• Home
  • Anti-money Laundering

Anti-money Laundering

Purpose and Scope

Drippybet maintains an Anti-Money Laundering and Counter-Terrorist Financing (AML/CTF) Policy to prevent the use of its platform for illicit financial activity and to comply with applicable laws and regulatory requirements. This policy governs onboarding, ongoing monitoring, detection, reporting, and records management for all customers, employees, and business partners engaging with Drippybet.

Regulatory Governance and Oversight

The AML/CTF program is overseen by a dedicated compliance function with the authority to implement, monitor, and enforce controls. An appointed Money Laundering Reporting Officer (MLRO) is responsible for day-to-day management of AML/CTF procedures, escalation of issues, and coordination with authorities as required by law. The Board retains ultimate responsibility for ensuring ongoing compliance, with regular reporting on risk, controls, and training outcomes.

Risk-Based Approach

Drippybet applies a risk-based framework to identify, assess, and mitigate ML/TF risks. Risk factors include customer geography, product and service mix (including online gaming and digital payment methods), transaction patterns, and access to high-risk jurisdictions. The program prioritizes higher-risk scenarios for enhanced due diligence and ongoing monitoring, and lowers intensity for lower-risk profiles, while maintaining supervisory compliance across all activities.

Know Your Customer (KYC) and Due Diligence

Customer onboarding and ongoing due diligence are conducted to verify identity, assess risk, and determine the appropriate level of ongoing monitoring. Verification is required before full service use, including withdrawals, and continuous updates are performed as part of the ongoing relationship.

  • Identity and Age Verification: The customer must supply verifiable data including full legal name, date of birth, contact information, and permanent residential address. Acceptable primary identification includes a government-issued photo ID (e.g., passport or national ID) and, where necessary, an alternative document such as a birth certificate with supporting imagery. Verification is performed using reliable, independent data sources and may involve third-party providers for identity screening and sanctions/PEP checks.
  • Proof of Address: Customers must provide documentation showing the registered name and current residential address, issued within the last three months (e.g., utility bill or bank statement). The document must clearly display the customer’s name and address.
  • Proof of Payment Method: Verification of the payment method used for deposits and withdrawals is required. Current examples include:
    • Card payments: photograph or scan of the card displaying the cardholder name, first six digits and last four digits, and signature. The security code and middle digits must be redacted.
    • Electronic wallets: screenshot or PDF showing the account email and associated profile details.
    • Bank transfers: a bank statement covering the relevant period, showing bank name, account number, IBAN, and BIC.
    • Cryptocurrency: transaction history and wallet profile confirming ownership and link to the account.
  • Source of Funds and Source of Wealth: Customers may be required to provide documentation demonstrating the legitimate source of funds and wealth used for gambling activity, such as payslips, tax returns, bank statements, or other evidence reflecting consistent, lawful income.
  • Onboarding Triggers: Verification must be completed prior to enabling full functionality, and withdrawal capabilities may be restricted until verification is complete. If withdrawal is requested prior to verification, the customer will be required to submit the necessary documents within 48 hours and the review will be completed within 3 business days, barring additional information requests.

Ongoing Monitoring and Enhanced Due Diligence

Drippybet conducts ongoing monitoring of customers and transactions on a risk-sensitive basis to detect unusual or suspicious activity. Enhanced due diligence (EDD) is applied to higher-risk scenarios, including but not limited to politically exposed persons (PEPs), customers from high-risk jurisdictions, complex or unusually large transaction patterns, or any activity flagged by automated screening as high risk. EDD may include additional documentation requests, source of funds verification, intensified monitoring, and management approvals to proceed.

Politically Exposed Persons (PEP) and Sanctions

Where a customer is identified as a Politically Exposed Person (PEP) or a sanctioned individual or entity, Drippybet will assess the risk and apply proportionate mitigation measures. In cases where the risk cannot be adequately mitigated or SoF/SoW cannot be satisfactorily established, account restrictions or termination may be imposed in accordance with applicable law and policy.

Transaction Monitoring and Red Flags

Drippybet employs a combination of automated and manual monitoring to identify indicators of ML/TF activity. Key monitoring focuses include sanctions screening, unusual deposit or withdrawal patterns, high-risk wallet addresses, and behavior inconsistent with a customer’s disclosed profile. Red flags include inconsistent information, multiple accounts without legitimate purpose, rapid deposit and withdrawal cycles with minimal gameplay, and requests to transact with third parties or through unusual methods. On detection of a red flag, the MLRO is notified and an investigation is initiated, potentially leading to enhanced due diligence, temporary restrictions, or reporting to authorities as required by law.

Record Keeping

Drippybet maintains comprehensive records of all AML/CTF-related activities for a minimum of five years from the end of the business relationship or from the date of the last transaction, whichever is later. Records include identification data, verification results, transaction histories, correspondence related to AML/CTF matters, internal investigation records, training logs, and reports to regulatory authorities. Records are stored securely and are accessible to competent authorities upon legitimate request.

Suspicious Activity Reporting

Any employee who suspects activity may be related to ML/TF must promptly notify the MLRO. The MLRO investigates internal suspicions and, if warranted, files a Suspicious Activity Report with the applicable Financial Intelligence Unit or regulatory authority without delay. Staff must not disclose that an investigation or report has been made. Drippybet cooperates with law enforcement and regulators as required by law, subject to applicable legal constraints.

Data Privacy and Security

All AML/CTF data collection and processing is conducted in accordance with applicable data protection laws. Access to customer information is restricted to authorized personnel and is logged. Data retention, use, and disclosure are limited to purposes related to AML/CTF compliance, regulatory requirements, and risk management.

Employee Training and Awareness

Drippybet provides regular AML/CTF training to relevant personnel, covering applicable laws and regulations, the policy framework, risk indicators, customer due diligence procedures, and reporting processes. Training is conducted at least annually, with additional instruction following material policy changes or regulatory updates.

Policy Review and Updates

This AML/CTF Policy is a living document. It is reviewed at least annually and updated as needed to reflect changes in laws, risk assessments, and the operational environment. Material changes require approval by the MLRO and senior management and are communicated to relevant personnel for implementation.