Casino Malta has been issued with a €233,834 penalty and follow-up directive by the Financial Intelligence Analysis Unit after an array of shortcomings were identified.

Imposed earlier this month, and relating to a compliance review carried out in 2019, the FIAU reported identifying inadequate risk assessment measures as well as failings relating to the enhanced due diligence of customers.

Regarding the former, it is said that a business risk assessment featured an inadequate geographical risk assessment, with the BRA also said to have featured insufficient methodology “when determining the residual risk rating for each of the risk scenarios identified”.

Regarding customer due diligence, the Committee said that ten per cent of player profiles reviewed did not have a permanent residential address listed, with many having listed temporary hotel residencies. 

A publication notice read: “The company submitted that the residential address was always collected and documented within the system. Notwithstanding this, the company still failed to identify and verify their residential address throughout the business relationship.”

Six per cent of profiles reviewed were said to contain a foreign address that was either non-existent or otherwise invalid, with 14 per cent featuring missing, generic or outdated occupational information.

Casino Malta was also found to have relied solely on information provided by the customers upon registration, with a failure to verify this data alleged.

The AML body is also said to have unearthed EDD failings, which included shortcomings in conducting proper measures on players whom the licensee classified as high risk. In 28 per cent of cases, it is said that the company failed to carry out necessary checks.

One such example includes “a student with links to China and was allocated a high risk rating” that played with €200,000 and lost €80,00 without any affordability checks having been undertaken.

It was reminded that it is a company’s responsibility to understand a player’s source of wealth, with it “not enough to simply check” against the Malta Business Registry.

Another case featured a CEO with connections to Turkey that dropped over €1m, the majority of which was said to come from cash and across eight different bank accounts.

As well as stating that “a change in transaction pattern was noted,” the FIAU added that “in view of the high gaming activity, the fact that the player utilised eight different bank accounts and the change in transaction pattern, the company should have carried out additional measures such as obtaining documentation as to this player’s SOW as well as the income earned, and other returns generated through his employment/businesses.” 

In addition, the FIAU suggested that it had identified three players that should have been flagged by the company as being suspected of facilitating ML/FT, and consequently should have been reported.

One example includes a player that was listed as a “self employed – plasterer” and was allocated a low risk rating, but was later arraigned in court for allegedly being involved in drug trafficking.

The notice said “the company, although unaware of the freezing order, knew of the ongoing court proceedings against the customer. 

“Notwithstanding this, the company never submitted an suspicious transaction report to the FIAU in relation to this and continued to allow the player to wager substantial amounts.”

Another involved a politically exposed person that was allegedly involved in bribery and tax evasion, and a business owner that had more than €500,000 in back taxes.

Furthermore, under the terms of the follow-up directive, the company must ensure “sufficient progress” is made across an array of procedures and measures. It is also noted that the administrative penalty is not yet final, and that Casino Malta may be appealed before the Court of Appeal.