For payment providers, iGaming is one of the riskiest segments: high turnover, cross‑border transactions, chargebacks, fraud, crypto, and regulatory pressure. Therefore, for a PSP (payment service provider) working with online casinos and betting, AML compliance is not just a "checkbox on paper," it's a condition for accessing banks, correspondent accounts, and licenses. Well‑structured AML processes reduce the risk of blocks, fines, and the shutdown of entire payment chains.

The Importance of AML Compliance for a PSP

For a PSP, AML compliance addresses several key objectives:

  • Protecting regulatory status. Without a functioning AML framework, a provider risks losing its license (EMI/PI/bank) or facing restrictions on operating with high‑risk segments.
  • Access to banking infrastructure. Partner banks and correspondent banks require PSPs to demonstrate that money laundering and sanctions risks are under control.
  • Managing client risk. iGaming merchants carry elevated AML, fraud, and reputational risks, and the PSP must be able to assess and mitigate those risks.
  • Reducing the likelihood of large fines and investigations by supervisory authorities.
Without reliable AML compliance, PSPs simply cannot work with iGaming projects on a sustainable basis.

Key AML Obligations of a PSP

AML Policy & Procedures

Any PSP working with online casinos, betting, and affiliates must have:

  • a formal AML policy approved by the board of directors;
  • internal CDD/EDD procedures (customer due diligence / enhanced due diligence);
  • a documented risk‑based approach (RBA) by client segments, products, and countries;
  • regulations for customer identification and verification (KYB/KYC), record‑keeping, and case escalation;
  • an appointed MLRO (Money Laundering Reporting Officer) and compliance team;
  • a plan for regular staff training.
A policy is not just a document for the regulator, it is a real working tool: who does what, what data is collected, which triggers activate additional checks, and in which cases a report is sent to the regulator.

Transaction Monitoring

A PSP is required to monitor payments in a manner that allows it to:

  • Identify atypical and suspicious patterns (sudden volume spikes, circular transactions, multiple cards/wallets, anomalous GEOs);
  • Take into account the risk profile of the merchant and segment (betting, casino, lotteries, offshore licenses);
  • Apply rules (rule‑based) and/or risk scoring (score‑based) to transactions;
  • Record and document decisions regarding the blocking or approval of disputed transactions.
It is important that monitoring is based not only on amounts but also on behavior: repetitions, deposit-to-withdrawal speed, unusual payment routes, and the use of high-risk payment methods.

SAR: Suspicious Activity Report

SAR (Suspicious Activity Report) / STR (Suspicious Transaction Report) is a report on suspicious activity or a transaction that a PSP is required to file with the competent authority if:

  • there is suspicion that a payment is linked to money laundering, fraud, corruption, or sanctions;
  • the client (merchant or end user) refuses to provide documents necessary for AML/KYC;
  • transactions do not match the client's profile or their declared business model.

The PSP must:

  • Have a clear decision‑making process: from a system trigger to the final decision by the MLRO;
  • Retain logs of all cases reviewed, even if no SAR was ultimately filed;
  • Ensure the confidentiality of SARs and protect employees from liability for good‑faith reporting.

KYB: Business Verification of the Client (Operator)

In iGaming, a PSP works not only with the end player but also with the merchant: an online casino, betting brand, platform, or affiliate network. For these, KYB (Know Your Business) applies:

  • legal documents (registration, articles of association, licenses, permits);
  • ownership structure and beneficiaries (UBO), including offshore structures;
  • verification of the iGaming license (jurisdiction, validity period, permitted products and GEOs);
  • analysis of the business model (how the operator makes money, where traffic comes from, whether affiliates are used);
  • checks against sanctions, PEP connections, and negative media.

If KYB reveals high risk (offshore license, aggressive geography, poor reputation, non-transparent beneficiaries), the PSP will either reject the merchant or tighten the conditions (limits, additional checks, custom pricing, extra guarantees).

PEP & Sanctions Screening

For a PSP, it is critical not to process payments in favor of individuals or entities that are:

  • subject to international sanctions (OFAC, EU, UN, etc.);
  • classified as PEPs (politicians, officials, their relatives and close associates) without enhanced controls;
  • mentioned in negative media in the context of fraud, corruption, or criminal activity.

Therefore, providers apply:

  • screening at the merchant onboarding stage (operator, affiliate network);
  • regular re‑screening during the service period (lists and statuses change);
  • screening of specific transactions (by amount, GEO, type of counterparty).

If a sanctions risk is identified, the PSP is required to block the client's transactions and act in accordance with local law (reporting, freezing of funds, etc.).

AML Compliance Checklist for PSPs in iGaming
  1. An approved AML policy is in place, covering the specifics of iGaming and high‑risk segments.
  2. An MLRO and a compliance team with clear authority are appointed.
  3. A risk‑based approach (RBA) is documented and implemented for clients, countries, products, and payment methods.
  4. KYB processes are operational for all iGaming merchants, including license and UBO verification.
  5. KYC processes for end payers are implemented where required by the operating model and law.
  6. Transaction monitoring is configured: rules, scoring, alerts, escalation.
  7. PEP, sanctions, and adverse media screening is in place at onboarding and for ongoing re‑screening.
  8. SAR/STR procedures are documented and applied: who decides, when, and how.
  9. Full record‑keeping is maintained: client logs, transactions, decisions, reports, and training records.
  10. Regular internal (and, if necessary, external) AML audits are conducted, with gaps documented and a plan to address them.

Violation Consequences: Case Studies & Fines

Consequences of AML violations for PSPs working with iGaming:

  • Large fines from financial regulators: for weak monitoring, lack of proper KYB/KYC, ignoring suspicious transactions, or late SAR filings;
  • Restrictions or revocation of licenses (EMI/PI/banking), which can effectively kill a provider's business;
  • Termination of relationships with correspondent banks and key partner banks, blocking of settlement accounts and cards;
  • Reputational damage: the PSP appears in public regulator reports and media investigations, causing serious operators and investors to leave;
  • Personal liability of management and the MLRO in some jurisdictions (including possible criminal cases in cases of gross violations).
Therefore, for a PSP, working with iGaming without a strong AML foundation is a direct path to regulatory problems.

Also read the article: AML, KYC & Compliance in iGaming Payments

You may also find these useful:

  • Which Jurisdictions Are the Most Difficult for Payment Operations
  • Why PSPs Reject iGaming Projects Even with a License