Help Center
AML Policy
1. Overview
1.1. Introduction
Money laundering is the process of concealing, disguising, converting, transferring, or removing criminal
property. In other words, it is the process of converting the proceeds of crime into assets with legal
origin.
There are three stages of money laundering:
1. Placement – placement of funds generated from crime into financial system, either
directly or indirectly (blending of funds, invoice fraud, smurfing).
2. Layering – the process of separating illicit proceeds from their source by creating
complex “layers” of financial transaction designed to disguise the audit trail and provide anonymity
(multiple bank transfers, investing in “cash” business).
3. Integration – the provision of apparent legitimacy to criminal derived wealth. If the
layering process has succeeded, integration schemes place the laundered proceeds back into the economy in
such a way that they re-enter the financial system and appear to be legitimately earned or acquired funds
(property dealing)
Terrorist financing is the provision or collection of funds with the intention that they should be used (or
in the knowledge that they are to be used) to carry out acts that support terrorists or terrorist
organizations or to commit acts on terrorism.
The key differences between ML and TF are:
However, they both involve money or other forms of value. They both involve the movement of money or value,
for example, from one person to another, one account to another, one institution to another, one country to
another, one asset class to another. They are both keen to disguise the source and destination of funds.
Middle Kang B.V. developed internal security measures to prevent money laundering and terrorist financing.
The key features of these measures aim to stay aware of high-risk customers and detect suspicious activity,
including the predicate offenses to money laundering and terrorist financing.
1.2. Management
Middle Kang B.V., a Private Limited Liability Company incorporated under the laws of Curaçao, with the
company number 168291, having registered office at Kaya Richard J. Beaujon Z/N Lanhuis Joonchi II, Curaçao
(hereinafter – the Company) appointed a Compliance Officer as part of the art. 5g of the NOIS.
This policy applies to all employees and outsource staff undertaking anti-money laundering, responsible
gambling and anti-fraud procedures to the extent connected to their direct responsibilities, including
senior management and Compliance officer.
Compliance Officer, the key individual responsible for the prevention of money laundering and the financing
of terrorism, has overall responsibility for ongoing regulatory compliance and anti-money laundering
procedures.
Compliance Officer will be fully engaged in defining and managing the processes needed to prevent money
laundering and other fraudulent activity based on the following principles:
The Company will ensure that all relevant employees are trained on AML and CTF policies and procedures and emphasize alerting these risks. Relevant employees will be required to pass competency tests on this topic.
1.3. Legal framework
The Company’s Policy and Procedures were created subject to the relevant applicable legislation, in particular (but not limited to):
1.4. Risk-based approach
The Company undertakes to prevent and combat money laundering and terrorist financing following a risk-based approach. A risk-based approach the Company summarized as covering the following areas:
1.5. Data processing system
The Company operates its internal data processing system to detect high-risk scenarios, money laundering,
and terrorist financing in day-to-day operations.
The Data processing system consist of the following mechanisms:
The Company will monitor trends and changes connected to ML/TF and will develop additional internal procedures to keep it up to date.
1.6. Staff Training
Upon joining the Company and thereafter annually, all staff (including outsourcing teams) will get training on AML/CFT procedures and associated policies. The training will be supplied by online and face-to-face training providers or by the appropriate Company's specialist. The specific employees are to be trained depending on the individual risk analysis.
2. Customer Acceptance and Registration Policy
2.1. Introduction
Before gamble, deposit or place a real-money stakes, the customer must register an account. Customers who do
not register an account will not be able to gamble.
The Customer Acceptance and Registration Policy defines the criteria by which the Company may or not accept
potential customers and describes the registration process.
2.2. Customer Acceptance
In order to deposit and play on a company’s site, a customer must first register on the site.
Registration is limited to individuals who are over eighteen years of age.
Customers may only open one account in their name per site. Additional checks are run to block multiple
accounts by email address, mobile number, device and certain other combinations of customer data. These
checks are done in order to prevent customers opening multiple accounts in order to bypass the AML
threshold.
2.3. Restrictions
Individuals under 18 years of age are not permitted to register on the site.
Individuals considered to be PEP, under Sanctions or listed in any blacklists, in particular:
Players may only open one account in their name per site. Additional checks are run to block multiple accounts by email address, mobile number, device and certain other combinations of customer data. These checks are done in order to prevent players opening multiple accounts in order to bypass the AML threshold.
2.4. Information Entered on Registration
During the registration process and later on, the Company will request the following identifying information and contact details:
2.5. Terms Acceptance
During the registration process, the customer must also confirm acceptance of the website’s general terms and conditions and its privacy policy.
2.6. Underage Customers
The system does not allow registration of customers who are underage: In order for the registration process to be successful, customers must be at least 18 years old or of legal age in their territory. Date of Birth will be cross checked with the provided ID upon customer Due Diligence.
2.7. Customer Due Diligence
To complete registration the customer must pass Customer Due Diligence. If the CDD is failed, the registration will be declined.
3. Customer Risk Scoring and Profiling
3.1. Introduction
Within the risk-based framework, The Company will undertake risk profiling of all customers from the time
they are registered for the potential money laundering/terrorism financing risks.
It is important to note that the Company’s policies and procedures are based on the following:
3.2. Customer Risk Assessment
Based on the information supplied at registration (e.g. customer home address, customer location, customer
age, whether PEP/sanctions), the Company will make an initial risk assessment of each customer. Customers
thus start their gambling history with the Company categorised as either Low, Medium or High risk for ML/FT,
which will determine decisions made at later points in how they are dealt with. Customer risk assessments
are made regularly and when new information comes to light.
The customer risk assessment is based on:
Customers who are considered High Risk will need to undergo EDD.
3.2.1. Individual status
PEP
Politically Exposed Person means any person who has been entrusted with a high-ranking prominent public
function at the international, European, or national level or who is or has been entrusted with a public
position of comparable political importance below the national level.
Any new or existing customer that is found to be a PEP or relative of such will have their account rejected
or closed.
Sanctions list
Governments and international authorities publish sanctions lists to combat persons engaged in illegal
activities. Sanction lists include sanctioned people, organizations, or governments. Companies, individuals,
organizations, or governments are on these lists as they may pose a high risk.
Individuals and entities on this list are subject to financial restrictions prohibiting counterterrorism
regimes and money laundering worldwide.
Any new or existing customer that is found on the Sanctions database will have their account rejected or
closed.
Adverse media
Adverse Media or negative news is any bad and negative information about the customer or business discovered
in various sources. This information can also expose someone to being involved in a crime.
Any new or existing customer mentioned in adverse media will be a subject for EDD. The Company may close the
account or reject the registration depending on EDD results.
3.2.2. Geographical location
If the Company finds that the customer resides in a High-risk county, this fact may be a subject for EDD.
High-risk countries are jurisdictions with serious strategic deficiencies to counter money laundering,
terrorist financing, and proliferation financing. The Company defines the High-risk countries based on the
FATF regulations, which can be found on the following website:
https://www.fatf-gafi.org/en/countries/black-and-grey-lists.html
The Company has implemented a geo-blocking tool to limit access to our services from players located in
certain geographic locations. A list of prohibited countries can be found in Appendix 1.
3.2.3. Gambling and transactional behaviour
Each players behaviour is constantly monitored. The Company both looks for behaviours that are considered
markers of harm for problem gambling and behaviours that indicate money laundering.
Behaviours, if noticed, are allocated scores that combines with other scored ML/FT red flags.
If any examples of overt ML/FT behaviour are observed, then an EDD must be undertaken immediately of the
customer and, if necessary, the SAR process implemented.
3.2.4. Payment Methods
Payment methods that allow us to trace the origin of the funds (such as the bank account) and to pay back to
the source of the funds are considered low risk.
Payment methods that are funded by cash, and don’t allow us to trace the source of the funds
or to back to source are considered high risk.
| Payment Method | Risk Rating |
|---|---|
| Bank transfers (Klarna, Trustly, Rapid, ApplePay), debit cards issued by banks | Low |
| EEA licensed e-wallets (Skrill, Neteller, paysafecard) | Medium |
| Prepaid cards, Vouchers and Cryptocurrency | High |
Manipulations with payment methods (e.g. deposits using one method, withdrawals using another is also considered as a high-risk by the Company.
3.2.5. Fraud red flags
The Company has anti-fraud risk management system to prevent bot attacks, fraudulent traffic, synthetic
identities, account takeovers, identity thefts, credit card and CNP fraud, proxy users, multi-accounting,
collusion etc. Some of the fraud red flags may also be connected to money laundering.
If the Company becomes aware a player triggered a fraud red flag, it will automatically be a subject for
EDD.
3.3. Risk Score Calculation
The purpose of this procedure is to pick up minor incidents of ML/FT behaviour that by themselves may not
warrant suspicion but, if combined with other behaviours, can do so.
A player will be scored by the internal CMS system according to part of the factors above, and a risk score
will be assigned.
Each factor will generate a score, and the overall risk score will be a sum of the individual scores. The
higher the score, the higher the risk.
Note that these factors, the scores and the thresholds are internal, and will be adjusted as we improve and
update the RS Calculation.
| Indicator | Description | Score |
|---|---|---|
| individual status | ||
| PEP | A customer considered to be PEP | 100 |
| Adverse media | A customer was mentioned in negative news or information the company discovered from various sources | 50 |
| Sanctions / blacklist | A customer is under international sanctions/blacklists | 100 |
| geographical location | ||
| Not at home | A customer whose IP location is different from their registered address | 20 |
| High-risk country resident | A customer resides in a High-risk country | 30 |
| gambling behaviour | ||
| Large sums no play | A customer depositing large sums, then places minimal stake bets, then withdrawing all their funds | 50 |
| Large sums big losses | A customer depositing large amounts and repeatedly losing large amounts as if the loss is of no consequence (EUR 5000 per week) | 50 |
| Low odds betting | A customer repeatedly placing short odds (such as red/black on roulette or repetitive betting on favourites) bets | 25 |
| Big changes in money | Dramatic changes in terms of volume and size of player deposits or staking activity | 20 |
| Several gaming accounts | A customer is trying to register several gaming accounts | 30 |
| transactional behaviour | ||
| Smurfing | A customer making multiple deposits or withdrawals of small amounts without no objective reasons | 30 |
| Spending above wages | A customers spend is outside of their affordability | 20 |
| No withdrawals | Player has never requested a withdrawal | -20 |
| Withdrawal without playing | Money is deposited by a customer or held over a period and withdrawn by the customer without being used for gambling | 30 |
| payment methods the player is using | ||
| Card switching | A customer opening an account and registering several different cards and making transfers between them | 20 |
| High risk payment methods | A customer uses high-risk payment methods | 30 |
| pfraud red flags a customer triggered | ||
| VPN | Customer used a VPN | 30 |
Once the score is calculated, a risk level is assigned:
| CMM Score | Risk Category |
|---|---|
| 0-20 | Low |
| 21 - 40 | Medium |
| 41 - and higher | High |
Not all factors can be automatically included in the CRA calculation due to technical or practical reasons, but we do monitor for these risks in other ways. For example, we check for VPN usage or multi-accounting at the point of registration, we have a separate alert for players who use cards under a different name, and all withdrawals are checked before approval and payment.
3.4. Customer Due Diligence level
The level of customer due diligence (CDD) conducted on a player will depend on the risk score assigned to the player as follows:
| Low | Med | High | |
|---|---|---|---|
| Verify ID and address with docs | X | X | X |
| Collect additional personal details | X | X | |
| Collect Source of Funds/ Wealth info | X | X (with documentation) | |
| Ongoing monitoring | X | X | X (Enhanced) |
| Additional measures to address any other risk identified | X | ||
| Report suspected cases of ML/FT | X | X | X |
3.5. Additional Details & Source of Funds/Wealth
A daily report will be sent to the Compliance Officer. The report will include any player who is newly
classified as medium or high risk, or who has moved from medium to high.
The responsible AML manager will then:
1. Review all accounts in the report, including:
2. The AML manager will then take appropriate action:
3. If the player does not reply within 14 days, or the response is unsatisfactory, the account will be blocked. If docs are provided later, the AML manager should consider if the delay itself was suspicious, and act accordingly.
Accounts that have been assigned as medium or high risk will require AML approval before any withdrawal
request can be processed.
All decisions taken by the AML manage must be documented.
3.6. On-Going Monitoring
The AML team will conduct on-going monitoring on accounts, on a risk sensitive basis. This includes:
3.7. Withdrawals
When the AML Team review a withdrawal request, they will also look at the player’s risk level:
Therefore, any withdrawal request by a player who is flagged as medium or high risk, or any withdrawal request that has been otherwise flagged as high risk, will require approval by the AML team before being approved and processed.
4. Customer Due Diligence
4.1. Introduction
The Company distinguishes between Customer Due Diligence (hereinafter – CDD) and Enhanced Customer Due
Diligence (hereinafter – EDD)
The customer is obliged to cooperate concerning the fulfillment of the due diligence obligations. If the
Company cannot undertake the due diligence, the business relationship won't be established or continued, and
no transaction will be carried out. In addition, the Company examines whether it is necessary to submit SAR.
4.2. Standard Customer Due Diligence
The Company applies general (standard) customer due diligence (hereinafter – CDD) measures to the customers at the registration stage. The CDD process consists of:
According to the above requirements, The Company collects the following information for identification and verification to prevent money laundering and terrorist financing:
4.3. Documents acceptance
For ID, the Company require a government-issued document containing photographic evidence of the customer’s identity. The following documents may be accepted for the verification purpose:
Minister For POA verification the Company accepts:
The main requirements to the documents provided by the customer are:
4.4. Threshold approach
The Company will apply EDD measures in relation to any transaction that amounts to EUR 2000 or more, whether
the transaction is executed in a single operation or in several operations which appear to be linked.
“Transaction” consists of the wagering of a stake, including:
The transactions are considered linked if they are part of the overall activity undertaken by a customer
during a single period of being logged on to the operator's gambling facilities. However, this example is
not exhaustive, and the Company considers other circumstances in which transactions are linked using a
risk-based approach.
Consideration will need to be given as to whether there are other circumstances in which transactions are
linked, such as, whether a customer is deliberately spreading their wagering or collection of winnings over
a number of transactions in order to circumvent the C/EDD requirements.
For the purpose of the EDD triggered by the threshold, the Company applies verification using risk-based
approach.
4.5. Ongoing monitoring
The general due diligence duties include the ongoing monitoring of the business relationship. This includes:
To keep all the customers information up to date, the Company apply CDD procedure every 6 months from the date of the successful complete verification of each customer and on a risk-sensitive basis.
4.6. Enhanced Due Diligence
The Company applies enhanced customer due diligence measures (hereinafter – EDD) and enhanced ongoing
monitoring, in addition to the required CDD measures, to manage and mitigate the money laundering or
terrorist financing risks.
EDD is applied in the following cases:
In cases where there is a higher risk, establishment of the business relationship or continuation of the
business relationship (if the higher risk only arose later or was only recognised later) only with the
consent of the Compliance Officer.
If a customer has been deemed to be a high-risk or becomes one at any stage, the Company undertakes the EDD,
comprising of (depending on the case):
Undertaking the EDD on transactions, the Company's fundamental aim is to ensure the transparency of payment flows. Accordingly, the origin and destination of the money used in a transaction shall be traceable back in each case to an account.
Meaning of Source of Funds
The Source of Funds refers to the origin of the particular funds being used to deposit on the Company's website. This is not simply verifying which bank or financial institution the customer may have received the funds from. The information obtained should be substantive, relevant and establish the fund's origin and the method/circumstances under which the funds were acquired.
Meaning of Source of Wealth
The Source of Wealth refers to the origin of the entire body of wealth (i.e. total assets) of the client. The information that the Company obtains should indicate the volume of wealth the client would reasonably be expected to have and provide a picture of how it was acquired.
4.7. Politically Exposed Persons and Sanctions Screening
The Company uses KYC software tool to check all new customers at the registration stage against the PEP and
Sanctions databases. The Company also regularly check the whole customer database every six months to ensure
existing customers have not changed status.
Any new or existing customer found on the Sanctions database, or a PEP or relative of such will have their
account rejected or closed.
In case of identifying a PEP, responsible staff will send a report to Compliance Officer who in turn will
send a report to the senior management.
The Compliance Officer will investigate each case to identify positive or false-positive PEP alert. The
Company has a right to request additional documents from the customer for this purpose within the
investigation.
If the PEP alert is true-positive, the Compliance Officer will reject registration or close the account and
informed the senior management about the decision taken.
Politically Exposed Person means any person who has been entrusted with a high-ranking prominent public
function at the international, European, or national level or who is or has been entrusted with a public
position of comparable political importance below the national level. In particular, politically exposed
persons are:
Family member of PEP means a close relative, in particular
FATF blacklisted/grey-listed countries are blocked on the company’s sites, and individuals from these countries are not able to register or login from these countries. The list of FATF blacklist/grey-listed countries may be found here - https://www.fatf- gafi.org/en/countries/black-and-grey-lists.html
4.8. Procedure for Account Closure
There are numerous reasons for why the Company will want to close a customer’s account:
The concern of this Company Policy is the reason that there is a suspicion or knowledge that the customer is
involved in ML/FT.
By law the Company must end the business relationship with the customer unless we have obtained appropriate
consent for it to continue and even then it is precautionary to close the account.
Due to the laws on Tipping Off the Company cannot inform the customer that we have concerns regarding ML/FT,
thus account closure must be done sensitively.
The Compliance Officer will need to consider whether if an SAR was submitted as part of the concern about
the player’s behaviour whether appropriate consent should have been requested.
Where the Company is unable to complete or apply the required CDD measures in relation to a particular
customer at the point the CDD threshold for transactions is reached, and is accordingly required to cease
transactions and terminate the business relationship with the customer.
5. Deposit and Withdrawal Management Procedures
5.1. Player Account Balance
Each player has a wallet with funds from which bets are deducted, and winnings added. All funds deposited by
the player or owed by the Company are credited to the player’s corresponding account. The player can top up
the funds in his account by depositing through the cashier on the site and then use these funds to place
bets. Bets are deducted from his account balance, and winnings are added to the account balance.
The player can withdraw withdrawals of available funds in the player’s balance. The Company do not offer
credit to players. A player may not transfer funds to another player.
5.2. Payment Methods
Payments shall only be accepted and made from accounts held with licenced financial institutions or through
licenced payment providers.
No cash deposits/withdrawals will be effected between the Company and its players.
5.3. Player Deposits
After registering, a player may then deposit funds into their account through the cashier on the site.
In order to facilitate these deposits, the company has integrated with a number of gateways. All gateways
are PCI DSS compliant, and the company does not hold any credit card data itself.
The company submits the transaction to the PSP and then waits for approval from the card acquirer/e-wallet.
On approval, the deposit status is updated and the funds added to the player’s balance.
5.4. Player Withdrawals
A player with an available balance will be able to request a withdrawal of the funds via the cashier on the
site.
The player will enter the amount they wish to withdraw and select their preferred payout method. The
withdrawal amount is then deducted from the player’s balance.
5.5. Withdrawal Payouts
In remitting funds to the player, we will, where possible, remit the funds directly into the account where
the funds originated from.
Provided that where this is not possible, we will remit the funds to the player in line with the
requirements under AML legislation.
6. Suspicious Activity Reporting
6.1. Introduction
Every employee of the Company must report to the Compliance Officer if there is suspicion or knowledge of
money laundering, funding of terrorism or if the funds being used on the Company‘s website are the proceeds
of criminal activity.
The Compliance Officer will consider each report and determine whether it gives grounds for knowledge or
suspicion. If they do, then a SAR should be submitted to the Financial Intelligence Unit – Financiele
Inlichtingen Eenheid (hereinafter – FIU or FIU Curaçao).
Knowledge means that the person reporting knows the event to be a fact. Suspicion implies that the person
reporting the incident may have noticed something unusual or unexpected and, after making enquiries, the
facts do not seem normal or make commercial or financial sense.
A transaction or activity may not be suspicious at the time, but if suspicions are raised later, an
obligation to report the activity then arises. Likewise, if concern escalates following further enquiries,
it is reasonable to conclude that the transaction is suspicious and will need to be reported to the FIU.
The Compliance Officer assess all the circumstances and the customer or others more questions if needed. The
choice depends on what is already known about the customer and the transaction and how easy it is to make
further enquiries.
6.2. Red Flags Indicators
Red flags are not intended to automatically result in filing a SAR with the FIU, however are merely
indicators that should lead the Company to question the customer’s behaviour. If there is no reasonable
explanation for the red flags, then an internal report must be made to the Compliance Officer.
The following is a list of possible red flags which should be considered:
6.3. Inability to Complete CDD Measures
If a customer refuses to provide CDD/EDD documentation, the Company won't immediately equate this on its own
to suspicion of ML/FT.
The Company will consider all factors and information, including the payment method used, games played,
playing trends and patterns, residence jurisdiction, and open-source information.
If there are grounds to suspect ML/FT after considering all of these factors, then an SAR must be submitted.
6.4. Internal Suspicious Activity Report
All employees have a duty to report suspicious transactions. If an employee has any suspicion about a
customer’s behaviour or transaction, it must be reported to the Compliance Officer immediately. All
employees are expected to report suspicious transactions to the Compliance Officer. For this purpose
employees use approved Internal Suspicious Activity Report Form.
The employee should still submit the report, even if their superiors are not in agreement. It will then be
up to the Compliance Officer to determine if the information available can be considered as sufficient for a
SAR to be made to the FIU.
The following information is included to an Internal SAR:
6.5. External report to FIU
Once the Compliance Officer has received an Internal SAR, she/he will decide if a SAR should be submitted to
the FIU.
When making this decision, the Compliance Officer should consider that AML legislation is intended to
address and attack serious crime which usually either involves amounts that are not minimal or circumstances
that show an intent to circumvent and abuse the safeguards in place to deter the use of the financial system
for criminal purposes.
For example, identity fraud and chargebacks may give rise to ML, but a licensee will only be subject to
reporting obligations if they result in funds derived from these activities being deposited with or held by
the licensee.
However, the Company won’t report single instances involving small amounts but should
consider whether it can detect a more significant pattern or scheme.
The Compliance Officer considers whether an internal report gives rise to a suspicion of ML by taking into
account all relevant information, including assessing whether there are common denominators between e.g.,
repeated suspicious behaviour, instances of chargebacks or identity fraud. For example, these may consist of
common or related persons, common IP addresses etc.
The Compliance Officer, in deciding to submit the SAR or not, should answers the following questions:
6.6. Reporting Procedure
The Company is obliged to submit a suspicious activity report to the FIU, through the user interfaces on the FIU’s website or by mail (if possible), without due delay if there are indications that:
When the Company decides whether it is necessary to submit SAR, it takes the following factors into account, including but not limited to:
The Company doesn't execute suspicious transactions, except in cases where it cannot postpone the transaction or if the postponement could hinder the prosecution of an alleged criminal offense. In this case, the Company submits SAR immediately.
6.7. Tipping-off
It is an offence to tell anyone that a SAR has been submitted or is being considered to be submitted and
that this is likely to prejudice the investigation. This means it is possible to have an internal discussion
about the customer, but in no way can the customer or their associates be given any indication that the
customer may be under investigation.
This means that no one working for the Company:
7. Internal Control
7.1. Introduction
The Company has a number of internal controls and general procedures which will be used on a day-to-day basis in respect of managing and running the daily operations of the business for the purpose of money laundering and terrorist financing prevention.
7.2. Recordkeeping
The Company keeps all the documents and data collected or obtained within the scope of the due diligence, including:
The Company also keeps all documents created and processed in connection with a suspicion of money laundering or terrorist financing, including:
The retention period is five years and starts with the end of the calendar year in which the business
relationship ends and in all other cases with the end of the calendar year in which the respective
information was ascertained. Applicable legislation may provide for a more extended retention period.
The Company destroys all the documents and data collected after retention period expiration unless other
recordkeeping or retention obligations apply, but not later than after 10 years.
7.3. Money Laundering Reporting Officer
The Company has appointed a Compliance Officer whose main responsibility is to review any internal
suspicious transaction reports of unusual or suspicious transactions, and where necessary to submit an SAR
with the FIU. The Compliance Officer is the main contact point for the FIU.
In order to ensure that the Compliance Officer is able to fulfill their role effectively, the Company
guarantee that:
The Compliance Officer and their deputy carry out the following functions (including but not limited to):
The Compliance Officer and their deputy are authorized, within the scope of their performance of their work:
7.4. Training
The Company will give training to all staff directly or indirectly through a service provider upon joining
the Company and after that annually.
Relevant training materials will be prepared for all teams based on the company policies which have been
compiled according to the applicable legislation requirements and guidelines.
Training will be conducted as follows:
Staff training will focus on ensuring awareness of:
Induction training sessions will be conducted for all employees and will include fraud prevention, detection
and ancillary matters, as required by their role. Refresher training will also be provided, both on a
regular basis and as needed, so as to keep employees up to date and informed of the Company’s policies and
procedures and any changes or improvements made.
The Money laundering Officer keeps records of training delivered, showing what training has been provided,
when and by whom, and the next training date. In case of any changes to the Company's policies and
procedures or applicable legislation, all staff will get the relevant training.
7.5. Employees background check
Prior to engaging employees, the Company will carry out relevant integrity checks, in-line with their
position, responsibilities and access levels. The Company will not employ any persons who are not deemed to
be fit and proper.
For this purpose, the Company may request the following documents (in each case with due regard to data
protection):
Once a person is employed, screening shall still be carried out on an ongoing basis as required. All
Company's employees must guarantee that they observe the provisions of applicable legislation and the
associated due diligence obligations, report facts relevant to money laundering, and do not themselves
participate actively or passively in dubious transactions.
For this purpose, senior management will regularly carry out checks on employees or whenever the Company
feels the need to perform such inspections. In particular, such inspections shall be carried out when
suspicion arises concerning the behaviour of specific employees. The Company may carry out these checks
through surprise spot checks or other procedures that will enable such personnel to verify whether employees
comply with the policies and procedures.
The frequency and extent of screening that shall be carried out shall be proportionate to the risk level
posed by the employee. The risk level will be determined case by case depending on employee’s position
(e.g., head of dept, senior, mid), the scope of duties and obligations, etc.
The Company will check all the employees at least once a year. The Company will use an employee performance
sheet for this purpose.
7.6. Internal and external revision and staying up to date
The Company has compiled its policies and procedures according to the requirements of the applicable legislation and guidance of the FATF, GCB and FIU. However, the requirements and guidance, as well as external fraud trends, can and will change. Therefore, the Company has implemented the following measures to ensure the relevance of the Company's internal AML documentation:
Any consequential update to the Terms and Conditions will trigger a pop-up notification to players on their
next login where they will need to accept and agree to the new version before proceeding.
The Company may engage a third-party service provider with expertise in AML compliance to conduct
independent external reviews of our AML policies and procedures. The results of these reviews will be
reported to the senior management and used to enhance our AML/CTF measures and documents as needed. The
frequency of external reviews is determined by senior management. It may be conducted annually or more
frequently, depending on the need for an updated assessment of our AML program's effectiveness.
7.7. Version Control
The Company is constantly improving its policies to actively combat Money Laundering and the Financing of Terrorism and therefore requires Version control to keep track of Changes and Approval by the Director.