The COVID-19 pandemic has led to more interest in cashless payments in the gaming industry, but casinos need to consider Bank Secrecy Act (BSA) and anti-money laundering (AML) compliance program implications prior to introducing this new payment option. Deloitte’s Matt Lappas discusses three key areas of focus to strengthen casino compliance programs.
According to research performed by the American Gaming Association (AGA), the gaming industry’s national trade group, approximately 57% of past-year casino visitors preferred a digital or cashless payment on the casino floor in response to the COVID-19 pandemic.
The AGA released a set of guiding principles in June 2020 for modernizing gaming payment options in hopes of cultivating support from state and tribal regulators who are considering expanding payment choices throughout the gaming industry. According to the AGA, digital or contactless payment methods would promote responsible gaming by equipping patrons with digital tools to monitor and set gaming limits, as well as providing increased transactional transparency to regulators and law enforcement with regard to anti-money laundering and other financial crimes.
Cashless payments are permitted in some states for the purposes of online casino gaming and sports betting. And, while a small number of U.S. casinos do permit cashless payments, regulatory acceptance and limited technology has prevented this new payment method from becoming prevalent throughout the gaming industry – until now.
In June 2020, the Nevada Gaming Commission (NGC) unanimously approved updates to its terms, regulations and definitions for cashless gaming. These updates are the initial steps toward revolutionizing the patron gaming experience in Nevada, as well as protecting the casino operators who are subject to Nevada’s COVID-19 health requirements.
There are two key provisions that stand out:
- To address concerns related to patron problem gaming, the direct transfer of money from a patron’s bank account to a gaming device is still strictly prohibited; and
- Any technology that facilitates the cashless transfer of funds to a gaming device must undergo testing by the NGC Board before it can be implemented.
The introduction of cashless gaming brings about a new payment stream that a casino would need to monitor. Casinos considering the addition of a cashless gaming option should take the following steps.
Anti-Money Laundering and Cashless Payments: 3 Ways to Improve Casinos’ Existing Compliance Programs and Controls
1. Improve Patron Identification and Source of Wealth Verification to Support Building an Accurate Risk Profile
Casinos review a patron’s identification for their legal age prior to their participation in gaming activities. For the purposes of meeting customer identification program (CIP) requirements, casinos should already document patron information.
Casinos should also already document the patron’s source of wealth and associated information (e.g., source of funds, occupation, estimated net worth) to satisfy customer due diligence (CDD) requirements.
For patrons who wish to take advantage of cashless payment methods, casinos can consider requiring patrons to establish player reward accounts through which casinos could collect CIP and CDD information with minimal impact to the overall patron experience.
Documenting patron CIP and CDD data is critical for building a risk profile and effectively monitoring transactional activity. Recent enforcement actions issued by the Financial Crimes Enforcement Network (FinCEN) have cited casino employees for not upholding due diligence requirements or reporting suspicious transactional activity.
Leading casino compliance programs regularly assess the operational effectiveness of patron data collection and storage procedures to evaluate whether they are being executed consistently. Without effective data quality and data governance programs, it is difficult to analyze transaction activity patterns for suspicious activity.
2. Assess Current Transaction Monitoring Capabilities to Determine How Cashless Payments May be Effectively Tracked
Over the last several years, casinos have begun expanding their compliance programs by implementing transaction monitoring systems in accordance with regulatory expectations and leading industry practices.
However, the pursuit of identifying potentially suspicious activity has been difficult, as many of these systems are newly developed and either repurposed from banking or home-grown. In either circumstance, the transaction monitoring rules and thresholds must undergo continuous tuning.
Providing patrons with the option to supplement their cash-based gaming with cashless payment options will add another layer of complexity to tracking patron gaming patterns.
As a part of the decision to offer cashless payment options to patrons, casinos can assess their current transaction monitoring solutions to understand if existing rules and thresholds are able to account for activities associated with these new methods of payment (e.g., deposits/withdrawals, reporting limit thresholds, unapproved methods of payment, amounts inconsistent with player risk profile).
Cashless payment assessments will be critical to the effectiveness of casino compliance programs, as gaps in transaction monitoring may potentially lead to unidentified and unreported suspicious activity and financial crime.
If new rules and/or thresholds are required, their development and implementation should be in concert with the introduction of cashless payments as a patron offering.
In general, casinos should remain diligent by performing periodic reviews of their transaction monitoring solutions to determine effectiveness. Similarly, proactively tuning the system’s alert generation process to address changes in products and services, shifts in patron profile and business model changes that may impact gaming volume can also help hone monitoring effectiveness.
3. Instill a Culture of Compliance Through Expanded Security Measures and Comprehensive Training Programs
The expansion into digital or contactless payments would offer patrons convenience as well as health safety on the casino floor with casinos’ needs to stay on the leading edge of the industry’s modern era.
Contactless payment systems may have to contend with new forms of financial crime and direct interfacing with casino games for the first time.
While most cashless technology has built-in account security and encryption measures, casinos should also consider enhancing their information and digital security programs to protect patron personally identifiable information (PII) and payment information.
Furthermore, physical security procedures can also be expanded to account for identifying new methods of irregular or suspicious gaming practices by patrons on the casino floor (e.g., unapproved/multiple credit cards, players cards, electronic devices).
Effectively training floor staff to identify, mitigate and document suspicious activity can also help reduce potential risk of financial crime on the casino floor. As such, training programs should be continuously updated to account for new patron offerings and any related compliance risks.
In addition to training, casino leadership should encourage employees to acquire anti-money laundering professional certifications.
Matt Lappas is a Deloitte Risk and Financial Advisory manager in the anti-money laundering and economic sanctions practice, Deloitte Transactions and Business Analytics LLP. A Certified Anti-Money Laundering Specialist (CAMS), Lappas has nearly 15 years of banking sector experience — eight of which have been focused on anti-money laundering advisory work. Based in New York, Matt can be reached at 
