Prevention of Money Laundering and Terrorist Funding
The primary sources of Maltese law on money laundering as a criminal activity and the prevention thereof, are the Prevention of Money Laundering Act (Cap. 373 of the Laws of Malta) (PMLA) and the Prevention of Money Laundering and Funding of Terrorism Regulations (S.L. 373.01 of the Laws of Malta) (PMLFTR). The Implementing Procedures issued by the FIAU as per its powers under Regulation 17 of the PMLFTR are likewise legally binding instruments.
Land-based casinos have become subject to AML/CFT obligations with the transposition of Directive 2001/97/EC of the European Parliament and of the Council of 4 December 2001. With the introduction of Directive 2015/849 of 20 May 2015, providers of gambling services offering the wagering of a stake with monetary value in games of chance, including those with an element of skill such as lotteries, casino games, poker games, betting transaction which are provided in a physical location or by any means at a distance by electronic means, were also brought into scope.
The transposition of the aforementioned Fourth Anti-Money Laundering Directive brought about a revamp of the Maltese AML regulatory framework, whereby ‘gaming licensees’ were included within the definition of ‘subject person’ in the PMLFTR with effect from the 1st of January 2018. Subsequently, the FIAU and the Malta Gaming Authority (MGA) collaborated together to issue legally binding guidance specific to the remote gaming sector with the aim of aiding the sector in understanding and adhering to their AML/CFT obligations emerging from the aforementioned regulations. This resulted in the coming into force of the Implementing Procedures Part II on the 19th of July 2018, which legal instrument was last revised on the 2nd of July 2020 and will continue to be revised periodically to cater for the legal and practical changes in the AML/CFT regulatory sphere.
The AML/CFT obligations require casino and gaming licensees, more specifically B2C licensees offering Type 1, 2 and 3 games, to apply a risk-based approach in applying AML/CFT measures, controls, and procedures. They are primarily required to appoint a Money Laundering Reporting Officer (MLRO) of sufficient seniority and command whose main responsibility is to analyse unusual or suspicious activity or transactions observed within the business activity, and to follow up the same as necessary through the filing of a suspicious transaction report (STR) with the FIAU. In addition, the appointed MLRO has to be registered with the FIAU and an approved Key AML Function by the MGA, in line with the Gaming Authorisations and Compliance Directive (Directive 3 of 2018) and the Directive on the Key Function of the Prevention of Money laundering and the Financing of Terrorism (Directive 3 of 2020).
The basis of ensuring AML/CFT compliance is to carry out a Business Risk Assessment to understand the risks and vulnerabilities the licensee may be exposed to. Following this, the licensee has to devise a Customer Acceptance Policy and transcribe its AML/CFT policies and procedures outlining how the company will be abiding with its Customer Due Diligence and other various AML/CFT obligations.
While licensees are required to carry out identification procedures and ongoing monitoring from the initiation of a business relationship, the majority of the obligations are triggered once the client reaches a threshold of EUR 2,000 in accrued deposits, when carried out in a single transaction or in several transactions which appear to be linked. More specifically, subject persons are required to conduct a customer specific risk assessment and verification procedures and build a business and risk profile of the customer, including by obtaining source of wealth and source of funds information and documentation on a risk sensitive basis. Furthermore, within the context of a business relationship, subject persons need to ensure that proper ongoing transaction monitoring is carried out on a risk-based approach throughout the course of the business relationship.