On 12 February 2025, John Pierce, Enforcement Director at the Gambling Commission (Commission) delivered some key insights at the Gambling Anti Money Laundering (AML) Group training day.

The Commission have subsequently released a blog summarising the discussion, which included the AML trends from enforcement cases and emerging threats, which all operators should be taking note of.

One might see this Commission blog serves as a combined form of informal enforcement report and risk bulletin. On that basis, licence holders would be well-advised prepared to evidence how they reacted to its contents in future dealings with the Commission.

Key trends from Commission cases

Ineffective enhanced customer due diligence

The Commission is concerned that know your customer triggers for managing AML and terrorist financing risks are ineffective. Example of this included:

• Procedures that do not appropriately consider customer salary or wealth to identify disproportionate spend.
• Financial triggers which are too high and allow large sums of money to be transacted before the first AML review is undertaken on a customer.
• Only using financial triggers instead of taking a risk-based approach and considering additional information and the risk profile of the customer.
• Not setting realistic and effective monetary and non-monetary thresholds and triggers for determining when further information should be sought from customers, as well as not seeking them early enough.

Not appropriately obtaining and scrutinising source of funds and source of wealth information

The Commission highlighted that operators do not assess information as would be needed in light of the risks they are trying to mitigate. Examples of this included:

• An overreliance on customer declarations and open-source information to manage AML risks.
• Not following internal procedures to obtain source of funds (SoF) information at certain points.
• Not appropriately scrutinising SoF information received. Operator staff should have sufficient guidance on how to review documents, identify red flags, verify SoF information, and how to record their decision making.

Emerging threats

The Commission flagged the following areas as future threats to an operators’ compliance with AML requirements:

• Changes to customer demographics in the high-end land-based casino sector not being reflected in risk assessments and policies.
• Customers using AI to forge ID and SoF documents.
• Increased use of mule accounts and fraudulent activity, particularly in betting.
• Cases of ID farming where individuals or companies collect personal data to obtain bank accounts and open gambling accounts for use in fraud.
• As payment providers increasingly allow crypto payment facilities, operators need to have a full understanding of the services provided by their payment providers.
• In the white-label space, operators often fail to risk assess their relationships with the white label partners or complete appropriate due diligence.

All licence holders should be reflecting on this helpful output from the Commission in their own risk assessments. If you have any questions around your current compliance with these guidelines, please reach out.