The Commission notified White Hat in January 2020 that it was to undertake an investigation of its combined remote operating licence, as part of the regulator’s ongoing compliance work.
The study focused around the handling of seven customers’ accounts, following concerns identified through a compliance assessment in March 2019. The regulator identified failings in the way White Hat identified and managed customers who were at higher risk of money laundering and problem gambling.
Specifically, the Commission said White Hat breached two licence conditions, as well as a provision in the social responsibility code. Breaches were identified on White Hat’s grandivy.com, 21casino.com, hellocasino.com and dreamvegas.com brands.
In terms of the licence breaches, the first of these related to condition 12.1.1, which covers to the prevention of money laundering and terrorist financing.
Condition 12.1.1 (2) requires licensees to have in place policies and controls to prevent money laundering and terrorist financing, while 12.1.1 (3) states that such procedures are implemented effectively, kept under review and revised appropriately.
White Hat accepted that it was in breach of this licence condition as its policies, procedures and controls to prevent money laundering were not appropriate or implemented effectively.
Going into further detail of this breach, the Commission found one White Hat customer lost approximately £70,000 between March 2017 and January 2019. The operator acknowledged its limited knowledge about the customer’s finances meant they should not have been allowed to continue gambling until it carried out a full customer intelligence report.
Another incident saw a player lose £55,000 between May 2017 and March 2019, and, on this occasion, White Hat completed a report. This showed the customer deposited £30,000 as a result of a win at a land-based casino.
However, the Commission said White Hat failed to sufficiently scrutinise the source of the deposit, as it did not request further information to corroborate the explanation.
The Commission also identified a breach of licence condition 12.1.2, which refers to how licensees must operate in line with UK’s Money Laundering Regulations of 2007 and 2017.
The regulator identified weaknesses in White Hat’s anti-money laundering (AML) controls and breaches, namely that it failed to keep full records of the evidence and supporting documents. It also failed to adequately apply customer due diligence.
In terms of social responsibility failings, this referred to provision 3.4.1 of the code, which requires licensees to have policies and procedures for customer interaction where they have concerns a player’s behavior may indicate problem gambling.
The Commission identified weaknesses in White Hat’s safer gambling controls, saying it did not have in place policies and procedures for customer interaction with specific provisions for making use of all relevant sources of information.
Giving examples of this, the regulator highlighted a case where a player lost approximately £70,000 within three months of opening an account. White Hat created a customer intelligence report that eventually indicated the player had an apparently successful previous career and owned an expensive property without a mortgage.
However, the source of funds was not identified and the customer’s account was not immediately locked. The Commission said White Hat prioritized creating a customer intelligence report, rather than intervening immediately, which was incorrect.
Another incident saw a player lose £2,000 in a short period of time, which in turn triggered a customer interaction, but 10 days later, the same customer gambled and lost £50,000 in six hours before self-excluding.
The regulator said while the customer received four interactions, it found the total lost by the customer demonstrated the interactions were not delivered effectively in accordance with the social responsibility code.
Finally, another customer lost £85,500 in 85 minutes, on the same day he opened an account with White Hat. The customer received four interactions advising them of the amounts deposited and one higher-level interaction with additional safer gambling messaging, before White Hat locked the account on the same day.
However, the Commission said the total loss by the customer demonstrated the interactions were not delivered effectively in accordance with the social responsibility code.
White Hat, which complied with the Commission throughout the investigation, said it accepted all of the failings and has committed to an ongoing program of improvements to strengthen its policies and procedures.
This will include introducing backstop limits to automatically stop players from depositing more funds until certain checks are completed, improving how it gathers and uses information for the checks, as well as strengthening its scrutiny processes and quality assurance reviews.
White Hat agreed to pay a regulatory settlement of £1.3m, in lieu of a financial penalty, with this to be directed to the Commission’s National Strategy to Reduce Gambling Harms. The operator will also pay £9,818.63 towards the cost of the investigation.