In this episode, we’ll discuss key strategies such as KYC, sanctions screening, and open-source intelligence to help mitigate risks and ensure compliance in a growing iGaming market.

Guest: Ian Messenger, CEO of the Association of Certified Gaming Compliance Specialists.

The iGaming Show, presented by Paramount Commerce, is a podcast that will analyse gaming industry trends with experts from various gaming organizations.

Please like, comment, and share this video. Also, stay up to date with our content by subscribing to our YouTube channel.

Full episode transcript:

Varad Mehta: Hello, everyone. Welcome to the 22nd episode of the iGamingShow presented by Paramount Commerce. I’m your host, Varad Mehta and in this podcast, we analyse gaming industry trends with experts from various gaming organisations. In today’s episode, we’ll be discussing the key strategies in tackling risks and ensuring compliance in a growing iGaming market with Ian Messenger, the CEO of the Association of Certified Gaming Compliance Specialists. So without further ado, let’s get the show rolling. So, Ian, how we always begin this podcast is by asking our guests a few fun questions. So I have a couple lined up for you. The first one is, what is your number one tip for taking a fantastic portrait photo?

Ian Messenger: That’s a very good question. My number one tip for taking a fantastic portrait is to be comfortable, to be comfortable in yourself, be relaxed. Don’t take it too seriously. No one ever takes a great photo the first time or the second time.

VM: Love it. My next question is that you’re a professor, but you were also a student once. So how did you learn the best? Were you a visual learner or were you an independent reading type of learner? And did you incorporate that into your teaching way as well?

IM: It’s a great question.I was very much a visual learner, really by not just seeing, but by doing as well. I wasn’t really one for reading pages on the textbook. It was very much doing by example. That’s really what – I had a career in policing and then in compliance in the gaming sector, and it’s not something you could learn from a textbook. And that’s really informed my teaching practise and the work we do in the ACGCS is very much to be visual and practical.

VM: Love it. And my last question would be, what is the process of putting together a book? How much work goes into putting together a book? Because you’re an author of many books, what is that process like?

IM: A lot of blood, sweat, and tears. A lot of focus, a lot of time, a lot of proofreading. I think with each of the books, think about who you’re writing for, who your audience is, and what value you want them to take away from this book. Because whether it’s a book or a certification or a training, you are taking someone’s time. You’re asking someone to commit to reading 400 pagesn or going through a course. It’s got to be mutually beneficial. So a lot of focusing on the audience and then creating the content, refining it, redrafting, and then looking for all those spelling and grammar mistakes.

VM: I love that. And Ian just mentioned, he has so many different skill sets that you can potentially ask him about anything and you get a perfect expert answer. So I love this. But going into the topic of discussion that we’re here to talk about financial risks and compliance, something that is an important topic within the iGaming spaceand that we need to speak about. So our first question for you, Ian, would be, you recently led a workshop for the Council of Europe in Armenia on the financial risks of iGaming. So could you share some insights that were really or could be relevant to Canadian iGaming operators today?

IM: Sure. And as I work in many different countries and jurisdictions, there’s a lot of commonalities, whether it’s in Armenia or whether it’s in Ukraine or whether it’s in US or even here at home in Canada. There’s a lot of consistent risks. And this is really, we’ll talk later about collaboration and communication. I mean, this is really where, although we are a global industry, we all have the same risks. Thinking about how the Armenian situation relates to Canada. One of the significant challenges with iGaming is the non-face-to-face nature. We don’t get to see who our clients are. We’re not a brick and mortar casino where we can pick up on those non-verbal, non-visual clues. We’re really going off data and what information is being provided to us. This is really becoming an issue in the realm of AI. We’ve seen this year, for example, ChatGPT can create synthetic passports, synthetic driver licence documents, which have been fooling many of the ID verification systems that we use. It probably hasn’t gone unnoticed that the world is a much more volatile place than it was a number of years ago. So one of the significant risks in iGaming is sanctions risk. Who are the customers we’re dealing with? Do we have any sanctions exposure? I remember working in an industry here in Canada, I remember when the war in Ukraine startedand overnight there was 500 new individuals on the sanctions list. Our colleagues in Armenia, very much the same thing. Indeed, a few months earlier, I was doing Council of Europe training in Ukraine and seeing the challenges they faced, money laundering, terrorist financing, all while dealing with this non-face-to-face interaction.

VM: No, that’s an interesting one. You provided some great examples there of certain financial risks that are involved with in iGaming. Can you perhaps share what other what are the specific vulnerabilities you see within the Canadian space currentlyand how operators can address them?

IM: Yeah. So in Ontario, we are a very innovative market. We are a very young market as well. We’re growing each year. We’ve just seen the iGamingOntario results recently. The revenue, gameplay, is increasing, but we are a relatively young jurisdiction. We still have a pretty active unregulated market. So the interplay between the unregulated sector and the regulated sector, the movement of funds between them, the wide competition that we have. And one of the real challenges iGaming operators have is that in the face of competition, one of the areas that often gets reduced or gets minimised or gets listed as a cost-saving is compliance. And that can be a real challenge, not just from a regulatory compliance, from your licensing or your audits from the AGCO, but knowing your customers and knowing the risks you actually face. And we haven’t even talked about fraud yet.

VM: Sure. And as you mentioned that the face-to-face doesn’t exist anymore within this new the iGaming space. So stuff like KYC and sanctions, screenings are becoming really important. Now, you mentioned compliance, but how can iGaming operators in Canada and in the market, like Ontario, ensure that they are meeting and exceeding compliance standards?

IM: So this idea of meeting and exceeding, I’m a big advocate of exceeding where it’s appropriate. And by exceeding, that doesn’t mean that we have to spend outrageous amounts of dollars. We don’t have to invest in complex or convoluted processes. It’s working smarter, not harder. And you mentioned KYC,we talked about sanctions lists. I’m a big advocate of having compliance staff who have a good understanding of what’s going on in the world, having a good worldview. This can help us to understand our customers, understand some of the geographic risks, some of the cultural factors that they may bring, and combining this with open source research. So whilst we have KYC, whilst we have documentation elements that have been supplied by the patron, well, doing our own research, having our open source research skills, being able to verify or disprove what’s being told can be really effective. So this year, I’m on a big push as we are here at the ACGCS to really push the idea of open source research as a, not an optional skill, but as a requirement for any compliance officer in Ontario and indeed worldwide.

VM: Yeah. And you mentioned something there about if you’re combating financial crime or financial risks within this specific industry, it has to do with collaboration between a lot of people, whether it’s operators, whether it’s regulators or other stakeholders.  So how can iGaming operators build a strong network to share intelligence and best practises or their tools, what resources they could do?

IM: It’s a simple answer, although it’s a commercially difficul tone, but it’s a simple answer. Conversation. Building relationships. One of the biggest obstacles I’ve been studying, I’ve been teaching in the world of collaboration and partnership working for too many decades now. But one of the biggest hurdles is not being willing to share your own experiences, your own information. We often find that in iGaming, and indeed in the casino industry, more broadly, financial in the financial sector as well, we often think about commercially sensitive information. We can’t talk about a risk or a vulnerability that we’re facing because if we talk about it, it exists. And then our competitors hear about this, that gives them an advantage. Where in reality, each operator is probably experiencing the exact same risk, the exact same challenge. And the operators will have tried certain processes, certain practises to combat that. Some may have worked, some may not. But imagine how much more effective it is if we were able to share what works, what doesn’t work in a collaborative space. Because one of the biggest risks that we have in a multi-operator environment like Ontario or any jurisdiction is that we simply move the problem or the problem patron from one operator to the other. We as an operator identify that we have a problem with a patron or a customer, so we need to market them. They go next door or the virtual next door to the next operator with a complete clean slate. So having communication work, having those relationships, and that’s something I don’t think we have yet in Ontario. We don’t have that forum where operators can come, where compliance staff even can come together and perhaps in a chat and house-type forum,  be able to share their challenges, their issues in a non-commercially challenging way. Just recently, in the ACGCS, for example, we had a series of webinars where we invited the AGCO, the OPP, and operators together, and we talked about how collaboration is not just between It’s between operators, but it’s between everyone in the ecosystem. An operator has certain information. The law enforcement has other information. The regulator has other information. Imagine if we all got around the table and each brought our pieces of the puzzle together. It’s a conversation. For sure.

VM: Do you expect that approach to soften and people would be a little bit more open to sharing these things? What would be your best approach in getting that conversation started?

IM: Well, here in Canada, I think it’s coffee and donuts. That’s always an effective conversation starter. But I think with some of the recent FINTRAC changes, finally, after a long time, and whether it’s because FATEF are coming this year, I’m not too sure. I have my own opinion on that. But having the mechanisms to engage in public-private partnerships. In countries like the UK and in other European jurisdictions, sharing of private information between private operators and government bodies is much easier than it is here in Canada. We have very stringent privacy regulation. We have the charter, of course. If we look at those two things, there’s nothing that says we can’t share private information It’s just, how do we do it? And there’s a reluctance, I think, by legal and compliance to be the first operator out of the gate to do this. We’ve seen great successes, I think, in the financial sector with banks and other financial institutions collaborating, sharing thematic information, sharing risks, where, again, going above and beyond what was what was required by the legislation, but doing the right thing and strengthening the sector as a whole.

VM: For sure. And then can you explain what open source intelligence is and how can Canadian operators leverage this tool more effectively into their compliance and risk management strategies?

IM: For sure. So we live a lot of our life online, don’t we? We all have social media accounts, we all have Reddit accounts, we all have some digital footprint out there. Now, it’s very basic. An open source intelligence search could be putting the patron’s name into Google and seeing what comes back. And you’d be surprised. You take your patron’s name and you add the word crime into your Google search. And maybe you come back with a press release from a police service saying that your patron’s been charged with money laundering or a predicate offence. Perhaps you come across a social media account that shows a certain lifestyle. Does that match up with the KYC information that’s being provided? Perhaps you search the name and they come up on a government sanctions list. That’s interesting, I would say. When we talk about open source intelligence, open source research, it’s really anything that’s out there that’s publicly available. And there are hundreds and thousands of different websites and digital spaces where we live. Now, it’s up to the compliance officer to make that assessment, which platforms do we need to search? What search terms do we need to use? What makes sense? Again, going back to judgement, essentially. We’re looking for information that is in the public domain, which goes above and beyond what the client or the patron has provided to us. Because sometimes patrons don’t tell us the whole truth. Most of them may, but some don’t.

VM: So basically it tells the whole story about who might be signing up for a specific account, and it’s based on tools that are… Or based on data or information that’s already out there.

IM: Yeah. It’s basically adding more context to what we know about the individual. What type of lifestyle does our individual have? Do we have adverse media, for example? Adverse media is the term we use when we find results that are negative. If, for example, our patron’s name appears in a police report or in a press release, or perhaps there’s a Reddit thread – I’ve seen this before, where a particular patron was being discussed at length for being involved in mortgage fraud. Well, once we start seeing large sums of money coming into the iGaming operator from someone that has these public allegations, that might make us want to rethink our risk assessment.

VM: That’s fascinating. And Ian, my last question for you would be that as the iGaming industry changes within Canada with more provinces opening up, as even Ontario leading the charge, what do you see as some of the biggest challenges and even opportunities for Canadian operators in the next year or so when it comes to tackling financial risks or for setting good compliance standards?

IM: I think if we had this conversation a couple of weeks ago or maybe even 100 days ago now, my answer would be very different. If we think about Ontario, Whilst it is the most populous gaming province, we have a lot of operators, a lot of competition. So every dollar counts. Compliance is not always cheap. So over the next 12–24 months, as we look forward into potentially trade wars and challenges, both from an operator and a patron perspective, we’re going to have operators who potentially may feel the effects of lower revenue as a result of discretionary spending being cut back. What can be cut from compliance, for example? Often not too much because we have a lot of mandatory requirements, but also from a patron side. We’ve always had risky patrons, risky customers. Customers who come to our platforms wanting to engage in fraud or money laundering or other types of financial crimes. Well, we know that when there’s times of economic hardship, when there’s recession, when there’sjob losses, when there’s financial pressures, well, the iGaming space provides a number of opportunities for individuals to exploit the system. So what I mean by that is that over the next two years, as we enter this unknown with our neighbours south of the border, and the consequences of that, we’re going to have to have robust compliance systems our iGaming operators. We’re going to have to know our customers very well, but also monitor for changes. Because if we just think about the last 100 days of what’s been going on in the US, we see changing environments day by day. Over the next year or two years, those uncertainties will also impact our customers. So let’s say, for example, this week, we know that our customer is employed, they have a certain income, they have a certain recreational gaming behaviour. Maybe next week or next month, they lose their job, and the job market tightens. And things become financially difficult. We see their gaming behaviour move from entertainment to focusing on trying to fill that gap that they had with wages. So monitoring not just for abusive, but also responsible gaming and player protection as well, because we’re going to be entering a very pressurised, a very uncertain a certain environment. And the idea of easy money, of quick wins, fast cash, while the iGaming space and our land-based colleagues, there’s still that undercurrent that might appeal to certain individuals.

VM: For sure. And that’s such a fascinating way that you described that. That’s amazing. Ian I want to thank you so much for joining us today and providing your expertise on this topic, combating financial risk. There’s so many factors, even like the one that you just mentioned about the uncertainty of current times, whether it comes to politics or anything else. And I’m really appreciative that you shared your expertise and provide some great insights on this specific topic. For the listeners, if you want some photograph or some any other tips, Ian is your man to message on LinkedIn or wherever you can find him. But thank you so much, Ian. Thank you, Ian, for joining us today.

IM: Thanks for your time. I appreciate it.

VM: In a growing iGaming market, strategies such as KYC, sanction screenings, and open source intelligence not only help in reducing risks, but also in ensuring compliance. I want to thank our guest for today, Ian Messenger, the CEO of the Association of Certified Gaming Compliance Specialists for joining us today and providing his expertise. If you have any questions for us or Ian, then please do comment them down below. Please don’t forget to like and share this episode and also subscribe to our YouTube channel. For the episode transcript and more content, please visit our website: paramontcommerce.com. Thank you so much for tuning into the iGaming show presented by Paramount Commerce. I’m your host, Varad Mehta, and until next time, keep gaming.