Online Gambling Risk Management

Posted : admin On 4/4/2022
Online Gambling Risk Management Average ratng: 5,8/10 5013 votes

The investigation into a huge cyberattack on JP Morgan Chase last year has exposed one of the largest computer hacking and fraud schemes to date. According to U.S. prosecutors, Gery Shalon, Joshua Samuel Aaron and Ziv Orenstein, all from Israel, hacked a total of 12 companies to expose the personal information of more than 100 million people, netting hundreds of millions of dollars in profit. The men face 23 criminal counts, including wire fraud, computer hacking, illegal internet gambling and money laundering, with alleged crimes targeting 12 companies, including nine financial services companies and media outlets including the Wall Street Journal. Investigators say their massive criminal empire used 75 shell companies that employed hundreds of people, and hacked seven major banks, ran an online casino, laundered money around the world and set up an illegal Bitcoin trading operation.

Online Gambling Risk Management

Online Gambling Risk Management Strategies

“It is hacking in support of a diversified criminal conglomerate,” said Preet Bharara, U.S. attorney for the Southern District of New York. “In short, it is hacking as a business model.”

In addition to the hack of JP Morgan, which U.S. Attorney General Loretta Lynch called “the largest theft of customer data from a U.S. financial institution” and exposed the personal information of 83 million customers, the criminals also attacked E*Trade Financial Corp., TD Ameritrade, Scottrade Inc., Fidelity Investments and News Corp’s Dow Jones, which publishes the Wall Street Journal. The breaches date as far back as 2007.

“By any measure, the data breaches at these firms were breathtaking in scope and in size,” Bharara said. “This showcases a brave new world of hacking for profit.”

Breaking into these financial institutions gave the attackers information to target specific people, and gave them extra insight into the stock market. According to the indictment, they used the customer data to contact individuals and push them to buy stocks in order to manipulate their prices. In addition to the pump-and-dump scheme, sometimes the defendants reportedly engineered mergers with shell companies to create publicly traded stocks that could be manipulated. Bharara called the scheme “securities fraud on cyber steroids.”

Buster Banks is a new online casino for 2020 where casino fans can Tendency Of Risk Management In Online Gambling enjoy the advantages of Trustly’s Pay N Play payment service and benefit from no registration and instant withdrawals. Bob Hannum is a Professor of Risk Analysis & Gaming at the University of Denver where he teaches courses in probability, statistics, risk, and the theory of gambling. His publications include Practical Casino Math (co-authored with Anthony N. Cabot) and numerous articles in scholarly and gaming industry journals. The men face 23 criminal counts, including wire fraud, computer hacking, illegal internet gambling and money laundering, with alleged crimes targeting 12 companies, including nine financial services companies and media outlets including the Wall Street Journal. Investigators say their massive criminal empire used 75 shell companies that. ICA Specialist Certificate in Money Laundering Risks in Betting and Gaming This course (delivered online) provides you with an opportunity to understand the key anti money laundering and counter terrorist financing risks and the risk-based approach in managing these risks. What will you learn? The online gambling industry Determines a threat assessment of the risks of money laundering and terrorist financing through online gambling. Reviews money laundering legislation and regulations as they apply to online gambling. Provides a summary of best practice within the online gambling industry.

Beginning in 2012, in addition to disguising payments and constantly obtaining new bank accounts, the men further tried to evade detection by hacking into a company that assessed merchant risk for credit-card issuers. The breach allowed the defendants to read employees’ emails and figure out how to sidestep the company’s efforts to monitor illegal payments, according to the indictment.

The defendants are also accused of operating at least 12 illegal internet casinos, even launching cyberattacks against rival gambling businesses to review executives’ email and gain a competitive edge. Shalon hacked competitors’ customer databases and directed denial of service attacks to shut down their businesses.

Several compliance officers may soon feel the heat as well: the investigation found that, in operating the online casinos and illegal pharmaceutical payment processing enterprises, the co-conspirators deceived financial institutions into processing and authorizing payments between the casino companies and others. “They colluded with corrupt international bank officials who willfully ignored its criminal nature in order to profit from, as a co-conspirator described it to Shalon, their payment processing ‘casino/software/pharmaceutical cocktail’,” the indictment charges.

According to prosecutors, the case illustrates the growing power of criminals and their tools, and makes such crimes particularly difficult to solve. But it may also highlight one key resource to do so: self-reporting to law enforcement. Officials credited JP Morgan’s early cooperation for helping to uncover the network of criminal activity. The firm came forward early on to share information with the government, a move many forensic investigators encourage. This case provides one of the clearest examples of why: hackers frequently use the same schemes to target a swath of companies in a given industry. While many companies worry about the reputational and regulatory risks of disclosing a breach to law enforcement, as hackers grow more sophisticated in their techniques and complex in their operations, it may prove an ever more critical step in the breach response and investigation process.

“Shalon, Aaron, and their co-conspirators allegedly robbed victim companies, often for months at a time, stealing the contact information of tens of millions of customers,” said FBI Assistant Director-in-Charge Diego Rodriguez. “They cloaked themselves in secrecy, but their methods rivaled those of the traditional masked robber. Today’s indictment sheds light on an increasingly complex threat. But just as criminals continue to develop relationships with one another in order to advance their objectives, the law enforcement community has developed a collaborative approach to fighting these types of crimes.”

FIN-2010-G002
Casino or Card Club Risk-Based Compliance Indicators

This document describes factors that a casino or card club may need to consider in applying a risk-based approach to the development and implementation of a Bank Secrecy Act ('BSA') compliance program. The BSA requires casinos and card clubs to develop and implement compliance programs tailored to business activities and customer risk profiles (e.g., type of products and services offered, the locations served, and the nature of their customers). Please note that the business/customer risk factors described below will not apply equally to all casinos and card clubs, and even when these factors are present, there may be different risk outcomes for different casinos and card clubs. A casino or card club may not be required to address each of the factors described below; also a casino or card club should not construe the risk indicators below as exhaustive and the only ones required to be addressed.

I. General Business Risk Indicators

There are many risk indicators or factors that a casino or card club may need to consider when developing and implementing an effective BSA compliance program to combat money laundering and terrorist financing. Risk factors may differ depending on the business activities of a specific gambling establishment, or its products and services, as well as state, tribal or local gambling regulations that affect the gaming operation. Also, a casino or card club may need to consider the risk management principles that it applies in its operational areas when assessing and managing its BSA risk profile.

A casino or card club may need to consider, as appropriate, the following factors when developing and implementing risk-based policies, procedures, internal controls and systems to comply with the BSA:

  • Gross annual gaming revenue ('GAGR') of the business as well as GAGR by type of gambling offered (e.g., table games, card games, slot machines, video lottery terminals, sports book betting, pari-mutuel wagering on horse or dog races);
  • Overall physical layout of gambling establishment (e.g., square footage and gambling floor layout);
  • Governmental wagering limitations or other legal constraints on betting or the types of games offered;
  • Types of gambling offered (e.g., table games, card games, slot machines, video lottery terminals, sports book betting, pari-mutuel wagering on horse or dog races);
  • Types of specific games offered (e.g., roulette, baccarat/mini-baccarat, or craps, which allow a pair of bettors to cover between them both sides of an even bet);
  • Number of table games, card games, slot machines/video lottery terminals offered;
  • Number of table games, slot machines or video lottery terminals with high dollar maximum bet limits;
  • Number and location of cages and slot redemption booths;
  • Number of cage windows and race/sports book windows;
  • Number of slot kiosks for ticket redemptions and maximum dollar thresholds;
  • Types of financial services offered at the cage (e.g., deposit accounts, credit/marker accounts, account access cards, check cashing accounts, currency exchange services), any limitations on financial services, and other types of payment methods accepted (e.g., credit cards, debit instruments, wire transfers);
  • Types of negotiable instruments accepted for cashing, credit, deposit, and purchase of gaming instruments (e.g., business checks, cashier's checks, foreign drafts, domestic or international money orders, official bank checks, personal checks, promissory notes, third-party checks, domestic or foreign traveler's checks);
  • Business and personal check cashing dollar limits;
  • Whether customers can wire funds domestically or internationally through a domestic depository institution for deposit or payment of markers into their personal casino accounts;
  • Whether a third-party contractor provides check cashing or money transmitting for customers on the premises;
  • Whether a third-party contractor provides race and sports book wagering within a casino, and the extent to which a casino conducts such customer transactions on behalf of a third-party contractor;
  • Types of financial transactions that a casino 'host' can conduct on behalf of customers;
  • Whether customers are allowed to conduct transactions through chip runners and the types of transactions that can be conducted;
  • Whether the casino or card club is located in a High Intensity Financial Crime Area ('HIFCA');1
  • Whether the casino or card club is located in a High Intensity Drug Trafficking Area ('HIDTA');2
  • Whether the casino or card club is located in a town or city center, or in a more remote location;
  • Whether the casino or card club is located near a U.S. land border crossing;
  • Proximity of the casino or card club to any interstate freeways which allow customers quick ingress and egress to the gambling operation;
  • Whether the casino or card club is owned by a state or tribal government, privately owned, a combination of state and private entities, or is a publicly traded company;
  • Whether a casino is owned by a corporation that operates other casinos in the same state or other states, as well as other countries;
  • Number of employees, experience levels, and turnover rate of key personnel and frontline employees;
  • Number of surveillance employees and ratio of employees to surveillance cameras;
  • Number of fiduciary accounts that are opened annually (e.g., deposit accounts, credit/marker accounts, check cashing);
  • Number of marketing accounts that are opened annually (e.g., player rating and slot club);
  • Geographic marketing areas, such as international, regional, and local marketing areas, as well as relative concentration in these markets;
  • Business clientele model and profile (e.g., a large number of customers who gamble relatively small amounts of money, a large number of customers who gamble relatively large amounts of money, a small number of customers who gamble relatively small amounts of money, a small number of customers who gamble relatively large amounts of money, or some combination of these); and
  • Customer base (number of accountholders versus estimated number of non-accountholders, organized casino tours/junkets, estimated number of local customers versus estimated number of travelers or tourists).

II. Customer Risk Indicators

Although any type of customer activity is potentially vulnerable to money laundering or terrorist financing, certain customers may pose specific risks. In assessing customer risk, casinos and card clubs may need to consider other variables, such as services sought, products used, and geographical locations. For example, a casino or card club may need to consider the following:

  • Particular aspects of operations (i.e., products, services, games, and accounts or account activities) that can be used by customers to facilitate money laundering and terrorist financing;
  • Non-resident aliens and foreign nationals with deposit accounts who are citizens of countries or jurisdictions that are:
    • Identified as non-cooperative by the Financial Action Task Force (FATF)3 ,
    • Identified as Jurisdictions of Concern or Jurisdictions of Primary Concern in the U.S. Department of State's annual International Narcotics Control Strategy Report (INCSR)4,
    • Designated as jurisdictions of primary money laundering concern or subject to special measures through regulations issued by FinCEN, pursuant to Section 311 of the USA PATRIOT Act5, or
    • Sanctioned by the Office of Foreign Assets Control (OFAC), including those with state sponsored terrorism6.
  • Customers with significant levels of gambling (e.g., in amounts of $3,000 - $10,000 inclusive) that are non-accountholders and for which identification is not known and is unavailable;
  • Customers that pose higher risks based on type of account, account activity, types of products and services used, geographic locality, or player ratings, etc.;
  • Customers that engage in a relatively high level of spending;
  • Customers engaged in high value gambling that are inconsistent with a casino or card club's information about levels or sources of assets or incomes, or inconsistent with information about occupations in casino credit/marker account records (e.g., credit/marker applications) or other records;
  • Customers using deposit accounts for non-gambling purposes;
  • Customers observed borrowing money from non-conventional sources, including other customers;
  • Customers conducting transfers of significant or unusual amounts of funds through depository institutions;
  • Customers using domestic or international money orders in amounts just below the threshold for recordkeeping requirements, traveler's checks denominated in foreign currency, domestic wire transfers in amounts just below the threshold for recordkeeping requirements, debit cards, and prepaid access (stored value) cards either in significant numbers or with significant total monetary value;
  • Customers conducting large transactions with minimal casino play;
  • Regular customers with unusual spending pattern changes (e.g., dramatic or rapid increases in the size and frequency of transactions);
  • Customers listed on a so-called 'barred patron list' and their known associates;
  • Customer player rating and slot club accounts with P.O. Boxes only instead of permanent street addresses;
  • Periodic review of FinCEN Form 102, Suspicious Activity Report by Casinos and Card Clubs ('SARCs') filed that are based on direct observation of customer activity and review of customer records;
  • Dollar value of intercompany transfers of funds from customers' accounts for front money deposit or marker redemption conducted between casinos in the United States and their affiliated casinos located in other countries.

Once a casino or card club has identified the specific risk factors unique to its operation, it should conduct a more detailed analysis of its level of vulnerability. The level and sophistication of the analysis may depend on the comprehensiveness of a casino or card club's risk assessment process or the risk factors that apply. Also, the results may differ according to its business risk model and governmental gambling regulations. By understanding its risk profile, a casino or card club can apply appropriate risk management processes to its BSA compliance program to identify and mitigate its operational risk.

In conclusion, an effective BSA compliance program must reflect potential money laundering and terrorist financing risks arising from a casino's or card club's products, services, customer base, and geographical location. Casinos or card clubs may need to update their risk indicators to reflect changes in operational risk profiles (e.g., revised products and services, new products and services, changes with regard to opening and closing accounts or closer monitoring of accounts, new categories of accounts, or changes resulting from acquisitions or mergers). It is a sound practice for a casino or card club to periodically review its risk indicators or factors to assure sufficiency and effectiveness.

For questions about this guidance, please contact FinCEN's Regulatory Helpline at (800) 949-2732.

For additional guidance, see Casino or Card Club Compliance Program Assessment, FIN-2010-G003 (June 30, 2010) and Frequently Asked Questions - Casino Recordkeeping, Reporting and Compliance Program Requirements, FIN-2007-G005 (November 14, 2007) and FIN-2009-G004 (September 30, 2009). Other reference material includes Suspicious Activity Report Filings Within the Casino and Card Club Industries, The SAR Activity Review, Trends, Tips and Issues, Issue 8 (April 2005) and FinCEN SAR Bulletin, Issue 2: Suspicious Activities Reported by Casinos (August 2000).

1 Locations designated as HIFCAs enable a concentration of law enforcement efforts at the federal, state, and local governmental levels. For a listing, seewww.fincen.gov/hifca

2 Locations designated as HIDTAs are provided additional Federal government resources to help eliminate or reduce drug trafficking and its destructive consequences. For a listing, see the Office of National Drug Control Policy's website at www.whitehousedrugpolicy.gov.

3 FATF is an inter-governmental body whose purpose is the development and promotion of policies, at both the national and international levels, to combat money laundering and terrorist financing. Seewww.fatf-gafi.org.

4 See www.state.gov/p/inl/rls/nrcrpt

Online Gambling Risk Management Companies

5 See www.fincen.gov/resources/statutes-regulations/311-special-measures

Online Gambling Risk Management Software

6 See www.treasury.gov/offices/enforcement/ofac/programs/