CasinoBeats Malta will feature a comprehensive line-up of industry experts debating the most pressing issues facing the igaming sector. G3 interviews panellist Ewa Kazmierska, COO at LV BET, about the compliance panel session at CasinoBeats Malta.
How do you build a compliance culture within the business?
First, there is a need to understand the complexity of compliance. The compliance within the gambling sector seems to be associated merely with regulators’ requirements, but it is crucial to acknowledge that it is only a part of the compliance culture.
In business, trust is something which should not be underrated. It has an impact on the relationship between employers and employees, employees to employers, customers, companies, suppliers, regulators, governments.
Clients, customers, employees demand greater transparency and ethical behaviour from businesses with which they are engaged. A compliance program is a fundamental tool in a company’s ability to build trust.
Building a compliance culture should start with leadership. Effective compliance is not possible without senior management’s and board of directors’ full support. It is required to align compliance with enterprise risk management. Building a culture of compliance in the organisation is significant for minimising risks. Yes, it is true that compliance issues cost time and resources, they can cause going out of business altogether.
Appointing compliance ownership is crucial. The employees and 3rd parties must know where to go when they face an issue or have questions. There is also an organisation’s responsibility for following up on those concerns. Moreover, there must be someone appointed for monitoring, updating, and communicating the compliance procedures.
The organisation needs a written set of rules and principles that will guide employees’ behaviour with each other, with competitors, with partners, with customers and with the outside world.
Investing in employees training is one of the critical events. Regular policy review and assessment are required. There should not be second thoughts when it comes to investment in an effective compliance program. It is not cheap, but it’s favourable to the unlimited costs of noncompliance. It is also beneficial to make compliance training a continuous process, rather than a one-off.
We do not think that ignoring compliance mistakes is a good idea. We analyse the incidents to help others avoid the same error.
Anti-Money Laundering is one of the most significant compliance issues facing the sector. What measures does LV Bet employ to counteract the potential for AML to affect the business in a negative way?
AML compliance is something that cannot be improvised. The policies need to be thought through carefully. It is crucial to state them clearly and have it written out for all executives, staff, and regulators to see.
Again, training is the key. Every employee from RPF needs to know and understand the company’s policies and procedures. Employees need to be aware of the legal requirements in the first place.
Employees need to recognise the techniques used by money launderers, they need to conduct various checks and learn and how to report suspicious activities. The refresher programmes are needed to keep staff vigilant and informed to ensure the program is up-to-date.
The desired way to mitigate risk is to detect and manage problematic accounts before they become a risk. Performing a comprehensive identity verification check reduces risk from fraud, risk of breaking compliance rules.
The screening programme needs to gather data from diverse government sources, international regulators and law enforcement agencies. There is a necessity for monitoring on an ongoing basis. Tracking refers to the analysis of regular, current activities to ensure activities remain in compliance.
There are various activities to keep track of, such as exceeding thresholds, suspicious activities, change of status, recording of communications, surveillance of employees, watchlists, market trends, new regulations, trade data and various other market and transaction monitoring needs.
Workplace diversity and inclusion, unconscious bias and discrimination and harassment – to what level does your compliance team address and police these issues?
Diversity and inclusion are close to my heart. I have been fortunate to be surrounded by colleagues that share the same view. Transparency and honesty are one of the values of great importance to me; therefore, all employees are encouraged to be very open, and any issues they might be facing.
Luckily, there have not been any cases reported where any of those abovementioned was listed as a problem. There is the zero-tolerance policy when it comes to discrimination and harassment, should that ever be an issue, it can be rest assured that disciplinary measures are taken.
It is always advised to educate, educate and again educate, so there is no need to take any drastic measures.
Is the protection of vulnerable customers a compliance issue?
It is not only a compliance issue but also a business obligation if we treat social responsibility seriously. The aspect does not need necessarily reflect a moral view but the business benefit coming from a sustainable business model.
It is worth emphasising the fluid nature of the vulnerability, stressing that any consumer can become vulnerable at any time, and weakness can be temporary, sporadic or permanent. Overall, the issue of vulnerable customers is certainly not black and white one, and so it is essential firms take an appropriately flexible approach to the processes and policies. The monitoring process plays a huge role when it comes to the protection of vulnerable customers.
Know your customers these days should not only mean collecting customers’ documents. If a customer tells you, or are showing signs that they might need help, provide it, and remember if they’ve needed it before. Log this information (while remaining GDPR compliant!) so the next time they contact you, they don’t have to repeat themselves and you might need to refer them to a specialist team.
General Data Protection Regulation – GDPR – is this still a tricky issue to navigate from a compliance perspective and how is LV Bet dealing with GDPR?
GDPR is treated with critical importance at LV Bet. We have a stringent DPO who took care of GDPR implementation. There are clear procedures in place when it comes to GDPR processes.
The essential requirement is the proper personnel training and highlighting the importance of GDPR overall. Followed by refresher sessions, so the employees are always aware of the importance of the subject.
Pay and Play is becoming a hot topic with regards to ID checks and verification in the Online sector. With the issues surrounding screen scraping and KYC, especially in the The UK is Pay and Play a compliance issue waiting to happen?
We would need to get some context on the matter itself, the few critical aspects as screen scraping, open banking, PSD2 which is a major ‘game-changer’ for any national payments market in Europe.
Andrea Enria, chairperson of the European Banking Authority (EBA) stated in a speech to the Westminster Forum that “…the current practice of third party access without identification referred to as ‘screen scraping” will no longer be allowed once the transition period under the PSD2 has elapsed and the RTS (Regulatory Technical Standard) applies.”
This speech was followed up with the final draft of the RTS confirming the intention to ban screen scraping 18 months after it comes into force. Since that announcement, there has been consternation amongst the ranks of European FinTechs. The EU Commission itself has called on the EBA to rethink the ban.
There comes Open Banking in play and the question if Banking can overcome the flaws associated with screen scraping. The purpose of Open Banking was to make the process of retrieving a customer’s transaction data more safe and secure.
When it comes to regulation, Open Banking can only be utilised by third-party providers regulated by FCA whereas screen scraping is generally unregulated.
Open Banking was designed to replace screen scraping as a more secure, faster, and better alternative. For companies who need or want to access account data but have yet to adopt Open Banking, the looming deadline should push them to take this latest innovation in financial technology”.
So yes, anything that remains unclear when it comes to practice following regulatory changes, especially when it needs to be adopted by technology, it might become an issue.