Anti Money Laundering and Prevention of Crime Policy: the prevention of money laundering and combating the financing of terrorism

1.0 Objectives

The aim of this document is to define the policy and procedures in relation to risk assessment and management and involves a number of discrete steps in assessing how to manage and mitigate the money laundering and terrorist financing risks faced by Frontier Gaming B.V (“FANPLAY” or the “Company”). FANPLAY is committed to prevent gambling from being a source of crime or disorder, being associated with crime or disorder, or being used to support crime.

2.0 The meaning of money laundering

Money laundering is considered to be an offence by law. Money laundering covers wide- ranging circumstances involving any activity concerning the proceeds of crime and includes:

• attempting to turn money acquired through criminal activity into ‘clean’ money
• possessing or transferring the benefit of acquisitive crimes, such as theft and fraud
• possessing/transferring stolen goods
• being directly involved with any criminal or terrorist property
• entering into arrangements to facilitate the laundering of criminal or terrorist property

There are two main forms of money laundering in the gambling sector:

• Exchanging money, assets, goods and property that were acquired criminally for money or assets that appear to be legitimate or clean, achieved by transferring or passing the funds through some form of legitimate business transaction or structure.
• The use of criminal proceeds to fund gambling as a leisure activity.

3.0 Responsibilities

The relevant department is responsible for monitoring all transactions to and from FANPLAY and verifying the identity of all online registered players. FANPLAY’s senior management, as well as all employees, are fully committed to adopting a risk-based approach to anti-money laundering (“AML”) with effort focused where it is most needed to be able to process payment transactions between FANPLAY and customers offanplay.gg in a way free of money laundering issues. The developed internal systems and procedures applied by FANPLAY are appropriate for remote gaming businesses like fanplay.gg. The Company appreciates that its money laundering and terrorist financing risk assessment is not a one-off exercise, and these are assessed regularly so that adopted approach is effective at any time.

4.1 Senior Management Responsibility

Senior management is fully engaged in the processes around FANPLAY’s assessment of risks for money laundering and terrorist financing and are involved at every level of the decision making to develop the appropriate policies and processes to comply with relevant legislation.

4.2 Money Laundering Reporting Officer

The MLRO is responsible for the oversight of all aspects of the AML activities within the company and has the authority to act independently in carrying out his responsibilities having access to sufficient resources to carry out his duties. His duties and responsibilities include:

• identifying money laundering and terrorist financing risks relevant to the Company;
• designing and implementing policies and procedures relating to AML and countering terrorist financing (“CTF”), monitoring the effectiveness of these and reviewing and updating these policies and procedures;
• reporting to Senior Management on AML and CTF activity and the effectiveness of the Company’s controls;
• keeping AML/CTF records;
• receiving internal disclosures and deciding whether these should be reported ;
• training employees to ensure that they are aware of the Company’s AML policies and procedures and how to report suspicious transactions;
• being the internal point of contact for the suspicious transaction reports (“STRs”);
• reviewing and investigating STRs and considering whether a suspicious activity report (“SAR”) should be submitted to the authorities.

Any internal report should be considered by the nominated officer, in the light of all other relevant information, to determine whether or not the information contained in the report leads them to form knowledge or suspicion, or reasonable grounds for knowledge or suspicion, of money laundering or terrorist financing.

Where any AML tasks are delegated within the business, the MLRO will remain responsible for all AML issues. Any delegated tasks will be recorded and will be counter-signed by the delegate to confirm acceptance of responsibility. Employees who need to be aware of the delegation will be notified immediately.

4.3 Employees’ Responsibilities

Employees are trained to follow FANPLAY’s policies and procedures for customer due diligence.

Employees must report to the MLRO any knowledge or suspicion of money laundering whether by customers, guests or other employees by drafting an internal STR.

5.0 Customer Due Diligence

Identifying a customer means obtaining information about his identity (name, address, date of birth, employment and financial history, physical appearance and family circumstances). Verifying identity means obtaining evidence that supports this information. The Commission’s guidance sets out that it generally considered good practice to require either:

• One government document which verifies either name and address or name and date of birth; or
• A government document which verifies the customer’s full name and another supporting document which verifies their name and either their address of date of birth.

CDD is carried out to identify and verify the identity of all customers who approach the threshold set out in point 5.2 of this document. FANPLAY is aware that CDD is ongoing and may need updating where there are changes in a customer’s circumstances and personal details.

The CDD process is complete when a customer provides FANPLAY with his name, plus residential address, photo and date of birth Identification Documents, and, in some circumstances when requested by the Payment Department, a copy of the payment method used or to be used by the customer.

When CDD checks on an existing customer have been completed within one of FANPLAY’s products, CDD will not be conducted again in relation to another product unless a different payment method is used by the customer.

Records of CDD are kept for five years from the end of the business relationship or the customer’s last visit to fanplay.gg

5.1 Customer Registration

In order to open an account with FANPLAY at the web portal fanplay.gg a customer must first complete the registration process and connect your MetaMask wallet.

The registration details to be filled in by all new customers include first and last name, address, country of residence, date of birth, e-mail address. During registration, customer identification takes place by way of the age verification process.

When a new account is created, a verification link is sent to the email account specified during the registration process. When the user clicks on the link the account is then successfully created. Only at this point can the customer deposit money and start placing bets.

Customers must be at least 18 years old and are permitted to register only one player account in their name. No underage users are allowed to play on the websites. FANPLAY is committed to prevent underage persons from using its gambling facilities, and will take all necessary steps to ensure they do not register with its remote gaming website (please see the Social Responsibility Policy for further details). Users who do not have a registered player account will not be allowed to play casino games or place bets.

5.2 Threshold approach

In the threshold approach to remote gambling, verification is required if the amount of money deposited or staked is equal to or higher than certain limit. (5,000 ANG = 2,500 USD).

The identity of the player must be verified before or immediately after such payment or stake takes place. If CDD cannot be completed for any reason, the customer will not be allowed access to gambling facilities, no transactions with the customer will be carried out, and the business relationship will be terminated.

5.3 Documentary evidence

FANPLAY relies upon documents issued by government departments during CDD.

To fulfil the necessary customer identification and verification process, FANPLAY requires its customers to upload on their websites (under My profile > KYC ) a copy of valid identification documents. This request is communicated to the customer via the email address registered. If necessary, the customer may be contacted by phone to further facilitate and enable the verification process. If documents are in a foreign language, FANPLAY takes appropriate steps to be reasonably satisfied that the documents provide evidence of the customer’s identity, for example, by obtaining a translation of the relevant sections. Such a step would be to request that the customer provide the documents with a certified true translation.

Only documents issued by government departments and agencies that contain a photograph are considered reliable to verify the customer’s identity. Government issued documents without a photograph may be used to confirm the current address of the customer (if stated on the document).

The following sources may be accepted for verification of customers:

• current passport
• birth certificate
• current photo card driving licence
• residence permit issued by the Home Office
• firearms certificate or shotgun license
• benefit book or original notification letter from the Department of Works and Pensions confirming the right to benefits
• council tax bill
• utility bill or statement (but not ones printed off the internet), or a certificate from a utilities supplier confirming an arrangement to pay services on pre-payment terms
• bank, building society or credit union statement or passbook containing current address (but not statements printed off the internet) - bank or credit cards alone will not be sufficient as these do not provide either residential address or date of birth
• confirmation from an electoral register that a person of that name lives at that address
• recent original mortgage statement from a recognized lender
• solicitor’s letter confirming recent house purchase or land registry confirmation of address
• local council or housing association rent card or tenancy agreement
• house or motor insurance certificate.

5.4 Enhanced due diligence

Under the Regulations, there are three circumstances in which EDD on customers should be carried out, which goes beyond identifying them and verifying their identity. These are:

• when the customer is not present, which is relevant to an online operation this would only be relevant for the online operation);
• when the customer is a PEP;
• in any other situation where the customer presents a higher risk of money laundering or terrorist financing (e.g. a high spending customer).

In relation to customers not being present (online operations) the requirement for additional due diligence can be met by the customer making their first payment with a credit card which is in his name.

In relation to PEPs and other customers that present a higher risk of money laundering or terrorist financing, FANPLAY will seek to obtain evidence of the customer’s source of funds. This evidence may include:

• Identification documents provided by the customer (e.g. passport, driving license, utility bill);
• Business cards provided by the customer;
• Information provided by the customer in conversation;
• Verification of identity using an online provider;
• Third party acuity and wealth reports;
• Credit reports;
• Information available in the media and on the internet;
• Search of PEP databases;
• Company registration searches for companies the customer appears to be a shareholder or officer of.

FANPLAY will use a mix of sources, including external sources and information taken directly from the customer, for EDD purposes.

5.5 Requirements procedures

In the light of the requirements imposed by law and regulations, FANPLAY adopt the following procedure when CDD is triggered under the threshold approach:

• at the point that verification is triggered, FANPLAY puts all monies owed to the customer into an account (or equivalent) from which no withdrawals can be made
• further deposits can be made to that account as long as they too are ‘locked’ into it until CDD is completed
• bets can be made from the account, again providing any winnings are ‘locked’ until CDD is completed
• once CDD is completed, the account can be ‘unlocked’ and business can continue as normal
• if CDD cannot be completed, then FANPLAY will terminate the business relationship with the customer
• if there are monies to be repaid, the amount repaid will consist of the monies owed to the customer at the point that the verification procedure was triggered plus all deposits made at that point and thereafter
• money will be returned to the originating account
• there will be appropriate risk mitigation

Risk assessments are undertaken which include the following:

• multiple destinations – is the customer requesting that the money be sent to several bank accounts?
• high risk destination – is the customer requesting that the money be returned to a country where there is a significant money laundering concern?
• unusual patterns and large transactions - is there an apparent economic or lawful purpose behind the transactions?
• very high account turnover - is the turnover consistent with the balance?
• irregular activity - are the transactions outside of the customer’s regular transaction activity?
• ongoing monitoring of the customer’s account and, if necessary, reporting of findings via services.

The assessment of risk carried out by FANPLAY is based on a number of factors and questions including:

• What risk is posed by the business profile and customers using the website?
• Is the business high volume consisting of many low spending customers?
• Is the business low volume with high spending customers?
• Is the business a mixed portfolio? Are customers a mix of high spenders and lower spenders and/or a mix of regular and occasional customers
• Is the business local with regular and generally well known customers?
• Are there a large proportion of overseas customers using foreign currency?
• Are customers likely to be individuals who hold public positions in other countries?
• Are customers likely to be engaged in a business which involves significant amounts of cash?
• Are there likely to be situations where the source of funds cannot be easily established or explained by the customer?

Employees remain vigilant and use their experience and common sense in applying the FANPLAY risk-based criteria and rules, using guidance from the MLRO or other nominated officer as appropriate.

5.6 Failure to complete checks

If a customer of FANPLAY is unable to comply with or complete the required CDD or EDD, FANPLAY will not carry out a transaction with or for the customer through any of the available payment methods. Instead, the customer’s account will be terminated and FANPLAY will consider making a report to the relevant authority if there is any sign of money laundering activity.

All FANPLAY relevant staff understand that it is an offence to tip off a person that a report has been made. Staff are trained to understand that they must not inform or warn a customer that their transactions have been noted and/or reported, either internally or externally.

6.0 Ongoing Monitoring

Monitoring customer activity is carried out using the risk-based approach, with higher risk customers, such as PEPs, being subjected to an appropriate frequency and depth of scrutiny, which is likely to be greater than is appropriate for lower risk customers. Monitoring of customers is done by the relevant employees who monitor customer activity live.

6.1. Supporting records

The websites fanplay.gg will, by the nature of their business, generate detailed records of all transactions with each customer and for purposes of the record keeping requirements FANPLAY retains the drop/win figures for each named customer.

7.0 Training

All relevant employees of FANPLAY are given training on AML and CTF, both at induction and by way of refresher training on an annual basis. FANPLAY ensures that employees understand the Regulations and apply the Company’s policies and procedures, including the requirements for CDD, record keeping and STRs/SARs.

The MLRO, nominated officers and employees responsible for completing CDD checks are regularly given training in how to recognize and deal with transactions and other activities which may be related to money laundering or terrorist financing.

8.0 Record Keeping

FANPLAY will keep records of the following:

• Customer interactions - Details of all customer interactions and relationships including which employee dealt with the interaction, what was asked, why an interaction was made and the outcome of the interaction.
• MLRO - The decision made when receiving a STR, training received from external organizations and given to employees, details of AML tasks assigned to employees, reports sent to the authorities, decisions made by the authorities on SARs and the action FANPLAY will take after the authorities has made their decision.
• Risk-based approach - Details of steps taken to manage and mitigate risks of crime and disorder.
• Customer identification and verification information, including copies of any enhanced due diligence documentation.

These records will be kept for a period of at least 5 years.

9.0 Reporting

Where an employee of FANPLAY has received information, as a result of which they know or suspect, or have reasonable grounds for knowing or suspecting, that a person is engaged in money laundering or terrorist financing, that employee must make an internal report, an STR, to the MLRO.

Any STRs are considered by the MLRO, in the light of all other relevant information, to determine whether or not the information contained in the report leads them to form knowledge or suspicion, or reasonable grounds for knowledge or suspicion, of money laundering or terrorist financing. Where appropriate, the MLRO will make an SAR to the relevant authority and will apply for the appropriate consent required.

10.0 Collusion and cheating

FANPLAY has systems to detect cheating, collusion or illegal activity, including suspicious and large transaction alerts, risk management solutions to monitor customer transaction and online risk solutions. Where suspicious activity is identified, the customer’s account will be reviewed and this will be reported as an STR to the MLRO. The customer’s account will be suspended and where cheating/collusion is identified, the account will be closed and the customer will be reported, where it is deemed necessary.

If an employee is implicated in any cheating, collusion or other illegal activity, they will be suspended pending a full investigation.

11.0 Protection of equipment

FANPLAY ensures that its equipment and business is protected from crime and criminal misuses by

• Keeping its premises fully locked when no member of staff is present.
• Members of staff access the office by using an in-out log. This will allow tracking of staff members in case of illegal activity.
• Computer equipment is protected by user-log out and password protected screensavers whenever it is left unattended, or outside office hours.
• The office premises are kept secure.

12.0 Applicable legislation

• Curacao, The National Ordinance on Identification of Clients when Rendering Services (PB 2010, nr 40 and PB 2015, nr 69)
• Curacao, The National Ordinance on the Reporting of Unusual Transactions (PB 2010, nr 68 and PB 2015, nr 68)
• Curacao national ordinance remote gambling (PB 1993, nr 63)
• Performing the reports to FIU Curacao