the case to the Commission’s Regulatory Panel for a decision.

The Licensee accepted and the Regulatory Panel agreed that the Licensee had:

• breached conditions of its licence relating to anti-money laundering measures (AML) as per licence condition 12 of the Commission’s Licence conditions and codes of practice (LCCP)
• failed to comply with social responsibility codes of practice.

In line with the Commission’s Licensing, compliance and enforcement policy statement, the Indicative Sanctions Guide and the Statement of Principles for determining Financial Penalties, the Regulatory Panel has decided to:

1.  Issue a warning under section 117(1)(a) of the Act
2.  Impose additional conditions on the Licensee’s operating licence under section 117(1)(b) of the Act; and
3.  Impose a financial penalty under section 121 of the Act in the sum of £5,850,000.

This summary of the Regulatory Panel decision sets out the relevant facts of the case, licence condition (LC) and social responsibility code of practice provisions (SRCP), the findings and the outcome of the review.

Summary of Regulatory Panel decision

Findings of fact

The Regulatory Panel accepted the accuracy of the factual matters set out in the Commission’s Case Summary. The following facts were stated in the Case Summary: 

Licence condition 12.1.1.1 – Anti-money laundering – Prevention of money laundering and terrorist financing

Licence condition 12.1.1(1) requires an operator to conduct an assessment of the risks of their business being used for money laundering and terrorist financing. Such risk assessments must be appropriate and must be reviewed as necessary in the light of any changes of circumstances, including the introduction of new products or technology, new methods of payment by customers, changes in the customer demographic, or any other material changes, and in any event reviewed at least annually. This licence condition has been in force since October 2016. The Gambling Commission provides guidance on risk assessments in the The Prevention of Money Laundering and Combating the Financing of Terrorism – Guidance for remote and non-remote casinos. An appropriate risk assessment allows operators to identify risks relevant to their business, including the risks associated with the customers they transact with, and conduct effective customer due diligence on the basis of this assessment, among other things.

Commission officials found when they completed a compliance assessment on 2 October 2017 (Compliance Assessment) that the appropriate risk assessment was not in place. We made the Licensee aware of the requirement at the time of the Compliance Assessment and in our letter of 8 November 2017.

In its response of 5 March 2018 the Licensee accepted that it had breached this licence condition. On 20 April 2018, the Licensee provided a copy of their revised risk assessment, which included an audit of their controls. The risk assessment was approved by its Board on 7 March 2018.

Licence condition attached to the licence on 1 November 2014 and Licence Condition 12.1.2.1 – Anti money laundering measures for operators based in foreign jurisdictions

The Licensee was required to put in place and implement the measures described in Parts 2 and 3 of the Money Laundering Regulations 2007 (superseded by the 2017 Regulations), insofar as they relate to casinos.

Commission Officials found that the Licensee did not:

• conduct ongoing monitoring of a business relationship (Regulation 8 of the 2007 Regulations)
• apply, on a risk-sensitive basis, enhanced customer due diligence measures and enhanced ongoing monitoring in situations which by their nature present a higher risk of money laundering (Regulation 14 of the 2007 Regulations)
• keep full records of the evidence and supporting documents it considered as part of its customer due diligence checks and business relationship with the customer (Regulation 19 of the 2007 Regulations)
• establish and maintain appropriate and risk-sensitive policies and procedures relating to specified matters in order to prevent activities related to money laundering and terrorist financing (Regulation 20 of the 2007 Regulations)
• have effective or sufficient training for its MLRO (Regulation 21) of the 2007 Regulations).

In relation to the 2017 Regulations, Regulation 8 read with Regulation 9(4) means that the 2017 Regulations have direct applicability to remote casino operators licensed by the Commission but based overseas. Officials were of the view that:

• contrary to Regulation 24 of the 2017 Regulations, the Licensee failed to take appropriate measures to ensure that relevant employees received training in the law relating to money laundering
• the Licensee failed to consistently apply enhanced customer due diligence and enhanced ongoing monitoring on a risk-sensitive basis, contrary to Regulations 28 and 33 of the 2017 Regulations.

Regulation 28(11) of the 2017 Regulations requires the Licensee to conduct ongoing monitoring (which includes scrutiny of the transactions undertaken by the customer throughout the course of the business relationship, including the source of funds), and regulation 33 of the 2017 Regulations includes the requirement to apply enhanced customer due diligence measures and enhanced ongoing monitoring in situations where there is a high risk of money laundering or terrorist financing.

Licence condition 12.1.1.2 Licensees must have appropriate policies, procedures and controls to prevent money laundering and terrorist financing; and Breach of Licence condition 12.1.1(3). Such policies, procedures and controls must be implemented effectively, kept under review and revised appropriately

Officials found that at the time of the Compliance Assessment:

• the Licensee’s AML policy did not appear effective, in particular in relation to establishing SOF and ongoing monitoring of its customers
• ongoing monitoring of customer accounts was not provided
• for two customer accounts reviewed, evidence of sufficient enhanced customer due diligence (EDD) was not provided.

In its response the Licensee accepted that it was in breach of licence condition 12.1.1 as, while it did have numerous individual policies concerning AML risk, at the time of the assessment it did not have:

• an appropriate AML risk assessment in place
• effective AML policies, procedures and controls in place, particularly as regards higher risk customers
• effective or sufficient training in place for it MLRO.

In its response, the Licensee confirmed that, since the Commission’s Compliance Assessment, it had taken a number of actions to address the Commission’s preliminary findings including:

• setting up a compliance executive team
• recruiting a dedicated UK Compliance manager
• recruiting three further regulatory compliance roles
• committing at Board level to put compliance at the heart of ongoing business operations and strategic future
• ensuring that all relevant past and current customer accounts would be subject to updated due diligence, enhanced due diligence and source of funds measures.
• engaged Wiggin LLP to manage and oversee a review of its current processes and provide independent analysis
• committed to the position that where proceeds of crime are likely to have been used on its site the Licensee will pro-actively segregate and divest those funds
• developed, integrated and tested an automated customer risk assessment tool which assesses customer profiles automatically, drastically reducing human error and increasing the accuracy of risk assessments and risk visibility both in respect of individual players and across the business
• provided external MLRO and AML training for its existing MLRO
• taken steps to recruit a new, highly experienced MRLO who will exclusively undertake that role within the Licensee’s business.

In its response the Licensee acknowledged that it was in breach of licence condition 12.1.2

Code of practice issued under Section 24 Gambling Act 2005 – Social Responsibility Code 3.4.1 Customer Interaction. Compliant with a social responsibility code provision (SRCP) is a condition of the Licence by virtue of section 82(1) of the Act

The Licensee failed to put into effect policies and procedures for customer interaction in accordance with the requirements of SR Code 3.4.1.

Licensees must put into effect policies and procedures for customer interaction when they have concerns that a customer’s behaviour may indicate problem gambling. Code provision 3.4.1(e) requires specific provision for making use of all relevant sources of information to ensure effective decision making, and to guide and deliver effective customer interactions including in particular:

(i)    provision to identify at risk customers who may not be displaying obvious signs of, or overt behaviour associated with, problem gambling; this should be by reference to indicators such as time or money spent.

(ii)   specific provision in relation to customer designated by the Licensee as ‘high value’, ‘VIP’ or equivalent.

Commission officials found that at the time of the assessment the Licensee appeared to have failed to act in accordance with Code 3.4.1(e) as:

• a review of three accounts showed that the customers all demonstrated potential signs of problem gambling based on their gambling pattern and spend, however this behaviour did not trigger any customer interaction with the customers
• the Licensee confirmed that the accounts did not raise any concerns
• the Licensee’s policies did not flag customers as an SR concern as a result of the size of their losses.

In its response the Licensee acknowledged that it was in breach of SR code provision 3.4.1 as, whilst it had policies, an RG team and its “Play Okay” website in place to deal with SR interactions, it did not:

• have effective policies and procedures in place to always prompt interactions where customers may be displaying signs of problem gambling
• always record interactions, or decisions taken not to interact, with its customers.

The Licensee indicated in its response that, since the assessment and as regards its SR responsibilities, it had:

• overhauled and updated its RG “PlayOkay” handbook with Professor Mark Griffiths
• created and actioned an RG roadmap
• received training from GamCare
• hired additional staff to its RG team, including an RG gaming strategist
• increased the visibility of its “PlayOkay” limits
• implemented GAMSTOP
• launched casumocares.com as a dedicated destination for RG and driving awareness.

The Panel found:

• that the Licensee had not undertaken an appropriate risk assessment in regards to money laundering and terrorist financing.  By failing to undertake the appropriate risk assessment the Licensee breached licence condition 12.1.1(1) of its operating licence.
• that the Licensee had failed to establish and maintain appropriate risk-sensitive policies, procedures and controls relating to the management of its customers (including the monitoring and management of compliance with such policies and procedures) in order to prevent activities relating to money laundering.  By failing to do so, the Licensee breached conditions 12.1.1(2) and 12.1.1(3) of its operating licence
• that the Licensee had failed to implement the measures described in Parts 2 and 3 of the Money Laundering Regulations 2007 as it did not:
  • conduct ongoing monitoring of a business relationship
  • apply, on a risk-sensitive basis, enhanced customer due diligence measures and enhanced ongoing monitoring which by their nature present a higher risk of money laundering
  • keep full records of evidence and supporting documents it considered as part of its customer due diligence checks and business relationship with the customer
  • establish and maintain appropriate and risk-sensitive policies and procedures relating to specified matters in order to prevent activities relating to money laundering and terrorist financing
  • have effective or sufficient training for its MLRO.

The Licensee had also failed to adhere to Regulations 24, 28 and 33 of the Money Laundering Regulations 2017 by failing to take appropriate measures to ensure that relevant employees received training in the law relating to money laundering and by failing to consistently apply enhanced customer due diligence and enhanced ongoing monitoring on a risk sensitive basis.

By failing to implement the above measures the Panel found that the Licensee had breached licence condition 12.1.2. of its operating licence.

• that the Licensee did not have effective policies and procedures in place to always prompt interactions where customers may be displaying signs of problem gambling and did not always record interactions, or decisions not to interact, with its customers and by doing so failing the Licensee had not adhered to the requirements of paragraph 3.4.1 of the Social Responsibility Code which by virtue of section 24 of the Act is treated as a licence condition
• that the Licensee failed to consider and did not act in accordance with paragraph 3.4.2 of the LCCP Ordinary Code on customer interaction.  The Panel noted that this would not give rise to a financial penalty.

Decision and reasons

Approaching the decision as to what sanction(s), if any, should be imposed under s117 of the Act the Panel referred to the Indicative sanctions guide (June 2017) and the Statement of principles for licensing and regulation (June 2017).

The Licensee accepted and the Panel agreed that given the seriousness of the licence breaches it was appropriate to:

• issue the Licensee with a formal warning under section 117(1)(a) of the Act
• impose the following licence conditions on the Licensee’s operating licence under section 117(1)(b) of the Act to:
  • appoint an appropriately qualified Money Laundering Reporting Officer (MRLO) who holds a Personal Management Licence; in appointing the MRLO to ensure the individual must undertake annual refresher training in anti-money laundering and be able to evidence this to the Commission.
  • ensure that all personal management licence holders, senior management, and key control staff undertake outsourced anti-money laundering training.  All such staff must undertake outsourced refresher training annually thereafter.
  • continue its review of the effectiveness and implementation of its anti-money laundering and social responsibility policies and procedures, and in addition engage external auditors, whose appointment and terms of reference must be agreed by the Commission, to sample the reviews that have been carried out to provide additional assurance as to the findings.  The outcome of the review and subsequent action plan to implement any recommendations must be reported to the Commission by the person who assumes responsibility for this action, and the Commission will have access to all the documents relating to the work.

The Panel also agreed that it was appropriate to impose a financial penalty under section 121 of the Act. In reaching this decision the Panel had regard to the Statement of principles for determining financial penalties (June 2017) and which included the mitigating effect of the of the steps taken by the Licensee to remedy the breaches and the Licensee’s co-operation with the Commission. The Panel concluded that it was appropriate for the Licensee to pay a financial penalty of £5,850,000 and that this was a proportionate outcome.

Videoslots Limited (t/a www.videoslots.com)

Regulatory settlement

• Anti-money laundering – breaches of:
  • Licence condition 12.1.1.1 – Licensees must conduct an assessment of the risks of their business being used for money laundering and terrorist financing.
  • Licence condition 12.1.1.2 and 12.1.1.3 – Having regard to the risk assessment, licensees must have appropriate policies, procedures and controls to prevent money laundering and terrorist financing and such policies, procedures and controls are implemented effectively, kept under review and revised appropriately.
  • Licence condition 12.1.2 – Anti-money laundering measures for operators based in foreign jurisdictions requiring compliance with Money Laundering Regulations 2007 (superseded in 2017).
• Personal Management Offices – Breach of licence condition 1.2.1 requiring operators to ensure specified management offices are held by personal management licence (PML) holders.
• Key event notification – Breach of licence condition 15.2.1 relating to key event notifications in respect of reporting changes in the holders of management offices.
• Customer interaction – Failure to comply with code of practice – Social Responsibility Code 3.4.1. Compliance with a Social responsibility is a condition of the operating licence by virtue of section 82(1) of the Act.

Operators are expected to consider the issues here and review their own practices to identify and implement improvements in respect of the management of customers.

Executive summary

The Gambling Commission has completed an investigation which identified weaknesses in Videoslots Limited’s (Videoslots) anti-money laundering and social responsibility controls.

The investigation followed a compliance assessment focussed on the measures that a remote gambling operator should have in place to address the prevention of money laundering and terrorist financing and compliance with related licence conditions. In carrying out the assessment, we also identified action that needed to be taken in respect of social responsibility (SR) code failures.

The identified failings raised significant concerns about the effectiveness of Videoslots’ management and mitigation of risks to the licensing objectives in place at the time of the compliance assessment (September 2017).  Videoslots had identified a number of issues and had started to implement improvements prior to the compliance assessment. Videoslots acknowledged its shortcomings at an early stage.

In line with our Statement of principles for licensing and regulation, Videoslots will pay a penalty package of £1,000,000 in lieu of a financial penalty. A breakdown of the regulatory settlement is set out below.

Findings

Breaches of licence condition 12.1.1.1 (Anti-money laundering) – Licensees must conduct an assessment of the risks of their business being used for money laundering and terrorist financing

Licence condition 12.1.1.1 came into effect from 31 October 2016 and requires an operator to assess the risks of their business being used for money laundering and terrorist financing. Such risk assessment must be appropriate and must be reviewed as necessary in the light of any changes of circumstances, including the introduction of new products or technology, new methods of payment by customers, changes in the customer demographic, or any other material changes, and in any event reviewed at least annually. An appropriate risk assessment allows operators to identify risks relevant to their business, including the risks associated with the customers they transact with, and to conduct effective customer due diligence based on this assessment, among other things.

When we completed the assessment of 27 September 2017, we found that an appropriate risk assessment was not in place. Whilst it is accepted that Videoslots had carried out an assessment of risk in February 2017, it had not been formalised sufficiently to identify risk and mitigation to meet this requirement.

Breaches of licence condition 12.1.1.2 and 12.1.1.3 – Licensees must have appropriate policies, procedures and controls to prevent money laundering and terrorist financing and such policies, procedures and controls must be implemented effectively, kept under review and revised appropriately

Videoslots failed to establish and maintain appropriate risk-sensitive policies, procedures and controls relating to the management of its customers (including the monitoring and management of compliance with such policies and procedures) to prevent money laundering and terrorist financing, as required by licence conditions 12.1.1.2 and 12.1.1.3, and contrary to the requirements of regulation 19 of the Money Laundering, Terrorist Financing and Transfer of Funds (information on the Payer) Regulations 2017 (the 2017 Regulations).

At the time of the assessment we found that Videoslots:

• conducted only basic checks on all customers, supported by a verification process once a deposit level of 2,000 Euros was reached in a 24-hour period. This approach to customer due diligence (CDD) is inadequate as it means that the same approach is adopted for all customers irrespective of the level of risk attributed to the customer.
• AML policies did not sufficiently define risk situations where enhanced customer due diligence and enhanced ongoing monitoring (EDD) would be required.
• the EDD process did not always include establishing the source of funds/source of wealth, as appropriate.

Videoslots did make some enquiries into the source of customer funds, such as requesting that customers verify the destination of withdrawals, generally by providing a copy of the relevant financial account documentation. Videoslots had taken steps to remedy the issue by inviting its customers to complete a declaration document outlining the source of funds, which it used as an indicator as to whether further enquiries were necessary, but further improvements were required.

Breaches of licence condition 12.1.2.1 – Anti-money laundering measures for operators based in foreign jurisdictions

Videoslots was required to put in place and implement the measures described in Parts 2 and 3 of the Money Laundering Regulations 2007 (superseded by the 2017 Regulations) insofar as they relate to casinos. We found that Videoslots had failed to sufficiently implement the measures as required.

The investigation highlighted that Videoslots failed to consistently apply EDD on a risk-sensitive basis, contrary to regulations 28 and 33 of the 2017 Regulations.

Regulation 28(11) of the 2017 Regulations required Videoslots to conduct ongoing monitoring of the business relationship, which includes scrutiny of the transactions undertaken by the customer throughout the course of the business relationship (including, where necessary, the source of funds) to ensure that the transactions are consistent with the operator’s knowledge of the customer and their risk profile. Regulation 33 of the 2017 Regulations includes the requirement to apply EDD, in addition to the measures required under regulation 28, in order to manage and mitigate the risks arising in situations where there is a high risk of money laundering or terrorist financing.

As examples:

• Customer A commenced gambling with Videoslots in November 2014. The customer subsequently deposited more than £211,000 and lost approximately £45,000 during game play. The initial checks carried out with the customer by Videoslots had revealed that the customer’s bank account was overdrawn. As of November 2017, Videoslots’ knowledge of the customer was reliant on identity documents and third-party assurances, where they should have undertaken enhanced customer due diligence measures (including establishing the source of the customer’s funds).

• Customer B failed automated identity checks, resulting in the customer providing Videoslots with a fraudulent driving licence as evidence of their identity. In the initial stages this was not detected by Videoslots. The customer was then able to register multiple fraudulent bank cards, which was initially not detected. The bank cards were used to deposit and play large amounts of funds (for example £6,000 in one day in September 2017) without intervention by the operator. Videoslots’ systems did, in due course, alert them to the activity, by which time the customer had made £17,405 in deposits, suspected to be the proceeds of crime.

In addition, at the time of the assessment, Videoslots did not sufficiently comply with the requirement to provide its relevant employees with training in how to recognise and deal with transactions, and other activities or situations which may relate to money laundering or terrorist financing (Regulation 24 of the 2017 Regulations).  To comply with the 2017 Regulations, Videoslots should have provided relevant employees with regular training.  For these purposes the Commission would include:

• the holders of all relevant personal management licences
• employees able to contribute to the identification and mitigation of the risk of money laundering or terrorist financing, such as those responsible for providing customer services and completing customer due diligence (CDD) measures.

Failure to comply Social Responsibility code 3.4.1 – Customer Interaction. Compliance with a Social responsibility code is a condition of the operating licence, by virtue of section 82(1) of the Act

Licensees must put into effect policies and procedures for customer interaction when they have concerns that a customer’s behaviour may indicate problem gambling. SR code provision 3.4.1.1.e requires specific provision for making use of all relevant sources of information to ensure effective decision making, and to guide and deliver effective customer interaction, including in particular:

(i)  provision to identify at risk customers who may not be displaying obvious signs of, or overt behaviour associated with, problem gambling; this should be by reference to indicators such as time or money spent.

(ii) specific provision in relation to customer designated by the Licensee as ‘high value’, ‘VIP’ or equivalent.

Commission officials found that at the time of the assessment (September 2017) Videoslots was in breach of 3.4.1.1.e. We noted that there were significant limitations in its ability to proactively identify and mitigate risk manifesting itself in terms of resource, systems, and controls.

As an example of our concerns, Customer C deposited £412,000 between 1 April 2016 and 31 January 2017, at which point the customer self-excluded. Videoslots’ records did not show any evidence of customer interactions in respect of responsible gambling or indeed source of wealth. Videoslots is confident that its new policies and procedures would have addressed this issue.

Breach of Licence condition 1.2.1 – operating licence holders must ensure specified management offices must be held by personal management licence (PML) holders and Breach of licence condition 15.2.1 – Key event reporting

Licensees must ensure that individuals who occupy the management offices specified in respect of the licensed activities such as regulatory compliance hold a personal licence with the Commission authorising the performance of the functions of that office.

In addition, it is a requirement of licence condition 15.2.1.8.b to notify the Commission of the appointment of a person, or a person ceasing to occupy such, to a management position.

The Commission noted during its investigation that, for an 11-month period (2015/2016), an appropriate qualified individual occupying the regulatory compliance function did not hold a personal management licence and that the Commission had not always been notified of changes in individuals occupying management positions by way of key events.

Good practice

We consider that this case provides valuable learning for remote (online) and non-remote gambling operators. They should consider the following questions to address the issues identified in this case:

• Do you conduct appropriate assessments of the risks of money laundering and terrorist financing for your businesses, and implement policies, procedures and controls which manage the identified risks effectively?
• Do you have effective measures for customer due diligence, the ongoing monitoring of customers, and enhanced customer due diligence and enhanced ongoing monitoring which are sufficiently risk-focused, including the risk profiling of customers for these purposes?
• Are you ensuring that you can adequately evidence customer interactions?
• Do you have systems in place to ensure that your policies and procedures make specific provision for making use of all relevant sources of information where you have concerns that a customer’s behaviour may indicate problem gambling? Are you putting into effect such policies and procedures?
• Are your customer interaction policies and procedures effective for your customers? Are you alert to the risk various customers bring?
• Are you providing your staff with appropriate training to ensure that they are aware of the law relating to money laundering and terrorist financing, and how to recognise and deal with transactions, activities or situations which may be related to money laundering or terrorist financing?
• Do you have sufficient resilience within your anti-money laundering and social responsibility functions with appropriately qualified individuals occupying specified management offices? Do those individuals hold personal management licences? Have you notified the Commission of any personnel changes in these specified management offices?

Regulatory settlement

The regulatory settlement package consists of:

a)    A payment in lieu of a financial penalty of £1,000,000 which will go to National Responsible Gambling Strategy project(s) to pay for research and treatment as determined appropriate to address the risk of harmful gambling. This payment includes a divestment in the sum of £310,478.08.

b)    The voluntary placing of additional conditions on Videoslots’ operating licence under section 117(1)(b) of the Act, requiring the licensee to:

• Maintain the appointment of an appropriately qualified Money Laundering Reporting Officer (MLRO) who holds a Personal Management Licence (PML), and, in appointing the MLRO, to ensure that the individual undertakes annual refresher training in AML and be able to evidence this to the Commission.
• Ensure that all PML holders, senior management and relevant employees undertake outsourced anti-money laundering training. All such staff must undertake outsourced refresher training annually thereafter.
• Continue to segregate funds as per licence condition 4.1 not lower than the level of ‘medium’ as defined by our guidance.
• Continue its review of the implementation and effectiveness of its AML and SR policies, procedures and controls, and, in addition, engage external auditors to sample the reviews that have been carried out so as to provide additional assurance in relation to the findings. The appointment and terms of reference of the external auditors must be agreed with the Commission.

c)    Payment of £12,000 towards the Commission’s investigative costs.

Conclusion

Our investigation found, and Videoslots accepts, that there were weaknesses in its systems relating to how it managed its customers for anti-money laundering and social responsibility purposes.

In determining the appropriate outcome, we took the following factors into account:

• Proactive and timely action taken by Videoslots to address all the issues identified
• Videoslots being open and transparent from the outset of the investigation and fully co-operative throughout
• A demonstrable insight into the seriousness of the failings.