The £825000 penalty issued to Done Brothers Cash Betting Limited, trading as Betfred, creates renewed attention on deficiencies in money laundering controls across the retail gambling sector. The first paragraph of the case revealed that the fine stemmed from an investigation that found the operator failed to maintain effective anti-money laundering oversight for customers using B3 gaming machines. The regulator concluded that the firm lacked accurate visibility of customer spend and exposure in 2024, which directly undermined its ability to identify suspicious patterns. This action also followed an earlier enforcement outcome in 2023, adding weight to concerns around repeated weaknesses.

AML oversight failures involving B3 gaming activity

The enforcement findings showed that Betfred could not form a coherent picture of machine-based customer behaviour, which prevented the firm from applying proportionate controls. Machine alerts and daily reports existed; however, the systems in place at the time did not allow the operator to view aggregated spend across sessions. This meant staff could not link individual machine events to a broader risk profile. When a firm does not have a unified view of customer exposure, it becomes difficult to apply risk-based thresholds or detect unusual activity that might indicate laundering attempts.

The investigation also identified missing processes for screening and managing customers who might be subject to financial sanctions. A gambling operator must be able to detect names that appear on official sanctions lists, and the absence of an effective approach represents a material failure in compliance expectations. This type of gap elevates exposure to illicit finance risk and indicates insufficient alignment with legislative duties that apply to regulated entities handling customer funds.

Thresholds for reviewing the source of income were found to be poorly calibrated. Loss limits of £15000 and stakes of £125000 over 365 days were judged too high relative to the risks associated with machine gambling patterns. A risk-based approach requires thresholds to reflect the operator’s product mix and customer demographics. When thresholds are set at levels that allow prolonged high-value activity without scrutiny, the oversight framework becomes ineffective. These issues jointly contributed to the conclusion that the operator did not have a working model to detect or manage laundering risks linked to regular machine use.

Recurring shortcomings despite past regulatory action

This case marked the second enforcement outcome faced by the operator in a period of two years. A previous settlement in 2023 for AML and customer protection failures signalled that the firm had already been alerted to gaps in its framework. A repeat finding indicates that the improvements introduced after 2023 were not sufficiently embedded or that processes did not evolve in line with operational risks. Regulators place strong emphasis on sustained remediation, and recurring deficiencies can be seen as an indicator that the compliance environment lacks resilience or adequate oversight.

The regulator also mentioned that most failures observed in 2024 fell within technical categories rather than emerging from isolated customer cases. However, technical does not reduce materiality. Structural weaknesses in process design often have a greater long-term impact because they create blind spots affecting large numbers of customers. For AML teams, technical weaknesses in machine monitoring or threshold design can generate significant vulnerabilities because transactional patterns on machine-based products often differ from traditional sportsbook activity, requiring tailored controls.

The need for a third-party audit demonstrates that regulators expect independent validation of operator-level enhancements. An audit of this type tests whether remediation is stable and whether governance frameworks match the complexity of the operational environment. When an operator is subject to repeated supervision events, an audit becomes a tool to verify whether compliance changes are functioning and whether senior management oversight is sufficiently strong to manage ongoing risks.

Weak customer assessment models and limited risk visibility

The investigation highlighted the inability to calculate total customer spend for B3 machine players, which restricted the firm’s capacity to assess money laundering and terrorist financing exposure. Without consolidated spend data, staff could not distinguish normal activity from behaviour that warranted scrutiny. This data visibility problem created a barrier to applying a risk based approach, which is essential for early detection of patterns that might indicate the placement or layering of funds.

Insufficient processes for identifying sanctioned individuals presented a separate risk. Gambling transactions can be used by sanctioned persons to move funds or convert them into winnings that appear legitimate. Without a functioning sanctions process, operators cannot demonstrate compliance with national obligations that restrict the provision of financial services to sanctioned individuals. This was a core aspect of the failings under review.

Risk-based source of income checks were also lacking. When thresholds are set at levels that rarely trigger enquiries, the control environment becomes symbolic rather than preventative. AML functions must apply thresholds that align with the likelihood of high-value machine play being used to disguise the origin of funds. The thresholds described in the assessment were too distant from operational reality, which contributed to the regulator’s view that the firm lacked an understanding of how machine-based gambling creates specific money laundering vulnerabilities.

Lasting regulatory pressure on machine-based gambling controls

The regulator stated that the operator has begun to introduce improvements since the assessment, but this will only be confirmed once the third-party audit is complete. This reinforces the expectation that gambling operators must demonstrate that controls work consistently and that staff understand how to handle higher-risk activity. Continuous enhancement remains essential because machine-based products attract customers with diverse behavioural patterns that can mask abnormal activity if oversight is weak.

This case also reflects the broader emphasis on accountability for long-standing gaps. Regulators have become increasingly focused on ensuring that firms that receive prior sanctions demonstrate sustained progress. Where previous actions fail to trigger permanent structural change, later penalties tend to focus on operational robustness and the adequacy of management responses. The 2024 findings suggest that a combination of data fragmentation, outdated thresholds, and insufficient sanctions processes contributed to a risk environment that did not meet expectations.

For AML practitioners, the case confirms the importance of end-to-end visibility across machine activity. Monitoring frameworks must be able to consolidate spend, identify high velocity play, and generate case reviews that reflect the true exposure of the customer. When controls do not align with product risk, even well-designed systems cannot detect laundering attempts. The enforcement outcome, therefore, emphasises that machine-based gambling continues to attract regulatory scrutiny because it presents conversion risks that can be exploited by individuals seeking to move funds without detection.

---

Key Points

• The £825000 penalty was issued due to AML failures involving B3 gaming machine oversight
• The operator lacked consolidated spend visibility, which weakened risk assessment
• Thresholds for source of income checks were set too high to be effective
• Sanctions screening processes were insufficient to detect higher-risk customers
• A third-party audit will assess whether improvements have been fully implemented

---

Related Links

• Gambling Commission Enforcement Actions
• UK Sanctions List Guidance
• FATF Risk-Based Approach for Casinos
• HM Treasury AML Supervisory Framework

Other FinCrime Central Articles About Gambling

• Europol strike weakens violent network controlling illicit gambling flows
• £650k Penalty Shows Missed Red Flags Behind Voucher Deposits
• Caesars Casino Hit With $7.8 Million Fine as Bookmaker Case Uncovers Deep Compliance Gaps

Source: UKGC

Some of FinCrime Central’s articles may have been enriched or edited with the help of AI tools. It may contain unintentional errors.

Want to promote your brand, or need some help selecting the right solution or the right advisory firm? Email us at info@fincrimecentral.com; we probably have the right contact for you.