CRIME AND DISORDER (INCORPORATING FRAUD AND AML)
1.1. Uno Digital Media B. V. (hereinafter – «Company») has lengthy experience in securing gaming businesses against criminal misuse and implementing wide-ranging anti-fraud and anti-money laundering processes, procedures, and extensive staff training programs.
1.2. Underpinning future training programs will be knowledge of the Proceeds of Crime Act and Money Laundering indicators usually detected in a gaming environment, particularly in a Card Not Present transactional environment.
1.3. The director is fully aware of all aspects of the Proceeds of Crime Act and his responsibilities and is well placed to impart knowledge of Anti-Money Laundering measures and requirements having secured major remote and non-remote gaming businesses in this field.
2.1. Gaming environments are often targeted by those wishing to launder money. The speed of transactions and use of multiple payment processing options make gaming businesses especially vulnerable to this activity.
2.2. As a result, many of the initial trading and procedural decisions of the director are either directly aimed at combatting this threat or protections are enhanced as a byproduct of the overall commercial and trading approach/strategy taken by the business.
2.3. All staff will be given training in Money Laundering indicators such as (but not limited to):
2.3.1. unusual betting patterns;
2.3.2. suspicious deposit and withdrawal patterns (size and frequency);
2.3.3. reliability of data provided;
2.3.4. customer verification issues and identity theft;
2.3.5. account linkage/multiple accounting.
2.4. All instances of suspected Money Laundering attempts must be reported to the MLRO but that suspicion must not be conveyed to the customer and further actions must await consent. The MLRO is then responsible for liaising with, submitting Suspicious Activity Reports, and seeking consent through the goAML system of the Financial Intelligence Unit (FIU) Curaçao where and when appropriate. He will also ensure that appropriate registers are kept for all related reporting.
2.5. Company will implement a full ‘Know Your Customer’ policy. This will assist in tackling not just Money Laundering threats but other fraud threats generally. Customers will be advised at registration and generally on the supporting non-transactional website that Company will utilise online verification tools and that in instances where we are not able to satisfy criteria, ID and address verification documents will be requested.
2.6. Other key decisions that will enhance these protections include setting period thresholds/velocities for withdrawals to include at outset the requirement for checks and director approval prior to processing card withdrawals and bank transfers of over BTC/ETH/LTC equivalent of 3000 EUR in one single transaction, a maximum of 3 (three) daily withdrawals and an overall maximum daily withdrawal of BTC/ETH/LTC equivalent of 9000 EUR.
2.7. Industry-accepted standards that will always lead to Enhanced Due Diligence (the requirement for further proof of ID and Address) will be withdrawals in excess of BTC/ETH/LTC equivalent of 3000 EUR in a single 24-hour period and BTC/ETH/LTC equivalent of 9000 EUR in a 90-day period. Simple online verification will NOT be acceptable in these circumstances.
2.8. The business will also not have any cash element to it, mitigating risks associated with counterfeit monies.
2.9. Systems will be operating to record all transactions for an account. These account histories will be subject to a program of regular and continual checks against fraud and social responsibility indicators. Where unusual bet patterns and winning patterns are detected, these will also be cross-referenced to call history to ensure that staff are not colluding with customers or acting illicitly.
2.10. Company will also keep a register of those customers that it identifies as high-risk or politically exposed. Those accounts will be subject to greater scrutiny and frequency of checks.
2.11. In general, where illegal or inappropriate behaviour by staff is identified, investigatory and disciplinary procedures will follow those outlined in staff contracts as required by employment law directives and the need to use in greater propensity, measures such as suspension when for example transactional fraud is suspected and those activities form a standard part of an employee’s job description.
3.1. It is essential to implement adequate monitoring procedures in any gaming business across premises, equipment, people, communications and transactions. Company will implement a range of measures and procedures to ensure security and safety in these areas.
3.2. Company has installed Call recording technology. This has multiple benefits that include:
3.2.1. staff training;
3.2.2. ensuring the accuracy of bet (timing and placement) and transaction data;
3.2.3. customer and brand reputation protection;
3.2.4. implementation of robust and frequent monitoring procedures that will guard against and deter collusion between staff and customers.
3.3. The protection of data and the security of software and hardware generally are of prime concern for any business where transactions and data are recorded in a Non-Face to Face environment. Consequently, Company will implement an overarching policy of ‘Encrypt whatever can be Encrypted’. Access to Shared Drives will be strictly limited and monitored and where appropriate, password protected. Data Storage and Back-Up solutions/procedures exist to ensure that Customer Data is not accessible to outside parties and reliably prevent loss of data.
4.1. Company will be publishing Terms and Conditions along with KYC & AML policies on its website. These will make specific reference to fraudulent activity, prior knowledge of a result or the likely result of an event and matters relating to match-fixing and suspicious events. It will detail the actions we may take where cheating is suspected or identified and will detail the extent to which we will cooperate with regulators and sports governing bodies to tackle these matters. This will in general allow a transparent communication process with customers in these instances.
4.2. However, the director acknowledged that in the event that serious criminal activity is suspected or identified, it is also incumbent on them and staff that those suspected of this activity are not ‘tipped off’ as to those suspicions and subsequent investigations and that in some instances, alternative approaches will be required. Appropriate staff training and escalation procedures will be in place.
4.3. Company will take all necessary measures to ensure the propriety of its relationships with other businesses. This will entail a standardized due diligence approach often accompanied by Non-Disclosure Agreements where appropriate. This will require default disclosure of ownership and management structures, company incorporation details, address and contact details. Details of these investigations will be templated and records kept.