ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines

Transcription

1 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines

2 Disclaimer The purpose of this guide is to assist hotels and clubs that control a gaming machine venue to meet their obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 and Anti-Money Laundering Counter-Terrorism Rules. It is not intended to be comprehensive and does not constitute nor should it be treated as legal advice or opinion. The Commonwealth accepts no liability for any loss suffered as a result of reliance on this publication. AUSTRAC recommends independent professional advice be sought. The information contained herein is current as at the date of this document. Commonwealth of Australia 2013 This work is copyright. You may download, display, print and reproduce this material in unaltered form only (retaining this notice) for your personal, non-commercial use or use within your organisation. Where material has been sourced from other third party sources, copyright continues. Date: December 2013

3 03 /overview Overview About this guide This guide is to help a hotel or club operating electronic gaming machines (EGMs) to assess the risk of someone laundering money or undertaking other financial crimes through their venue. This guide is for hotels and clubs: that are licensed to have more than EGM entitlements or that are part of a group of related hotels and clubs that collectively is licensed to have more than EGM entitlements. This booklet is meant to be used with the AML/CTF compliance guide for hotels and clubs licensed to operation electronic gaming machines. It can be downloaded from It will take you through the following six steps: 1. Describe your business 2. Establish the context 3. Identify the ML/TF risks 4. Treat the ML/TF risks 5. Allocate risk ratings 6. Identify changes in ML/TF risk Some abbreviations: These terms are used throughout the guide: Queries: The AUSTRAC Help Desk can also provide assistance by calling during business hours, or via at help_desk@austrac.gov.au Quick checklist Step 1: Describe your business Step 2: Establish the context Step 3: Identify ML/TF risks Step 4: Treat ML/TF risks Step 5: Allocate risk ratings Step 6: Identify changes in ML/TF risk AML - anti-money laundering CTF - counter-terrorism financing ML - money laundering TF - terrorism financing

4 04 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines Step 1: Describe your business Legal name of the business: Trading name(s) of the hotel or club (if different to legal name): Which state or territory are you licensed in? NSW VIC QLD SA TAS ACT NT How many EGMs in total are you licensed to operate? How many EGMs in total do you actually operate? List all the venues your hotel or club operates and the number of EGMs located at each venue:

5 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines 05 Step 2: Establish context A. Customer types Identify the customer types you deal with. Include information about each customer type, such as their average and maximum transaction size and their representation as a percentage of all your customers. This will help to provide further context to your risk assessment. Which of the following customer types do you have? Regular/known customers who use a player membership/loyalty card during game play (carded play) Non-regular customers who play anonymously without using player membership/loyalty cards (uncarded play) Pensioners Trades people Tourists Students Other (please describe):

6 06 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines For each customer type identified above, describe known gambling patterns Some of the things you might include are: the frequency of their gambling (daily, weekly, monthly) the amount they gamble (in total as well as the size of maximum bets) the intensity of their gambling (amount of turnover within a given time frame) the difference between takings and winnings payouts.

7 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines 07

8 08 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines B. Services and methods of delivery The following list sets out the services commonly provided by hotels or clubs with EGMs. All EGMs require game-play in-person so this section focuses on the characteristics of the gaming environment at your venue. Use the following table to indicate which designated gambling services you provide and how those gambling services are delivered. Designated service Delivery method Use of player membership/loyalty cards for playing EGMs Y Y N N We have player membership/loyalty cards available that can be used when playing EGMs We allow customers to play EGMs anonymously (uncarded play) What percentage of your customers who play EGMs would you estimate use player membership/loyalty cards during game play (carded play)? % What percentage of your customers would you estimate play EGMs without using player membership/loyalty cards (uncarded play)? % Level of supervision of general gaming environment There is a dedicated gaming manager OR Other (please describe): Allowing customers to play EGMs Number of separate venues the gaming manager is responsible for Level of direct supervision of EGMs Number of poker machine attendants typically rostered on at any one time Poker machine attendants perform that role only OR Poker machine attendants have a mixed role (provide details on the other roles performed, for example service of drinks) Level of surveillance of EGMs Our venue has CCTV surveillance of areas where EGMs are located OR Other (please describe):

9 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines 09 Designated service Delivery method Number of cashiers responsible for awarding prize payouts Number of separate cashiers rostered on at any one time Cashiers operate from dedicated booths OR Cashier services are provided from the bar OR Other (please describe): Records of prize payouts for anonymous game play (Anonymous game play is conducted without using player membership/loyalty cards.) How do you record the details of prize payouts redeemed by cheque for customers engaging in anonymous game play (please describe): Awarding payouts from EGMs Records of prize payouts for game play initiated with player membership/loyalty cards: How do you record the details of prize payouts redeemed by cheque for customers engaging in game play using player membership/loyalty cards (please describe): Use of ticket in/ticket out (TITO) system Y N Our EGMs facilitate a TITO system Use of ticket in/cash out (TICO) system Y N We have TICO kiosks available for our customers TICO kiosks are located: Y N in the gaming room Y Other: Y N N in the foyer Our venue has CCTV surveillance of areas where TICO kiosks are located

10 10 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines Step 3: Identify ML/TF risks Next, identify the ML/TF risks your business faces as a result of operating EGMs. Identifying ML/TF risks means asking questions like: How could my business be used by criminals to launder money? What situations or customer behaviour might indicate money laundering or appear suspicious? Businesses often use a risk register (or similar document) to record risks. Identify the ML/TF risks you think your business may reasonably face. Write them down in the Risks column of the risk register on the following pages. The risk register already contains a sample of known common risks for hotels and clubs operating EGMs. Consider whether these apply to your business. Also identify any other risks relevant to your business and write them down in the risk register. Step 4: Treat ML/TF risks Next, consider how you treat or manage the risks. Identify the policies and procedures available to reduce the likelihood or impact of the risks you have identified. Because every business is different, there are many ways to treat risks. Keep in mind many of your existing controls may already help to reduce the risk of ML/TF. Some examples are: ŦŦ monitoring game play using meter reading data to identify instances where money was credited in and out of gaming machines with minimal legitimate game play ŦŦ maintaining centralised registers (including a cheque register) of prize payouts or credit redemptions claimed by cheque. This will enable you to identify customers who redeem credit by cheque at a more than usual frequency ŦŦ monitoring gaming staff to identify potential collusion ŦŦ not allowing cheques to be drawn in the name of third parties ŦŦ introducing controls to ensure people claiming prize payouts or credit redemptions using player membership cards are in fact the person the card belongs to. You should write down the controls you have in place for each identified risk in the Treatment column of the risk register.

11 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines 11 Step 5: Allocate risk ratings Next, rate each risk according to the likelihood of it occurring and the impact (such as the dollar value) it would cause. As a guide, risks can be rated using a scale such as low, medium and high. The rating reflects the risk after the treatment/control is applied as per the table below. Write down the rating for each ML/TF risk in the Risk rating column of the risk register. If you require further guidance on assessing the likelihood and impact of risks, refer to Risk management A tool for small to medium sized businesses, which is available at: Risk register Risks Treatment (controls) Risk rating (after treatment) 1. Example: Customer inserts cash into a gaming machine and credits out with little or no legitimate game play Example: Person has multiple cheques drawn in their favour over a period of time which is inconsistent with observed playing behaviour or normal winnings from EGMs Example: Person approaches customers seeking to buy winnings from them so that cheques can be drawn in that person s favour 4.

12 12 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines Risks Treatment (controls) Risk rating (after treatment)

13 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines 13 Step 6: Identify changes in ML/TF risk You must put systems in place to identify changes in the ML/TF risk environment and to adjust the risk controls you use. Changes in ML/TF risk can come from the external environment the context of your business and the way you provide services covered by the AML/CTF Act. A. Identifying ML/TF risk changes in the external environment The risk of your business being used for ML/TF purposes changes as conditions change in Australia and overseas. Ways of maintaining your awareness of the current and emerging ML/TF risk environment include subscribing to AUSTRAC s e-news and reading newspapers, industry association and other news publications. Other sources you can use include the Department of Foreign Affairs and Trade website and AUSTRAC s annual typologies and case studies report. Describe how your business will maintain an awareness of new ML/TF risks from the external environment: (Example: Introduction of mining to local area) Who will be responsible for maintaining this awareness? How often will they do this?

14 14 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines B. Identifying ML/TF risk changes in your business context The risk of your business being used for ML/TF purposes also changes when you provide new services or change the way you provide services. You must assess changes in ML/TF risk posed by: new services you are considering offering in the future new or developing technologies used to provide services. These risks must be assessed prior to the adoption of new services or technologies. Some examples of things you need to assess for ML/TF risk before using them in your venue include: a new type of gaming machine or gambling product for example, card based gaming a new type of automated ticket or cash dispensing kiosk such as TITO or TICO a significant renovation to the layout of your gaming room or the introduction of additional cashier booths. Describe how you identify changes in ML/TF risk in your business context. Before adopting new services or technologies, who is responsible for assessing changes in ML/TF risk posed? (Name and title) How will you assess the ML/TF risk of new services and technologies prior to their adoption? Who is responsible for authorising ML/TF risk assessments of these services and technologies before they are implemented for use by your customers? (Name and title)

15 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines 15 C. Managing changes in ML/TF risk After you identify changes in the ML/TF risk environment, you must modify your systems accordingly. This includes adjusting the risk ratings and controls in your program to reflect your current perception of ML/TF risk for your business. You need to: consider how changes would affect the ML/TF risks facing your business adjust your risk ratings and controls assess what additional controls must be introduced to manage any new risks modify your systems. The process for managing identified changes in ML/TF risk is no different to the approaches described in step 4 Treating ML/TF risks and step 5 Allocating risk ratings. You should make a record of your ML/TF risk assessments of: new services you may offer in the future new technology used to provide services any ML/TF risk identified from the external environment. You should use the risk register to record this assessment.

16 16 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines Abbreviations AML/CTF Anti-money laundering and counter-terrorism financing AML/CTF Act Anti-Money Laundering and Counter-Terrorism Financing Act 2006 AUSTRAC EGM ML TF Australian Transaction Reports and Analysis Centre Electronic gaming machine Money laundering Terrorism financing Glossary Designated service A designated service is any service listed in section 6 of the AML/CTF Act. Designated services cover a wide range of business activities undertaken within the financial services, bullion and gambling sectors. If you provide any one or more of the designated services specified in the AML/CTF Act, you incur obligations under the Act. Typically electronic gaming machine venues are captured under items 5, 6, 9 and 10, table 3, section 6 of the AML/CTF Act.

17 ML/TF risk assessment guide for hotels & clubs licensed to operate electronic gaming machines 17 Assistance For any enquiries, please contact the AUSTRAC Help Desk: telephone: (local call cost within Australia) fax:

18 About AUSTRAC The Australian Transaction Reports and Analysis Centre (AUSTRAC) is a government agency established in AUSTRAC plays an important role in the global fight against crime and works to support an Australian community hostile to money laundering and the financing of terrorism. AUSTRAC is Australia s financial intelligence unit. AUSTRAC collects financial transaction reports, analyses the information and disseminates financial intelligence, which plays an important role in preventing, detecting and prosecuting crime. It assists authorities to trace the trail of illicit money and combat money laundering and other serious and organised crimes. AUSTRAC is also Australia s anti-money laundering and counter-terrorism financing (AML/CTF) regulator. AUSTRAC regulates businesses that provide financial, gambling and other services specified under legislation. In implementing Australia s AML/CTF regulatory framework, AUSTRAC assists businesses to fulfil their AML/CTF obligations and guard against attempts to misuse their services for money laundering or terrorism financing.