Every regulated betting market requires anti-money laundering controls. But the practical challenge for operators is where and how to apply betting aml source of funds checks without destroying your onboarding conversion rate. Enhanced due diligence (EDD) is a blunt tool if applied without precision. Applied correctly, it protects your license and your players while keeping your registration funnel productive.
This article covers when to trigger EDD, what documentation to request, and how to build an onboarding flow that balances risk controls against commercial reality.
What Your AML Onboarding Must Cover
- Customer identification and verification at registration (CDD)
- Ongoing transaction monitoring with defined thresholds
- Enhanced due diligence triggers based on risk indicators, not arbitrary amounts
- Source of funds verification for players exceeding defined deposit or loss thresholds
- Suspicious activity reporting to the relevant financial intelligence unit
Tiered Verification: Getting the Sequence Right
Basic CDD at Registration
At registration, your system must verify the player’s identity, age, and address. Automated KYC tools handle most of this through document scanning, database checks, and biometric matching.
Keep registration CDD lightweight. Request only what you need to open the account and process a first deposit. Name, date of birth, address, and government-issued ID cover the regulatory minimum in most jurisdictions.
When to Trigger Enhanced Due Diligence
EDD should trigger at defined risk thresholds, not at registration. The specific thresholds depend on your jurisdiction and your risk appetite:
- Deposit volume: Cumulative deposits exceeding a defined amount (often £2,000-£5,000 in the UK) within a rolling period
- Loss velocity: Net losses exceeding defined thresholds within short timeframes
- Behavioral indicators: Rapid deposit-withdrawal cycles, multiple payment method changes, or deposits from high-risk jurisdictions
- PEP or sanctions matches: Any positive match against politically exposed persons or sanctions lists
The worst AML programs are the ones that ask every player for source of funds at registration. That approach kills conversion without improving detection. Target your EDD at the players and transactions where risk indicators are present.
Source of Funds Documentation
When EDD triggers, request documentation appropriate to the risk level:
- Employment income: Recent payslips, employment contract, or bank statements showing regular salary deposits
- Business income: Company registration, recent accounts, or tax returns
- Savings or investments: Bank or investment account statements showing the funds
- Inheritance or gifts: Probate documents, solicitor letters, or gift declarations
Accept digital submissions. Photo uploads and PDF documents reduce friction compared to in-person or postal verification. Set clear response deadlines and escalate to account restrictions only after the deadline passes without documentation.
Building an EDD Flow That Works
Automated Threshold Monitoring
Your AML system must track cumulative deposits, losses, and behavioral signals in real time. When a threshold is crossed, the system should automatically trigger the EDD workflow without manual intervention.
Define separate thresholds for different player segments. A VIP program with higher deposit limits requires higher EDD thresholds than a standard retail segment. One-size-fits-all thresholds produce noise that overwhelms your compliance team.
Player Communication
When you request source of funds documentation, explain why clearly and briefly. Players who understand the regulatory requirement are more likely to comply. Players who receive an unexplained demand for financial documents are more likely to abandon their account.
Use templates: “To comply with financial regulations, we need to verify the source of your deposits. Please upload one of the following documents within 14 days.”
Escalation and Resolution
- Day 0: EDD threshold triggered. Request documentation via email and in-app notification.
- Day 7: Reminder sent. Account remains active but new deposits are paused if documentation is not received.
- Day 14: Deadline reached. Account restricted until documentation is reviewed and approved.
- Day 30: If no response, escalate to compliance for SAR consideration and potential account closure.
Transaction Monitoring Beyond Onboarding
AML compliance does not end at registration. Your ongoing monitoring must flag:
- Structured deposits: Multiple deposits below reporting thresholds in short succession
- Rapid withdrawal patterns: Depositing and withdrawing without significant play activity
- Third-party payment methods: Deposits from accounts not in the player’s name
- Geographic anomalies: Login locations inconsistent with the player’s registered address
Automate the detection. Reserve human review for flagged cases that require judgment. Your compliance team should spend time on complex cases, not on reviewing transactions that automated rules already cleared.
Balancing Risk Controls and Conversion
The operators with the best AML programs are not the ones with the strictest controls. They are the ones with the most precisely targeted controls. Apply light verification at registration, automated monitoring throughout the player lifecycle, and enhanced due diligence only when risk indicators are present. This approach satisfies regulators, protects your players, and preserves your conversion rate.
