Open navigation
Search
Search
All expertise
Explore our breadth of expertise.
International Desks
Helping you access overseas markets with support from our country and region-specific experts
Sectors View all
Practice Areas View all
Offices
Discover the scope of our presence in the jurisdiction.
Global Reach
Learn about our capabilities beyond borders.
CMS United Kingdom
All insights
Leverage our expert analysis, intelligence and thought leadership for your strategic advantage.
Personalised updates
Receive tailored insights and intelligence that apply directly to your business.
Topics in focus View all
Insights by type
CMS Spotlight: join our events and webinars!
CMS News
Stay up to date with our growth, evolution and our many successes.
CMS Press Office
Contact us
For all general enquiries.
About CMS
CMS Careers

Select your region

International Europe Africa Asia-Pacific The Americas Middle East
Legal Update

Gambling Commission offers more key compliance lessons to gambling operators

20 Jan 2016 United Kingdom 8 min read

This article was produced by Olswang LLP, which joined with CMS on 1 May 2017.

The Gambling Commission (the “Commissionvoluntary settlementCaesars”) has advised all operators to learn lessons from a recent that was reached between the Commission and Caesars Entertainment (UK) Ltd (“”) in respect of compliance procedures at two of Caesars’ casinos in London – the Playboy Club London Limited and the London Clubs LSQ Ltd (LSQ).

This investigation offers gambling operators with another timely reminder of the potential pitfalls in Anti-Money Laundering (“AML”) compliance and the increasing attention the Commission is placing on this area, seen previously with their recent investigation into Rank Group’s Grosvenor Casinos.

The investigation

In this case, the Commission identified a number of weaknesses in the AML controls used by Caesars to mitigate the risk of money-laundering occurring in its casinos. It found that, at both of the casinos in question, the processes and procedures used to manage the risk of money laundering did not comply with the requirements of the Money Laundering Regulations 2007 (the “MLRs”), or satisfy the duty to comply with the licensing objective to keep crime out of gambling.

Caesars proposed a voluntary settlement with the Commission, under which it agreed to:

  • divest itself of £845,000 to be applied to socially responsible purposes, as it did not wish to profit from the compliance failures identified;
  • immediately act to rectify the specific matters raised by the Commission;
  • the publication of the Commission’s public statement;
  • the establishment of a critical review, undertaken by an external provider at Caesars’ expense, of Caesars’ AML policies and processes (the result of which is to be shared in its entirety with the Commission);
  • the implementation of an action plan that addresses any further weaknesses identified by the third party review; and
  • disseminate learning from the shortcomings identified through direct engagement with other gambling operators.

Voluntary settlements such as this are a means for the Commission to fulfil its statutory obligation and pursue the licensing objectives through means that stop short of formal licence reviews. This voluntary settlement has a similar look to that reached in the Rank case, which is not entirely surprising given the Commission’s Statement of Principles for Licensing and Regulation makes it clear that for the Commission to consider voluntary settlement a licensee needs to be prepared to (amongst other things):

1. publish a statement which would acknowledge failings as well as deterring future non-compliance by others and / or share learning that may be beneficial to the wider industry or other stakeholders including the public; and

2. divest itself of any gross gambling yield or cost savings which accrued as a result of the failings.

Lessons to be learned

The Commission has warned the casino sector to be on notice that the issues identified in this case are likely to form the basis of future Commission compliance assessments. So what compliance lessons can operators take from this case?

1. Is customer risk adequately assessed?

 Whilst Caesars undertook customer due diligence (“CDD”) checks, this information could have been used more effectively. Decisions were not consistently recorded to create a customer risk assessment to enable continuing and proportionate ongoing monitoring.

Good practice

 Create a comprehensive risk matrix, identifying risk indicators relevant to your business and customers. In turn, create and maintain a customer risk profile for each customer, which can be compared to the risk matrix to provide a level of risk for each individual business relationship and, consequently, demonstrate the level of due diligence and ongoing monitoring required.

2. Is ongoing monitoring undertaken appropriately?

 A combination of insufficient customer risk assessment (see consideration 1 above) and poor record keeping meant that Caesars was unable to demonstrate to the Commission that the levels of ongoing monitoring were appropriate to the risk of money laundering posed by the customer (required by Regulation 8(3) of the MLRs).

Good practice

 Take steps to ensure that details of customer risk are properly maintained and compared to relevant risk indicators, to ensure that the levels of ongoing monitoring are appropriate. As stated above, operators should consider the use of customer risk profiles (or an equivalent) as a means of recording the specific risks posed by customers and the mitigation used to manage the risks posed.

3. Is negative evidence inappropriately relied upon?

 Caesars placed undue reliance on negative indicators, such as ‘no trace’ results from open source internet searches and third party due diligence providers, to provide assurance about a customer’s legitimacy. Over-reliance on this evidence resulted in decisions being made with limited and incomplete facts, allowing high risk customers to gamble to a significant extent without appropriate and adequate due diligence material to support their levels of spend.

Good practice

 Implement a system of AML controls that includes a requirement for customers to provide appropriate, specific and clear information that evidence their circumstances to an appropriate extent, taking into consideration the money laundering risk they pose. The information and documents provided by customers should form the basis for any due diligence checks undertaken by the operator. Appropriate levels of information and evidence obtained from customers can then be verified using a variety of methods (including third party due diligence providers).

4. Decision making should be recorded

 Caesars’ decision making records relating to high risk customers (such as politically exposed persons) were limited and sometimes incomplete, so they were unable to demonstrate that the levels of due diligence were appropriate to the risk of money laundering as required by Regulation 7(3) MLRs.

Good practice

 AML practices should ensure the recording of the basis for key decisions made by relevant personnel.

5. Are customer’s source of funds and source of wealth adequately investigated

 Caesars had historically viewed investigations into a customer’s financial circumstances as primarily a matter of establishing their credit-worthiness and that staff’s wide knowledge of their customers had not always been recorded. Therefore, in a number of instances, Caesars was unable to establish that a high risk customer’s level of spend corresponded to the customer’s known financial circumstances.

Good practice

 Operators should ensure that they properly scrutinise the due diligence information they obtain about a customer to ensure that customers’ gaming activities correspond with the information they have obtained. The collection of due diligence material is not an end in its own right - it is a means of determining the risk involved in undertaking a business relationship with a particular customer and mitigating the specific risks that they may pose with regard to money laundering.

6. Are EDD/CDD procedures sufficiently rigorous?

 Caesars’ CDD and enhanced due diligence (“EDD”) records, and the policies behind those records, were not sufficiently comprehensive to form an effective money laundering control system.

Good practice

 Operators should to be able to evidence that the AML systems they have in place are effective in preventing money laundering. To provide such assurances, operators could consider instructing an auditor to independently assess their approach to money laundering prevention, to ensure their process and practices are fit for purpose.

7. Is there over-reliance on checks made by third parties?

 Caesars transacted with high-spending customers of overseas Caesars Group companies and failed to check in some cases that due diligence information and documentation held by the originating companies were to the standard required under the MLRs.

Good practice

 Avoid placing reliance on documentation gathered by an operator in another jurisdiction that is not itself licensed in Great Britain, without scrutinising it fully within a domestic context. The Commission accepts that, in taking a risk-based approach to money laundering and controls, it may, in limited circumstances, be acceptable to rely on due diligence measures undertaken by the specified third parties detailed in Regulation 17 of the MLRs. These parties include a credit or financial institution, auditor, insolvency practitioner, external accountant, tax adviser or independent legal professional, subject to them: (a) having the necessary professional registration; (b) being subject to the requirements of Directive 2005/60/EC of the European Parliament and of the Council of 26th October 2005 or equivalent local legislation; and (c) being supervised for compliance with such AML requirements.

However, operators should be aware that it is only acceptable to rely on due diligence measures undertaken by the specified third parties if the other person consents to being relied on; and notwithstanding the reliance on the specified person, an operator remains liable for any failure to apply such measures. Practically therefore, operators looking to rely on Regulation 17 of the MLRs should seek express confirmation in writing from the specified third party in question and request evidence of the due diligence that has been undertaken. If operators cannot meet the requirements of Regulation 17 then they cannot rely on the due diligence measures undertaken by the third party.

Further information on AML compliance can be found on the Commission’s website, in particular the Commission’s guidance sets out the requirements of the current regime.

More insights
Gambling Hospitality, Travel & Leisure Cyber TMT - Technology, Media & Telecommunications Antitrust, Competition & Trade Dispute Resolution Risk & Investigations Technology Commercial

Explore more

Publication United Kingdom

Gambling Law Reform Tracker

02 Feb 2026 11 min read
Event United Kingdom

CMS Update Morning: Media, Sports and Entertainment

29 Apr 2026
Back to top Back to top
You will now find all Law-Now content on CMS.law
Explore more
Law-Now, RegZone, LEXplicite and Blogtt have moved to CMS.law. Law-Now has moved to CMS.law. RegZone has moved to CMS.law. LEXplicite has moved to CMS.law. Blogtt has moved to CMS.law.
Learn more Learn more Learn more Learn more
If you want to use third party tools, please enable personalisation cookies as part of your cookie preferences. You can change this setting at any time via the button below or in our Cookie Notice.