John J. Byrne’s Remarks: Best Practices—AML and Financial Crime Compliance

I appreciate the opportunity to discuss the major progress and commitment of the gaming industry to anti-money laundering (AML) success and improvement. As we all know, without the full support of compliance, legal and business professionals to make AML a better place regarding the detection of all methods used to facilitate the movement of illicit funds to further criminal goals, society is irreparably harmed.

As a 30-year participant in AML, I can tell you that the enhancement of this industry to improve the prevention and detection of financial crime is real and it needs to be further encouraged. This result is due to not only the work of those charged with compliance, but the efforts of the Financial Crimes Enforcement Network (FinCEN), law enforcement and groups such as the American Gaming Association (AGA) and the International Association of Gaming Advisors to work collaboratively and to be transparent regarding areas of challenge and needed improvement.

As we get ready to discuss a number of relevant issues, I want to highlight some important areas of focus and remind everyone that the broader financial sector, while having some unique challenges, also have some of the same concerns as those of you in gaming.

In terms of the current regulatory climate, Treasury’s FinCEN expect (just as banks do) gaming entities to apply a risk-based approach (RBA) in developing compliance policies and procedures in order to address unique risks associated with gaming (e.g., sports betting). The RBA is a concept well-known to banks, but not always applied evenly. So here is a case where ultimately the need for dialogue and partnership with the parts of government that oversee how gaming uses the RBA is essential. I will discuss partnership in a few minutes.

Another area of clear similarity to traditional banking, securities and money services businesses is the importance of the culture of compliance in the gaming sector. A strong sign of culture is the fact that over the last four years, casinos have made significant strides in improving the foundational elements of their AML compliance programs.

Some of these changes include implementing comprehensive risk assessments, enhancing policies and procedures, investing in employee training and conducting due diligence on certain higher risk patrons. All of this cannot occur without high-level support. Evidence of these improvements also include the recent recognition by the Financial Action Task Force’s (FATF) 2016 mutual evaluation of the U.S., which acknowledged the significant investment casinos have made to prevent money laundering, including an increased focus on raising awareness and improving AML compliance.

On a global level, regulatory regimes outside the U.S. have also been focusing on AML within the gaming industry.

  • Macau’s recently updated AML laws added regulations for junket operators and more comprehensive internal control requirements for both casinos and junket operators
  • Japan is currently in the process of updating its legislation within the Japanese Diet (D-at) and will focus on enhancing and updating its AML requirements for casinos, specifically for the Integrated Resorts
  • The EU’s Fourth Directive expands requirements on both land-based casinos, including gaming operators
  • In May 2017, the Philippine Congress included casinos to be required to fall under the Anti-Money Laundering Act due to pressure from international regulators and FATF in part as a response to the February 2016 Bangladesh Bank heist that saw $81 million laundered through Manila casinos

What is next for this robust industry?

As with traditional FIs, casinos still have room for improvement and much of that needs a strong “tone at the top” as well as a robust private-public partnership. To assess whether your institution has the proper AML leadership, you can look to whether you are securing appropriate funding for the AML compliance function (staffing and systems). Is there enterprise-wide awareness and support for AML excellence, and is there a formal process for compliance professionals to be involved (at the table) when senior management makes any changes to process, products or policies?

Also, key points for a strong culture are:

  • Leadership and oversight of top management
  • Written policies and procedures
  • Enterprise-wide risk recognition and management
  • Strategic planning and product development
  • Training
  • Lines of communication
  • Monitoring and auditing
  • Disciplinary actions
  • Investigations and corrective actions
  • Compensation tied to adherence to AML compliance requirements

For partnerships with law enforcement, take advantage of those very willing men and women that both want to better understand the intricacies of gaming and improve your ability to report and detect suspicious activity.

Returning to my point on the parallels to banking, AML gaming professionals need to stay current with advisories or guidance from FinCEN, the IRS and other government entities. For example, are you aware of what is needed regarding cyber-enabled crimes and cybersecurity challenges in general? Are you reviewing previous enforcement actions to detect themes and potential gaps in your own institutions?

For example, recent enforcement actions in the U.S. levied against casinos, card clubs, race/sports book operators and financial institutions that serve gaming companies, such as:

  • Western Union: Admitted to criminal violations, including willfully failing to maintain an effective AML program, and aiding and abetting wire fraud.  The company allowed agents to send money to illegal internet gaming operations in Costa Rica, which violated U.S. AML laws.
  • CG Technology: Failed to have sufficient controls and AML training, and failed to use all available information to detect and report suspicious transactions.
  • Hawaiian Gardens: Failed to implement and maintain an effective AML program
  • Sparks Nugget: Charged with willfully violating the AML provisions of the Bank Secrecy Act.

I always recommend banks  use these actions as training tools and an opportunity to alert senior management to the clear focus on their industry for AML deficiencies.

Going forward, another need for gaming (and frankly all parts of the AML community) is to better leverage and understand the value of technology as a detection and a prevention tool. The questions and issues to consider are:

Do you utilize data more effectively and incorporate automated tools to better monitor gaming activity for unusual or potentially suspicious levels of play? Also, technology can be used to better analyze the large amounts of collected patron data and leverage this information to meet their know your customer (KYC), currency transaction reporting and suspicious activity reporting obligations. Finally, for continued evolution and innovation of AML compliance programs, gaming entities should consider facial recognition for KYC and transaction monitoring software using industry red flags.

Conclusion and Next Steps

The good news is that AML professionals have a home in ACAMS as well as the other excellent trade associations where information sharing and collaboration are so prevalent. In January 2016, AGA issued a report which said, in part, that “Law enforcement and regulatory respondents indicate that the industry has made concerted efforts and shown improvement in meeting their BSA reporting requirements through their AML compliance programs. This progress is reflected in increased referrals and filings, enhanced communication and integration with law enforcement and regulatory agencies, the hiring of diversified staff with sophisticated gaming, regulatory, and law enforcement backgrounds, and the enhancement of casino AML training programs.”

The report concluded with the following:

“The U.S. gaming industry is raising the bar. Casinos are strengthening their risk management and control functions to better combat the money laundering and terrorist financing risks they face.”

The FATF mutual evaluation of the United States also pointed out that “The existing AML/CTF obligations appear to be implemented effectively in the casino sector, but the overall obligations with respect to CDD do not fully match those required of financial institutions.”

This is great progress and by working together you can improve and exceed any and all expectations.

Thank you for your engagement in AML and your time today.

John J. Byrne’s remarks at the Global Gaming Expo on October 2, 2017

Leave a Reply