On October 3, 2025, the Gambling Commission released a bulletin highlighting significant concerns about anti-money laundering (AML) and counter-terrorist financing (CTF) measures among gambling operators in Great Britain. The regulator called for improvements, urging licensees to reassess and amend their systems to mitigate risks effectively.
A primary issue identified was operators’ excessive reliance on financial threshold controls as a trigger for conducting customer risk profiling and due diligence. The commission noted that operators often waited until these thresholds were met before evaluating potential risks associated with their customers. This approach meant that non-spend related risk factors, evident early on, were overlooked.
The commission criticized the setting of financial thresholds at levels that did not align with the present risks, noting that such practices could allow high-risk customers to gamble without undergoing necessary scrutiny. This oversight could result in substantial deposits and withdrawals occurring before any risk-based due diligence was initiated.
To address this, the commission recommended ongoing risk-based customer due diligence and monitoring, emphasizing that financial thresholds must complement, not replace, a comprehensive understanding of customer risks. “Financial threshold controls can be a useful tool in combatting money laundering and terrorist financing,” they noted. “However, they should not be relied on in isolation and must be adjusted based on an individual licensee’s risk assessment, business model, and customer base.”
Additionally, the commission pointed out the failure of some operators to compile risk profiles in line with official guidelines. They found instances where customer-related risk factors were either not identified or not addressed promptly. Operators, the commission argued, need to ensure their risk profiles are informed by broader risk assessments, considering how specific customers trigger identified risk factors.
A related concern was the inadequate scrutiny of player documentation and information. The review revealed cases where operators missed standout risk indicators, such as significant third-party deposits on bank statements or expenditures surpassing income. This lack of scrutiny extended to scenarios where documentation appeared false or fraudulent, yet failed to trigger enhanced due diligence.
The commission underscored the need for robust controls and adequate staff training to recognize such risks, stating, “Operators need to have appropriate controls in place to identify such cases and ensure their staff are trained to assess customer documentation accurately.”
Inadequate training on AML and CTF issues was another significant concern. The commission stressed that insufficient training compromises key protection measures for both operators and their customers. Furthermore, they highlighted issues related to poor record-keeping, insufficient due diligence on third-party relationships, and the over-reliance on external companies for drafting risk assessments.
In the context of technological advancements, the commission also noted an increase in the use of AI, algorithms, and behavioral models for AML purposes. While acknowledging the potential of these technologies to identify money laundering and terrorist financing red flags, they cautioned that operators often lacked a proper understanding of how these algorithms functioned as AML controls. Consequently, these tools were not always correctly implemented, leading to compliance failures.
“We have identified compliance concerns where, due to the configuration of the algorithm, high-risk indicators have not been identified or escalated by the automated control in place,” the regulator stated. It stressed that operators must ensure their AML control suite, including algorithms and manual processes, effectively identifies risks for proper risk-based due diligence.
In the broader industry context, these issues underscore an ongoing challenge for operators to balance the integration of innovative technologies with regulatory compliance. As gambling firms increasingly harness AI to optimize operations, the necessity of understanding and correctly applying these tools becomes paramount.
Some industry observers suggest that a deeper partnership between operators and technology providers could enhance understanding and implementation of AI models. By collaboratively developing these systems, operators might better tailor them to meet both business and regulatory needs. Additionally, regular audits and updates to these systems could ensure they remain effective in identifying emerging risks.
Conversely, there is a viewpoint that over-reliance on technology might lead to complacency in traditional due diligence processes. Human oversight, some argue, remains an indispensable component of AML and CTF measures, providing a critical layer of judgment and flexibility that algorithms may lack. Balancing automation with human expertise is, therefore, seen as crucial to maintaining robust safeguards against financial crimes.
Overall, the Gambling Commission’s recent bulletin serves as a reminder of the complexities involved in safeguarding the industry against money laundering and terrorist financing. It highlights the need for a multifaceted approach—one that combines stringent regulatory adherence, effective use of technology, and continuous staff training. In a constantly evolving landscape, operators are reminded that proactive risk management is essential not only for compliance but also for maintaining trust in the industry.
5/5
