Anti-Money Laundering, Anti-Terrorist Financing statement
1. Company Business Model
Medium Rare N.V. (“Stake” or the “Company”) is a company incorporated under Curaçao Law that was established in 2017 and operates the online casino www.stake.com under the licence n.º 1668/JAZ. Stake presently supports users in more than 169 countries globally.
As part of its global operations, Stake has established compliance measures commensurate with its services and products that are reasonably designed to deter and detect illicit activity on its platform. Such measures include onboarding and compliance screenings of its customers and transaction action-based controls.
2. Company Policy Statement
Stake is not a financial institution within the meaning of applicable law of Curaçao and is accordingly not directly subject to the statutes and regulations applicable to certain financial institutions, money transfer, or virtual asset service providers. However, in accordance with the 2016 Regulations for Anti-Money Laundering and Combating the Financing of Terrorism (“AML/CFT”) applicable for the Curaçao jurisdiction as provided by the Curaçao Gaming Control Board, Stake expressly prohibits and rejects the use of Stake products for any form of illicit activity, including money laundering, terrorist financing or trade sanctions violations, consistent with various national anti-money laundering (“AML”) laws, regulations and norms. Stake continues to monitor norm setting parameters promulgated by the Financial Action Task Force (“FATF”) and certain gaming trade groups in addition to the Curaçao Gaming Control Board and will take necessary action as it deems appropriate to reflect changes in law.
Stake’s intention is to follow global best practices in guarding against Stake products being used to facilitate such activities. Those best practices include:
Adoption of a written policy, and procedures and controls, reasonably designed to guard against money laundering, terrorist financing and trade sanctions violations;
Where appropriate, designation of a compliance officer to oversee the implementation of the policy, procedures and controls;
Provision of related education and training to relevant personnel; and
Independent reviews, monitoring and maintenance of the policy, procedures and controls.
The following defined terms are widely used in the industry:
Money Laundering: The process of making illegally-gained proceeds appear legal. This process is generally broken down into three steps: placement, layering and integration.
Placement: The process of placing unlawful proceeds into traditional financial institutions, through deposits or other avenues.
Layering: The process of separating proceeds of criminal activity from their origin through the use of layers of complex financial transactions, such as converting cash into traveler’s checks, money orders, wire transfers, letters of credit, stocks, bonds or purchasing assets.
Integration: Using apparently legitimate transactions to disguise the illicit proceeds, allowing the laundered funds to be distributed back to the criminal; integrating the now clean money back into normal use.
Suspicious Activity: Activity conducted by a user or non-user using the institution where there are indications that the persons engaging in the transaction may be doing so for fraudulent or illegal purposes.
Sanctions: Sanctions are activities conducted by the international community to prohibit or constrain activities of the target of the sanctions.For example, they are used:
To encourage a change in behaviour for a target country or regime;
To apply pressure on a target country to comply with set objectives;
As an enforcement tool when international peace and security has been threatened and diplomatic efforts have failed; or
To prevent and suppress the financing of terrorists or terrorist acts.
4. Governance and Oversight
Stake has appointed a Chief Compliance Officer (“CCO”) that is responsible for coordinating the implementation of the AML Policy and policy program. The Chief Compliance Officer’s duties also include developing AML initiatives, work with other stakeholders to revising the AML policy, assessing new regulatory requirements and investigate potentially suspicious or unusual activity. Stake also provides AML training to all of its employees on a regular basis.
5. Know Your Customer and Transaction Monitoring
Stake will apply appropriate user due diligence and ongoing monitoring measures required by law. Stake will endeavour to prevent users from engaging in illicit or otherwise unauthorised activity. Stake uses a combination of its software development and other service agreements, which are enforced through internal operational features to ensure that it complies with the applicable law.
Know Your Customer
A. Customer Due Diligence.
Stake has adopted a risk based CDD to enable Stake to understand the nature and purpose of the user relationship to the Stake platform in order to develop a customer risk profile. In order to do so, Stake collects certain documentary and non-documentary information at account-opening commensurate with the nature of the type account and services that Stake offers. Stake maintains different CDD for different accounts and services.
For instance, the CDD requires users go through Stake’s customer identification program (“CIP”). The CIP consists of procedures for:
Collecting baseline (e.g., wallet address, email address) information at account creation through Stake’s user onboarding portal;
Monitoring the risk profile associated with the underlying cryptocurrency wallet used to fund the user’s account;
Maintaining records of the information used to identify the user; and
Determining if a user appears on any list of known or suspected terrorists or terrorist organisations provided to the financial institutions based on the above information.
The above steps are operationalised using the following measures:
Identity and Age Verification. A third-party service provider will support’s Stake’s ability to determine the legitimacy of the identification information other KYC materials or information provided and will confirm that the user is permissible. The service provider also will confirm that the user does not appear to be located in a comprehensively-sanctioned or otherwise prohibited jurisdiction and will search global sanctions lists to confirm that the user does not appear thereon using onboarding information such as wallet addresses.
Customer Information. Stake will collect details on each user to form a reasonable belief that Stake knows the identity of its users commensurate with the user’s risk profile. For instance, Stake may collect such details as the wallet address, name, address, country, date of birth, or postal code (collectively, “KYC Information”). Stake will collect any of the above KYC Information prior to issuing a Stake funding address (e.g., QR code) to users. Stake does not presently allow users who are non-natural persons.Stake may, at its own description rely on the performance by another institution of some or all of the elements of our CIP.
Geo-blocking for Prohibited Jurisdictions. Stake will require contractual client certifications that, through IP address-based geo-blocking, no gaming services will be offered in countries where such activity is not permitted.
Geo-blocking for Sanctioned Jurisdictions. Stake also will require contractual client certifications that such users are not subject to United States, European Union, or other global sanctions or watch lists, including individuals or entities associated with the United States’ comprehensively sanctioned jurisdictions, Iran, Cuba, North Korea, Syria and the Crimean region of Ukraine. Stake will rely on various risk-based measures to verify these representations including as in the below-described know-your-user (“KYC”) measures and through IP address-based geo-blocking.
Contractual Prohibitions on Users Onboarding from Prohibited Jurisdictions. Users are notified at onboarding that Stake does not offer services in restricted jurisdictions. Stake’s policy on restricting user activity stems from a combination of its risk, fraud prevention, and AML standards, as well as any assessments associated with the permissibility of its services in certain jurisdictions.
B. Enhanced Due Diligence and Ongoing Monitoring
Stake performs ongoing monitoring on its users in order to detect any behaviours or indicators that might raise suspicions in regard to money laundering and terrorism financing practices. For that purpose, Stake has implemented a set of red flag indicators that help it determine such behaviours and require further action from Stake in assessing the customer information.
Whenever one of those red flags is triggered, the user account will be suspended and Stake will pursue enhanced due diligence. Enhanced KYC diligence under this policy is deemed to include, but not limit to, the provision of:
Full legal name;
Country of citizenship;
Permanent Address (which, for an individual, must be a residential or business street address, and for an entity, must be a principal place of business, local office or other physical location);
Identification number (either a taxpayer identification number, or, if unavailable, a passport number and country of issuance, alien identification card number or number and country of issuance of another government-issued document evidencing nationality or residence and bearing a photograph or similar safeguard);
Identification Document; and
Source of Funds and Source of Wealth.
Stake may use third party service provider to verify any of the above information as determined to establish a reasonable basis to know the true identity of the user where the user’s activity warrants such action.
C. Acceptance Policy
Stake will not accept a and will block the users that:
Do not provide the identification information requested by Stake;
Provide fake identification documents;
Try to use different means to deceive about their location;
Are from restricted or prohibited jurisdictions; or
Are subjected to United States, European Union, or other global sanctions or watch lists;
Are gambling addicted or have mental health issues;
Its source of funds are originated or exchanges in restricted jurisdictions;
Stake reserves the right to block and suspend player for any other reasons at its own description
Stake is firmly committed to complying with economic and trade sanctions programs imposed by jurisdictions in which the firm conducts business. For that purpose Stake established a transaction monitoring program with controls and processes to identify and detect any unusual activity in real time and in its ongoing monitoring.
Stake will conduct ongoing monitoring on a regular basis using rule-based systems developed in-house and others from third-party vendors to review user history and patterns of activity to detect and report any unusual activity as required and to develop and implement any additional controls or limits in its platform.
Stake implemented procedures addressing the following two key components of unusual or suspicious activity management:
identification of unusual activity through methods of identification may include employee and customer identification, law enforcement inquiries, other referrals, or transaction and surveillance monitoring system reports; and
alert management that focuses on processes used to investigate, evaluate and document identified unusual or potentially suspicious activity.
Stake will use the following processes to achieve both goals:
Transaction Monitoring for Sanctioned or Prohibited Jurisdictions. Stake may in its reasonable discretion impose certain due diligence requests at user balance withdrawal. Stake presently conducts a mixture of manual and automated transaction monitoring processes to identify “red flag” behaviour. Where such red flag behaviour is identified, Stake may refuse to process any withdrawal attempts or collect additional information from the recipient. Stake will further endeavour to limit any attempted user account funding from prohibited jurisdictions (which are identified in the Stake user facing disclosures and updated from time to time internally) where the associated wallet address indicates that the user or the user’s funds are located in such a prohibited jurisdiction. For instance, Stake may prohibit a user from funding their Stake account using a known U.S. based exchange wallet as such assets indicate that the user is a U.S. person. Users will have the ability to rebut any suspension with additional information as part of Stake’s ongoing transaction monitoring and user due diligence standards.
Screening for Sanctioned Parties. Prior to issuing a Stake funding address to a user, Stake will screen a user’s wallet address against applicable sanctions databases. Such screening measures will rely on third party blockchain forensics vendors such as Chainalysis. Stake will periodically re-screen wallet addresses against such databases.
Identification of Unusual Activity. Stake will monitor account activity for unusual size, volume, pattern or type of transactions, taking into account risk factors and red flags that are appropriate to its business. Monitoring will be conducted running regular reports of unusual, high risk, or suspicious user activity.
Anti-Mixing Measures.Stake will utilise software designed to detect other suspicious deposit or withdrawal patterns. Such instances will be dealt with on a case-by-case basis, depending on the perceived level of risk. In such instances, a user may be required to explain their methodology and purpose for using the platform.
Chainalysis Review. Every single crypto deposit or withdrawal both indirect and direct will run through Chainalysis and reviewed for signs of fraud or suspicious behaviour. A user’s account will be suspended and reviewed upon alert of potential illicit behaviour. Sufficient proof of wealth may be requested from high-risk accounts. Stake may refuse to withdraw to certain “high-risk” addresses as determined in consultation with Chainalysis risk scoring.
Withdrawal Threshold KYC. Additionally, and independently, every account, wherever or with whomever associated, will be suspended until adequate KYC diligence occurs once that account reaches a withdrawal threshold dependent on the accounts risk characterisation over the life of the account.
D. Other Ongoing Monitoring Controls
Additionally to the above mentioned controlling procedures, Stake has also implemented the following procedures to complement its know your customer and ongoing monitoring procedures:
Ban Evasion Detection. In addition, Stake will utilise third-party service provider software designed to detect the use by one user of multiple accounts. This software relies on detection of links between the same devices used to access multiple accounts. Such instances will be dealt with on a case-by-case basis, depending on the perceived level of risk. In such instances, a user may be required to explain their methodology and purpose for using the platform. Stake accounts are funded by users using local (non-custodial) or hosted (custodial) wallets. In addition to a Chainalysis screening, Stake monitors user activity within the Stake platform and any withdrawals must meet Stake’s and its third-party service provider’s verification processes. Stake further prohibits peer-to-peer account transfers within the Stake platform infrastructure. Any attempts to circumvent this restriction will be treated as a red flag.
Time Zone Monitoring. Stake has implemented time zone controls that detects the users device information and crosses it with restricted jurisdiction to understand if they are trying to use geo location software to hide the jurisdictions where they are connecting from.
Products and Services Review. Stake will establish additional procedures to avoid facilitating user attempts to exploit the Stake platform. Stake has a robust set of user-facing terms that users attest to in order to utilise the Stake platform. Stake will establish certain additional safeguards to mitigate against the risk of such misuse. For instance, Stake may establish policies or procedures for limiting which user assets can be onboarded to the Stake platform. Stake lists the assets that are available for use on the Stake platform. Stake does not allow the use of anonymity enhancing technologies such as mixers, tumblers, or certain coins and tokens. Where Stake becomes aware that an anonymity enhancing technology is being used on the Stake platform, Stake will disallow such use.
Vendor Management. Stake works with reputable third-party service providers as part of its compliance infrastructure. Stake will periodically assess the strength of its key third party service providers to determine if additional services are needed, the third-party service provider is not performing consistent with its contractual obligations, or if other remedial action is necessary for Stake to comply with this policy. Stake may request information from any third-party service provider as part of its vendor review process.
Compliance Innovation. In addition to vendor management, Stake will continuously monitor any non documentary compliance mechanisms to determine their viability for the Stake program. Stake may run test or trial programs on a limited basis with such compliance vendors to determine the effectiveness of such programs. Blockchain native compliance tools include fraud prevention services, on-chain KYC providers, and other tools designed to reflect the technological features associated with blockchain platforms.
6. Education and Training
Stake, with the assistance of its legal counsel and under the oversight of its CCO, may provide employees AML, anti-terrorist financing and trade sanctions compliance training on a periodic basis, as deemed appropriate.
Stake is obliged to report any unusual or suspicious transactions, in accordance with the National Ordinance. Customers that are identified as being on a sanctions list, linked to money laundering or terrorism financing or other criminal activities will be reported as suspicious activity to the regulator.