PROHIBITION ON FUNDING OF UNLAWFUL INTERNET GAMBLING

I.         INTRODUCTION

In November of 2008, the Federal Reserve Board (Board) and the Department of the Treasury announced a joint final rule (Regulation GG) to implement the Unlawful Internet Gambling Enforcement Act (Act) of 2006.  The final rule applies to financial firms that participate in designated payment systems and requires these firms to establish and implement policies and procedures that are reasonably designed to prevent payments to gambling businesses in connection with unlawful Internet gambling.  The primary focus of the policies and procedures should be directed at establishing a due diligence process to ensure commercial customers are not engaged in unlawful Internet gambling activities.

Participants in designated payments systems must establish and implement written policies and procedures reasonably designed to identify and block or otherwise prevent restricted transactions.  Participants with particular roles in a payment system may be exempt from the regulation’s requirement to establish written policies and procedures because, in these roles, it is impractical for the participant to identify or block prohibited unlawful Internet gambling transactions.  The final rule provides a list of exempt entities and transactions.  The final rule also provides a non-exclusive sample list of possible policies and procedures reasonably designed to prevent restricted transactions.  These include due diligence procedures in establishing new commercial customer accounts and relationships, implementing a mandatory transaction code system that may be used to identify restricted transactions, and establishing procedures to ensure compliance with the Act upon receiving actual knowledge that a customer has engaged in an Internet gambling transaction.

The final regulations became effective January 19, 2009, and financial intermediaries subject to the Act were required to be in compliance by June 1, 2010.

II.        KEY DEFINITIONS

Key definitions under the final rule include: 

  • Actual Knowledge – Actual knowledge with respect to a transaction or a commercial customer means when a particular fact with respect to that transaction or commercial customer is known by or brought to the attention of:  (1) an individual in the organization responsible for the organization’s compliance function with respect to that transaction or commercial customer; or (2) an officer of the organization.
     
  • Designated Payment System – (1) Automated clearing house systems; (2) Card systems; (3) Check collection systems; (4) Wire transfer systems; and (5) Money transmitting businesses other than the services performed for check cashing, currency exchange, or issuing or redeeming money orders, travelers checks, and other similar instruments.
     
  • Operator of a Designated Payment System – means an entity that provides centralized clearing and delivery services between participants in the designated payment system and maintains the operational framework for the system.
     
  • Participant in a Designated Payment System – means an operator of a designated payment system, a financial transaction provider that is a member of, or has contracted for financial transaction services with, or is otherwise participating in, a designated payment system, or a third-party processor.  This term does not include a customer of the financial transaction provider, unless the customer is also a financial transaction provider otherwise participating in the designated payment system on its own behalf. 
     
  • Restricted Transaction – any of the following transactions or transmittals involving any credit, funds, instrument, or proceeds in connection with the participation of another person in unlawful Internet gambling:  (1) credit, or the proceeds of credit, extended to or on behalf of such other person (including credit extended through the use of a credit card); (2) an electronic fund transfer, or funds transmitted by or through a money transmitting business, or the proceeds of an electronic fund transfer or money transmitting service, from or on behalf of such other person; or (3) any check, draft, or similar instrument that is drawn by or on behalf of such other person and is drawn on or payable at or through any financial institution.  (The rule restricts payments to gambling entities, but not to individual gamblers.)
     
  • Third Party Processor – means a processor with a direct customer relationship with either the originator of a debit transfer transaction or the receiver of a credit transfer transaction and who acts as intermediary between the originator/receiver and the last depository institution to handle the transaction.
     
  • Unlawful Internet Gambling – means the placing, receiving, or otherwise knowingly transmitting a bet or wager by any means which involves the use of the Internet where such bet or wager is unlawful under applicable Federal or State law.

III.       EXEMPTIONS

The regulation exempts many participants in four of the five categories of designated payment systems from the requirement for establishing written policies and procedures reasonably designed to prevent or prohibit restricted transactions with respect to that transaction.  In the case of ACH, check collection, and wire transfer systems, the regulation applies only to those participants that possess customer relationships with Internet gambling businesses (the depository financial institution receiving an ACH credit transaction or originating an ACH debit transaction, the depository bank in the case of a check collection transaction, or the beneficiary’s bank in the case of a wire transfer) and those engaged in certain cross-border transactions.

IV.       REQUIRED POLICIES AND PROCEDURES

All non-exempt participants in designated payment systems must establish and implement written policies and procedures reasonably designed to identify and block or otherwise prevent or prohibit restricted transactions associated with commercial accounts.  A non-exempt financial transaction provider participant in a designated payment system is considered to be in compliance with the policy and procedure requirements if:  (1) it relies on and complies with the written policies and procedures of the designated payment system that are reasonably designed to:  (a) identify and block restricted transactions; or (b) otherwise prevent or prohibit the acceptance of the products or services of the designated payment system or participant in connection with restricted transactions; and (2) such policies and procedures of the designated payment system comply with the requirements of the regulation.

A participant in a designated payment system may rely on a written statement or notice by the operator of that designated payment system to its participants that states that the operator has designed or structured the system’s policies and procedures for identifying and blocking or otherwise preventing or prohibiting restricted transactions to comply with the requirements of this regulation as conclusive evidence that the system’s policies and procedures are in compliance, unless the participant is notified otherwise by its federal functional regulator or the Federal Trade Commission.

V.       NON-EXCLUSIVE EXAMPLES OF POLICIES AND PROCEDURES

A.        Due Diligence

The regulations provide a detaileddescription of the kind of “flexible, risk-based” due diligence in account opening and maintenance that the regulations contemplate:

  • Participants should obtain a basic understanding of a new commercial customer’s business.  If, based on that understanding, there exists only a minimal risk that  the customer relationship for Internet gambling transactions, and then no further due diligence would be required.
     
  • If the risk is more than minimal - such as a customer in the business of offering games over the Internet - then further documentation should be obtained from the customer, which could include the customer’s certification that it is not involved in Internet gambling business.
     
  • If the prospective customer is involved in Internet gambling business, the participant may rely on either (a) proof that the customer has obtained a license authorizing the activity from the appropriate state or tribal authority; or (b) if the customer does not have such a license, a reasoned legal opinion from the prospective customer’s counsel demonstrating that the prospective customer’s Internet gambling business does not involve restricted transactions.  The regulations also suggest obtaining third-party certification of the prospective customer’s systems for enforcing age andlocation verification to ensure that its Internet gambling business remains within the licensed or otherwise lawful limits.
     
  • Participants should also notify all of their commercial customers, through provisions in account or commercial customer relationship agreements or otherwise,that restricted transactions are prohibited from being processed through the account or relationship.

This due diligence – which may be performed in combination with other customer due diligence required by the Bank Secrecy Act and other federal laws – is expected to form the primary policy and procedure for non-exempt participants in ACH, check collection, and wire transfer systems. 

With respect to card systems, however, the regulations generally anticipate that, as an alternative to the “risk-based” due diligence framework, participants will develop or use existing transaction coding mechanisms to identify and block suspected unlawful Internet gambling transactions in real time.  In this regard, non-operator participants in an “operator-driven” designated payment system such as a card system may rely on and comply with policies and procedures adopted by the operator, in which case they need not separately adopt their own policies and procedures.  The participant need not independently verify compliance of the operator’s policies and procedures with the regulations, and may rely on the operator’s written notice to its participants that it has adopted policies and procedures to comply with the regulations, unless federal regulators have given notice that such policies and procedures are non-compliant.

Banks should contact their card networks to learn more about the policies and procedures that will be implemented and to obtain copies of those procedures well in advance of the December 1, 2009, implementation date.

VI.       POLICIES AND PROCEDURES WHEN RESTRICTED TRANSACTIONS ARE KNOWN

Every financial institution that is a non-exempt participant must establish written policies and procedures describing remedial actions it will take if it discovers that a commercial account is processing restricted transactions.  The final rule does not mandate any specific actions that must be taken, but relies on each participant to have established policies and procedures in place.

The final rule clarifies the obligations that a non-exempt participant in a designated payment system must adhere to when it gains “actual knowledge” that a commercial account has processed restricted transactions.

According to the final rule, actual knowledge is gained when an entity knows or receives a report from a governmental entity such as a law enforcement or regulatory agency that a commercial account is processing restricted transactions.  A financial institution that merely has suspicions of restricted transactions, but does not know for certain, is not obligated to initiate the policies and procedures. 

When the “actual knowledge” threshold is met, the final rule does not provide participants with a set of standard actions to implement.  The overview discussion notes that it will be left to the participant’s “business judgment” whether it is appropriate to deny the commercial customer access to a particular payment system or to close the account entirely or to take some other action. 

If a non-exempt participant gains actual knowledge that one of its commercial customers is operating as an Internet gambling business, they are obligated to initiate the proper due diligence to determine if the account holder has the legal authority to do so.  This applies to customer accounts opened before or after December 1, 2009.  The commercial account should be required to provide evidence that it is operating with legal authority (state or tribal license or reasoned legal opinion) and that it has the proper safeguards in place to prevent minors and those in more restrictive jurisdictions from placing unlawful wagers.

VII.     COMMERCIAL ACCOUNT NOTICE

The final rule requires that banks communicate to their commercial customers that restricted transactions are prohibited under the Act.  However, the regulation is flexible regarding how the communication is made.  It may be made through a revised commercial account agreement for new customers, pursuant to a notice sent to established commercial customers, or possibly even through some other methods including a notice on the bank’s Web site as long as the commercial account holders are reasonably likely to receive it.  Banks are not required to update account agreements or provide notice with a periodic statement to comply with this requirement of the Act.

The final rule does not provide model language for the required disclosure.  Banks are not obligated to explain the requirements of the Act or to instruct commercial account holders on the differences between lawful and unlawful gambling.  The requirement is simply to inform commercial customers that transactions that are restricted under the Act are prohibited and should not be processed through these accounts.

Compliance Handbook Search

STAY CONNECTED

Nebraska Bankers Association

233 South 13th Street, Suite 700
Lincoln, NE 68508
402-474-1555
​Digital Millennium Copyright Act Policy