AML is the regulatory framework requiring iGaming operators to detect, prevent and report suspicious transactions that could indicate money laundering, terrorism financing, or illicit source of funds.
Anti-Money Laundering (AML)
**TL;DR:** AML is the regulatory framework requiring iGaming operators to detect, prevent and report suspicious transactions that could indicate money laundering, terrorism financing, or illicit source of funds.
What it means
AML obligations in iGaming include customer due diligence (CDD), enhanced due diligence (EDD) on high-spending or high-risk players, transaction monitoring, source-of-funds (SoF) checks at defined thresholds (often €2,000–€5,000 cumulative deposits), and Suspicious Activity Report (SAR) filing with national FIUs.
Failure carries license-loss-level penalties. UKGC, MGA, DGOJ (Spain), ARJEL (France), AAMS (Italy), Curacao GCB and new LATAM regulators (CONAJZAR-PY, Colombia, Brazil) all run active AML enforcement. Multi-million euro fines for AML failures are routine — Entain, William Hill, 888 have all paid >£15M penalties since 2022.
Formula / How it's measured
AML KPIs:
- % of high-deposit players with SoF on file
- Average time to complete EDD
- SAR filing volume vs sector benchmark
- Transaction monitoring alert true-positive rate
- AML staff per 100k active players
Example: a regulated brand with 80,000 active players runs ~2,400 transaction monitoring alerts/month, files ~25 SARs, with EDD completed on 100% of players above €5K cumulative deposits.
Why it matters for operators
AML is existential — license loss is on the table. It also impacts player experience: SoF requests at withdrawal frustrate legitimate high-spenders, and ineffective tooling creates either high false-positive friction or regulatory exposure. Mature compliance ops differentiate top operators in regulated markets.
Common benchmarks (2026)
- SoF thresholds: €2K–€5K cumulative deposits (regulated EU)
- High-risk player ratio: 1–3% of active base
- AML team size: 0.5–1.5 FTE per 10,000 active players
- Annual AML cost: 1–3% of GGR for compliant operators
Common mistakes
- Reactive SoF only at withdrawal (creates payout backlog)
- Threshold-only monitoring without behavioral patterns (e.g. structured deposits)
- No clear escalation path from VIP host to AML when red flags appear
See also