The Isle Of Man Gambling Supervision Commission (GSC) has imposed a civil penalty of £700,000 on Betsson subsidiary BMO Manx.
It comes following a comprehensive investigation which revealed numerous violations of established guidelines and legislation.
The findings highlighted significant shortcomings in BMO’s policies, procedures, and operational frameworks, primarily in its anti-money laundering (AML) and counter-terrorism financing (CFT) compliance.
The investigation uncovered widespread failures in the company’s adherence to essential AML/CFT measures. Among the most critical issues were the company’s lack of Enhanced Due Diligence (EDD) for high-risk customers, and failure to address unusual activities as required.
Furthermore, BMO’s Customer Due Diligence (CDD) policies did not outline clear protocols for implementing EDD or conducting additional monitoring in cases of suspicious activity.
BMO, which no longer holds a GSC gaming license, also lacked mechanisms to assess the necessity of terminating customer relationships when EDD was not provided within a reasonable timeframe, as mandated.
Further, the company’s suspicious activity reporting (SAR) framework was considered fragmented, with inefficiencies stemming from the involvement of multiple entities across operations in Peru and Malta before cases could reach the Money Laundering Reporting Officer (MLRO).
Another major compliance lapse was BMO’s inadequate procedures for identifying Politically Exposed Persons (PEPs) and ensuring timely verification of customer identities.
The absence of comprehensive risk assessments, both for customers and technology, further compounded the regulatory breaches.
Notably, BMO delayed the implementation of its Business Risk Assessment for six months after launching online gambling operations.
Operational weaknesses in governance and oversight
The investigation also highlighted deficiencies in BMO’s governance structure, particularly in the delineation of responsibilities between the MLRO and the AML/CFT compliance officer.
Both roles failed to demonstrate the sufficient access to information and resources necessary to meet regulatory expectations. Additionally, internal disclosures were not promptly escalated, and SARs were not always submitted to the Financial Intelligence Unit as required.
The company’s AML/CFT training programme also fell short of standards. Key personnel were not consistently included in training registers, and many employees had not undergone annual training.
Moreover, compliance policies were not regularly reviewed or updated by the AML/CFT compliance officer, leaving critical gaps in the oversight process.
Regulatory response and penalty
Given the extent and severity of the non-compliance, the Commission determined that imposing a discretionary civil penalty was appropriate. The failures, which spanned across multiple areas of regulations, demonstrated systemic shortcomings that necessitated decisive regulatory action.
Despite the serious findings, BMO acknowledged its operational failings early in the investigation and engaged constructively with the Commission to address the identified issues. The company entered settlement discussions and demonstrated a willingness to resolve matters.
This cooperative approach was noted by the Commission as a mitigating factor. It also allowed BMO to catch a break – the £700,000 fine was initially set at £1m.