Building a gaming compliance program

Despite the exhaustive vetting processes used by gaming regulators to determine the suitability of casino operators, casinos themselves have remained vulnerable to money laundering and terrorism financing. While gaming compliance personnel must submit a 66-page Multi-Jurisdictional Personal History Disclosure that details all personal financial holdings and checks written within the last three years,1 casino patrons are able to gamble with far less scrutiny.

A 2015 U.S. Treasury report2 identifies structuring, or dividing a large reportable transaction into multiple, smaller non-reportable amounts, and minimal gambling, where a player cashes out their chips after little or no play, as casinos’ most frequent anti-money-laundering (AML) risks. The good news is that a December 2016 assessment by the Financial Action Task Force (FATF) found that casinos are responding positively to the AML threat3. The FATF states, “The gaming industry has taken significant steps to comply with AML/CFT requirements and prevent potential money laundering and terrorist financing in the last five years.”

Still, recent regulatory actions by the Financial Crimes Enforcement Network (FinCEN), like the $22.5 million fine levied against CG Technology, L.P., a Cantor Fitzgerald affiliate last September4, or the million-dollar fine assessed to the Nugget Casino Resort last April, are cause for concern5.

Beyond negligent record-keeping and its failure to implement a formal AML program, CG Technology was also implicated in a structuring scheme involving the “Jersey Boys” – an illegal gambling racket that employed “runners” who placed illegal bets on behalf of others. In the Nugget Casino case, regulators found that top executives at Sparks Nugget, Inc., the casino’s parent company, buried the gaming compliance manager’s suspicious activity reports6 (SARs) and prohibited them from interacting with IRS auditors.

While the CG Technology and Nugget Casino scandals offer cautionary reminders to the gaming sector, FinCEN data indicates a positive trend, with casino SAR filings rising 70 percent between 2013 and 2014. Also, a 2016 report from the American Gaming Association (AGA) found that casinos’ AML compliance budgets have risen 74 percent over the last five years7.

Under Title 31, casinos are required to have a comprehensive, written AML program in place that is “reasonably designed” to assure and monitor compliance with the BSA. However, the U.S. Treasury Department says casinos are only subject to BSA requirements 3148 if they have gross annual gaming revenues of more than $1 million and have the requisite licenses. Regardless, in today’s aggressive enforcement regime, the stakes of financial misconduct have never been higher for the more than 1,300 casinos and card rooms that operate across 42 states9.

In order to mitigate AML risks and the crippling financial penalties they entail, casinos must empower their CCOs, adopt a risk-based approach, invest in regulatory technology (regtech), and train their employees as if they were working for a reputable financial institution (FI).

Empower the Chief Compliance Officer

The Nugget Casino investigation highlights the perils of undermining compliance leadership. Beyond the million-dollar penalty and the reputational damage, the casino’s failed compliance also forced the company’s former chief executive to resign from the Nevada Gaming Commission last February. These undesirable outcomes could have been avoided if the Nugget Casino enabled their compliance managers to engage with regulatory incidents in a meaningful way.

Just like modern financial institutions, gaming organizations must set the tone for compliance from the top. By empowering the CCO with a wide scope of supervisory and decision-making controls, casinos promote a culture of compliance10 and demonstrate to regulators their commitment to transparency and following the law. With regulators, casinos will find that a strong compliance officer is their best bargaining chip.

Implement a Risk-Based Approach

Designated as “covered financial institutions” by the BSA, casinos with $1 million or more in revenues cannot afford to assume that their AML risk exposures will reflect the same type of profile as their peers. Instead, they must implement a risk-based approach to AML threats.

Casinos vary in size and scope, from small gambling parlors to large luxury resorts. According to the AGA, here are some the of the business lines that created differentiated risk profiles for gaming entities:

  • Acceptance of funds in the form of cash, checks, or wire transfers for use by patrons within the casino
  • Issuance of markers (similar to a countercheck) signed by the patron in exchange for casino chips or other gaming instrumentality (e.g., slot voucher/ticket)
  • Limited check-cashing services
  • Issuance of checks drawn against the casino resort’s bank account
  • Facilitation of the wire transfer of funds through the casino resort’s banking institution
  • Limited currency exchanges

Given the wide breadth of gaming operations, and international jurisdictions their customer relationships can intersect, casinos must conduct rigorous self-diagnostics to identify their most vulnerable entry points. After completing this risk assessment, casinos should adjust SAR monitoring and customer profiling accordingly to establish a preventive buffer. Regtech will play an increasingly pivotal role in this paradigm shift.

Better Customer Identification through Regtech

According to the U.S. Treasury Department, casinos do not have a “distinct customer identification program obligation.” Instead, casinos only have to establish procedures for using all available information to collect customer identification to satisfy standard record-keeping and reporting demands. But regulatory guidance mandates that casinos use their computer systems to supplement customer authentication by “identifying transactions or patterns of transactions required to be reported as suspicious, including in relation to a customer’s source of funds.”

The recent Panama Papers scandal has also ramped up regulatory pressures for covered financial institutions to identify politically exposed persons and foreign funds of shadowy origin. As such, a data-driven, investigative public records tool will be the ace up the gaming industry’s sleeve in 2017. This type of regtech solution enables casinos to cross-reference questionable high rollers and other suspicious clientele through a myriad of criminal, business, financial, and property records around the world.

Train Gaming Personnel like Bank Employees

Because casinos are primarily seen as entertainment venues, there has traditionally been a gap of appropriate AML training. But the increasingly punitive scope of regulatory enforcement action is compelling the gaming industry to mature and approach its clientele with the same rigor that financial institutions use to screen their depositors and investors.

In 2017, it is imperative that gaming organizations provide up-to-date training and guidance on all relevant compliance requirements. CCOs must be engaged with training processes and initiatives from the ground up, as they establish the tone for compliance within the organization. The on-boarding of new regulatory technologies and the findings of unique, casino-specific risk assessments compound the types of complexities that CCOs must navigate to design relevant and effective training simulations.

Ultimately, all casino personnel, from the black jack dealer to the VIP concierge and the chief executive officer, must evaluate gaming operations and patrons with the same scrutiny as finance professionals vetting their client prospects. The right technology partner can help make the compliance education process seamless and intuitive.

The Regtech Trump Card

As the infamous case of Zhenli Ye Gon11 , a Mexican-Chinese businessman accused of laundering cartel money through a Las Vegas casino, illustrates, the accessing of dubious foreign funds through casinos remains the biggest AML risk for the U.S. gaming industry. The increased globalization of the gaming industry into Macau and Japan12 introduces new avenues for criminal exploitation and regulatory concern.

As the United States prepares for the first term of President Donald Trump, a mogul who has previously operated casinos, some in the industry are hoping for an easing of regulatory pressures. However, regardless of the current political climate, the growing interconnectedness of transnational organized crime, corruption, and terrorism financing demands a vigilant response from the gaming industry. As such, casinos must look to regtech and the investigative solutions it provides to enhance customer due diligence and isolate adverse UBOs.ral and state agencies. Community banks will find that staying on the regulators’ good side is the surest path to profit.

Ready to learn more?

See how Thomson Reuters CLEAR makes it easier to locate people, businesses, assets, and other critical information