The 4th AML Directive within the Gaming Sector

‘How do we create a successful, compliant AML solution for our business?’

“It is a safe assumption that an increase in enforcement can be expected from the MGA, especially following the license suspensions of July, 2015 of several operators in relation to money laundering arrests made by the Italian authorities.”

The prevention of money laundering and its implementation within the iGaming industry may have been ambiguous in the past, but this may finally be rectified by the release of Directive2015/849.

The EU 4th Anti-money laundering directive clarifies the standing of the gaming industry to a large degree, and presents a number of recommendations to member states, who have until 26 June 2017 to implement these requirements into their laws.

With the release of this directive on June 26, 2015, it is more vital than ever before to ensure that you are compliant with the various anti-money laundering regulations, laws and requirements. Therefore, having a robust Anti-money laundering strategy for your company is a necessary requirement and such a strategy has several key aspects, of which staff training is a vital part.

While many member states and gaming regulators already incorporate many of the requirements, we can expect to see some amendments to regulations and laws for the Gaming industry in regards to anti-money laundering over the next 2 years.

It is also a safe assumption that an increase in enforcement can be expected from the MGA, especially following the license suspensions of July, 2015 of several operators in relation to money laundering arrests made by the Italian authorities.

The FIAU’s [Financial Intelligence Analysis Unit] Implementing procedures, Part I, are an excellent starting point in designing your strategy, and provide valuable insight into the expected approach. While Part II of the Implementing procedures is in progress for several sectors, there is still no section planned specifically for the iGaming sector.

Creating and implementing a companywide anti-money laundering program may become an enforceable requirement, and will require advance planning to execute successfully. As we are all aware, compliance related issues can often come up at a moment’s notice, and may be disruptive to the operational and commercial aspects of our business. Therefore, taking a pro-active approach the planning and implementation of AML strategies, policies and other requirements will greatly benefit your organization in the long run.

While there may have been some questions regarding the requirements of compliance for iGaming operators in the past, the 4th Directive effectively removes the main concerns, which include such examples as:

  • iGaming operators, as providers of gambling services are obliged entities.
  • Therefore, subject to all requirements of obliged entities, or as specified.
  • As an obliged entity, an annual compliance report must be filed with the FIAU
  • The submission date may be subject to interpretation depending on whether the ‘providers of gambling services’ will be grouped with Casinos – 30th of April every year – or with ‘other categories of non-financial subject persons’ – 31st of May every year.
  • Due diligence must be conducted in the event of occasional transactions in the amount of €2 000, whether carried out in a single transaction or several transactions.
  • In the event where this due diligence, verifying the identity of the customer has not been conducted for other reasons previously, this will indicate the checkpoint at the lifetime total of €2 000 on the account.
  • An AML program, including policies, training, record keeping, on-going monitoring and risk assessments to determine the level of due diligence is likely to become a factor for review by the relevant competent authority.


Other considerations

There are certain parts of the directive which may cause concern to operators licensed under the MGA. The impact of these issues on the industry will depend on the interpretation by Maltese law makers, and any amendments made to the Remote Gaming Regulations.

The 2 examples below could have wide spread impact on the industry, depending on the final implementation approach:

  • Section 2, Article 45 (3):
  • In the case of credit and financial institutions and providers of gambling services, competent authorities shall have enhanced supervisory powers, notably the possibility to conduct on-site inspections.

Will the MGA remain the competent authority for the industry, and will AML-audits become the norm?

  • Recommendation (13) of the Proposal preceding the directive:
  • In order to mitigate the risks related to the sector and to provide parity amongst the providers of gambling services, an obligation for all providers of gambling services to conduct customer due diligence for single transactions of EUR 2000 or more should be laid down. Member States should consider applying this threshold to the collection of winnings as well as wagering a stake.

Most European regulators already address the potential of this recommendation by requiring a registration process that includes the verification of identity prior to any deposits being accepted or bets being placed.

Should the MGA choose to go in a similar direction, or even just extend the €2 000 amount to include lifetime deposit amounts, operators will have to review their current KYC procedures, especially in regards to the processing and verification of documentation.


Risk based approach and strategy


The 4th directive has also placed an increased emphasis on the risk based approach to deciding the level of due diligence required on customers and business partners/suppliers.

Some other requirements that must be included in a complete AML strategy include:

  • Assigning an MLRO [Money Laundering Reporting Officer] fitting the FIAU’s profile requirements for this role.
  • Staff training that covers an awareness of the provisions of the directive, recognition of potential money laundering activities and how to proceed in such a case.
  • Having a Suspicion Action/transaction reporting procedure to be followed internally which will ensure that the necessary reports are made to the relevant FIU.
  • Appropriate due diligence measures on the identification of customers, partners, suppliers etc.
  • A special emphasis on the identification of UBO’s (Ultimate Beneficial owners)
  • Having a clearly defined Customer Acceptance Policy


These requirements or equivalent requirements will need to form a part of an Anti-Money laundering strategy, whether the jurisdiction in which the company is licensed or registered in Malta, UK, US or any other EU member state.

In conclusion, while there is still no clear central standard or single application of these requirements for the iGaming industry, we may see a more homogenous approach from the regulators following the release and implementation of the 4th EU Anti-money laundering directive.



Wendy Zitzman,

iGaming Academy


As the Head of Compliance Consultancy and Training with the iGaming Academy, Wendy is a leading adviser to gaming companies on the delivery of critical and complex learning initiatives covering topics such as Anti-Money Laundering, Customer Due Diligence and Fraud Prevention.



About the iGaming Academy

The iGaming Academy is a leading training provider to the lotteries and gambling industry. We deliver a wide range of training solutions that support personal, professional and regulatory requirements of companies. Our portfolio of face-to-face and online training programmes include topics such as AML, Responsible Gambling, introduction to iGaming, Online Sportsbook Management, Online Casino Management, Anti-Fraud & Payments Handling, Social Media Marketing, PCI DSS Compliance, Customer Analytics, SEO and Customer Relationship Management. Over 40 leading operators with collectively over 5000 employees entrust us with the task of training their staff by implementing critical and complex learning programmes, as well as strategic communication initiatives.


Find out more at:-