1. Introduction

1.1. Money Laundering.

Money Laundering (ML) is the process of creating the appearance that funds obtained from criminal activities, such as drug trafficking or terrorist activity, originate from a legitimate source. Criminals try to launder money by disguising the source and/or changing the form of funds or moving them to a location where they are less likely to attract attention.

1.2. Prevention of money laundering.

Prevention of Money Laundering (PML) is a financial/legal term used to describe legal controls that require financial institutions and other regulated entities to prevent, detect and report ML activities.

An effective PML  program requires that a jurisdiction:

• Has criminalized Money Laundering.
• Has given the responsible regulators and the police the power and tools to investigate it.
• Have financial institutions that identify their customers, establish risk-based controls, maintain records and report suspicious activity.
• May share information with other jurisdictions as appropriate.

2. Regulation.

Employees working in the remote gaming industry must report on information provided to them in the course of their business:

• When they know.
• When they suspect.
• When they have reasonable grounds to know or suspect that a person is involved in money laundering or terrorist financing, including criminal spending.

These obligations are collectively referred to as grounds for knowledge or suspicion. What the authorities are looking for is for us to be able to demonstrate, on the basis of evidence, that a risk assessment has been carried out and that it continues to be done before initiating business relationships with clients, with an appropriate due diligence procedure being carried out. due from customers in order to ensure that the transactions carried out with them are consistent with the level of risk presented.

The Commercial Agent must be able to demonstrate that the extent of ongoing monitoring performed is conducted on a risk sensitivity basis and that all records are maintained to reflect this, with adequate maintenance of risk profiles. In this document, the Company identifies additional measures that are being applied to carry out risk monitoring and the need to, when necessary, require a declaration of the source of customers’ funds in situations that present a high risk and potential money laundering.

2.1. Specific Regulations.

The Commercial Agent is committed to ensuring that compliance is incorporated into all aspects of our business and into the Curacao Gaming License, which allows Games of Chance to operate in the international market through service lines.

3. Crime and Disorder and PML.

PML policy is based on principles and practices:

• The Company develops systems and controls suited to our business and complies with legal and regulatory requirements
• The Company assesses BC risks inherent to our current business at least once a year. The Company, therefore, adopts a risk-based approach that is flexible, effective, proportionate and cost-effective.
• The Company counts on the full commitment and responsibility of top management.
• The Company regularly assesses the adequacy of our systems and controls.
• The Company maintains, when necessary, records of transactions that meet the investigation needs of the legal entities responsible for the fight against money laundering and the financing of terrorism.
• The Company provides initial and ongoing training to all relevant employees.
• The Company supports the appointed officer with resources and authority to operate objectively and independently.

4. Risk Management.

The Company practices a policy and procedures relating to risk assessment and management as required by the Money Laundering Regulations 2007 (the Regulations). This risk-based approach involves a series of discrete steps in assessing the most proportionate way to manage and mitigate the money laundering and terrorist financing risks The Company faces:

• Identify money laundering and terrorist financing risks that are relevant to us.
• Design and implement policies and procedures to manage and mitigate these assessed risks.
• Monitor and improve the effective functioning of these controls.
• Record what was done and why.

This risk-based approach focuses effort where it is needed most and will have the greatest impact. It has the full commitment and support of our management and the active cooperation of all employees. The Company conducts an assessment of our commercial risk exposure in terms of money laundering, which considers the threat and its impact.

5. Suspicious Activity.

Suspicious Activities, in this case, are referred to as suspicious transactions, and extreme player profiles, when deposits do not match correctly, among other elements. Other concrete examples of how The Company identifies players who require our team to undertake a risk monitoring approach to our customers and when The Company should specifically carry out advanced due diligence checks on Player Profiles may be needed:

1. Passport or identity card.

2. Utility bill.

3. Bank statement.

4. Other proof of identity.

5.1. Suspicious Activity Reports.

Within this framework, Suspicious Activity Reports (RAS) constitute an enforced requirement. The Commercial Agent ensures that all employees report to the Risk Team whenever they have grounds to come to know or suspect that a person or client is involved in ML or terrorist financing. Any employee who fails to do so is subject to criminal prosecution.

The hierarchical forwarding of RAS must be carried out in a confidential and discreet manner, by handwriting and not via email, to ensure the maximum level of anonymity.

An employee must not, under any circumstances, disclose or discuss any PML  concern with the person or persons subject to an investigation or with any other person. Disclosure (also known as “whistleblowing”) is strictly prohibited and carries with it very serious legal penalties.

In addition, and in order to keep ourselves protected as much as possible, no remark should be left on an account that gives any indication that there is a suspicion of BC, as any player has the right at any time to request your account’s full notes/remarks.

5.2. Work Procedure.

The Commercial Agent assesses players’ spending and plays to check for suspicious activity. Before any withdrawal is processed, the following procedures are performed:

1. The customer’s deposit history is reviewed to confirm that no suspicious payments have been made to the customer’s account. The frequency of deposits and sum of deposits are reviewed to ensure they are within a normal range for the customer, based on their deposit history and the general deposit range across our network.
2. The customer’s billing is reviewed to ensure that they have actually played at the casino and that they are not using the Merchant Agent as a method of moving money.
3. When possible, funds should always be refunded via the original payment method used by the player to make a deposit.

5.3. Withdrawal Procedure.

When evaluating a customer’s account prior to withdrawal, the agent must answer the following questions in the PML  segment at Risk Entry:

1. Did the player bet?
2. Does the Payment Method belong to the player and did the player use it to make deposits?
3. Are the customer’s transactions and bets in line with the player’s expectations?

6. Human Resources.

6.1. Staff training.

All employees will be trained in their obligations regarding the disclosure of money laundering situations and will be made aware of the procedures in place for the hierarchical referral of any suspicious incidents to the RCBC. As part of this process, employees are informed that personal failure to comply with legal requirements, such as turning a blind eye to a client who resorts to criminal proceedings, may result in criminal or regulatory action.

Relevant employees receive training on ways to follow the company’s internal policies and procedures to:

• Customer Due Diligence (DDC), including advanced requirements for high-risk customers, which include PPE;
• Report suspicious activity to the designated person, where necessary, seeking appropriate consent to allow participation in games and to conduct gaming and other business transactions.

7. Record keeping.

The Company ensures that an audit trail exists to assist any financial investigation by legal bodies. Our record-keeping policy and procedure cover records in the following areas:

• Details regarding how compliance was controlled by the designated officer.
• Delegation of PML /CFT tasks by the person in charge.
• Reports from the person in charge appointed to the top management.
• Information not considered by the person in charge, with reasons for not having taken any additional action.
• Customer identification and verification information.
• Support records relating to business relationships or occasional transactions.
• Employee training records.
• Internal and external RAS.
• Contact between the appointed officer and law enforcement forces or the ANC, including records related to appropriate consent.

8. Offenses.

All employees are aware of the risk of committing the following related offenses:

• The LPC and the Terrorism Act create violations by failing to report suspicious activities.
• When an employee fails to comply with the reporting obligations of the designated officer, or the designated officer to the NCA* as soon as practicable after the information has given rise to knowledge or suspicion becomes known to that person, they are subject to criminal prosecution.
• May also commit a violation of the LPC or the Terrorism Act if they disclose that a RAS has been submitted that is likely to prejudice any investigation or if they disclose information relating to the fact that there is an investigation of allegations of a violation of the LPC or the Terrorism Act, likely to jeopardize the investigation.
• Commit an offense if they become aware of or suspect that an appropriate officer is acting (or proposes to act) in connection with a relevant investigation that is or is about to be conducted, and if they falsify, conceal, destroy or delete documents that are relevant to the investigation.

9. Protection of our equipment against internal crimes and criminal misuse.

The company is keenly aware that a key way to combat fraud is to first identify where the company’s most valuable assets lie. Processes and controls have been incorporated into the company’s routine to minimize the chances of misuse of any of its key assets.

Our server equipment is located at Unicept Malta, which has policies in place to protect the equipment, such as a visitor management procedure, fire alarms, destruction of confidential documents, locked cabinets, testing, security, etc. The Commercial Agent also implements such policies in our offices.

10. Ensuring that the companies the website deals with are trustworthy and reputable.

The Commercial Agent promotes solid principles of business and professional ethics at all levels. When selecting suppliers, there is a set of criteria that The Company considers:

• Financial soundness (for long-term sustainability);
• Legal and regulatory compliance;
• Commitment to a broader corporate responsibility program;
• Desire and ability to deliver quality and value.

All new suppliers must go through a rigorous approval process, in which all information they submit is verified.

This information is then evaluated internally to consider the risks associated with the supplier, taking into account all of the above criteria. If rejected, the supplier will be informed. The Commercial Agent ensures that all organizations The Company engages understand compliance obligations under relevant jurisdictions for players.

11. Internal record keeping.

The following fundamental principles – knowing your customer, maintaining internal records and reporting – ensure our compliance with legislation and regulations.

• Records of all customer transactions – regardless of their relationship to payments or plays – will be kept for at least 6 years after the transaction.
• Records of customer data – regardless of their value status or open/lock status – will be kept for at least 6 years after the customer relationship ends.
• Records of money laundering investigations and suspicious activity reports will be kept for 6 years after the completion of the investigation.

12. Collusion Prevention and Data Protection Compliance.

The Merchant’s Terms and Conditions make it clear that fraudulent activity will not be tolerated and that customer accounts will be terminated if the fraudulent activity (cheating) occurs.

In terms of data protection, all data related to the user’s payment accounts is stored, encrypted and managed by Payment IQ and the Commercial Agent, and employees do not have access to the user’s payment information. All Customer Information in the organization will be protected through a strict Information Security policy that must be complied with by all employees and suppliers and which will include System Access and Authentication Control, Password Policy, Protection measures against Malware, Intrusion Prevention Policy, Encryption Policy and Strict Control and Network Management.