1. Company Business Model
Medium Rare N.V.
(“Stake” or the “Company”) is a company incorporated under Curaçao
Law that was established in 2017 and operates the online casino
www.en-en-stake.us under the licence n.º 8048/JAZ2021-027. Stake
presently supports users in more than 169 countries globally.
As part of its global operations, Stake has established
compliance measures commensurate with its services and products
that are reasonably designed to deter and detect illicit activity
on its platform. Such measures include onboarding and compliance
screenings of its customers and transaction action-based
controls.
2. Company Policy Statement
Stake is
not a financial institution within the meaning of applicable law
of Curaçao and is accordingly not directly subject to the statutes
and regulations applicable to certain financial institutions,
money transfer, or virtual asset service providers. However, in
accordance with the 2016 Regulations for Anti-Money Laundering and
Combating the Financing of Terrorism (“AML/CFT”) applicable for
the Curaçao jurisdiction as provided by the Curaçao Gaming Control
Board, Stake expressly prohibits and rejects the use of Stake
products for any form of illicit activity, including money
laundering, terrorist financing or trade sanctions violations,
consistent with various national anti-money laundering (“AML”)
laws, regulations and norms. Stake continues to monitor norm
setting parameters promulgated by the Financial Action Task Force
(“FATF”) and certain gaming trade groups in addition to the
Curaçao Gaming Control Board and will take necessary action as it
deems appropriate to reflect changes in law.
Stake’s intention is to follow global best practices in
guarding against Stake products being used to facilitate such
activities. Those best practices include:
Adoption of a written policy, and procedures and controls,
reasonably designed to guard against money laundering, terrorist
financing and trade sanctions violations;
Where appropriate, designation of a compliance officer to
oversee the implementation of the policy, procedures and controls;
Provision of related education and training to relevant
personnel; and
Independent reviews, monitoring and
maintenance of the policy, procedures and controls.
3. Definitions
The following defined
terms are widely used in the industry:
Money Laundering: The
process of making illegally-gained proceeds appear legal. This
process is generally broken down into three steps: placement,
layering and integration.
Placement: The process of placing
unlawful proceeds into traditional financial institutions, through
deposits or other avenues.
Layering: The process of separating proceeds of criminal
activity from their origin through the use of layers of complex
financial transactions, such as converting cash into traveler’s
checks, money orders, wire transfers, letters of credit, stocks,
bonds or purchasing assets.
Integration: Using apparently legitimate transactions to
disguise the illicit proceeds, allowing the laundered funds to be
distributed back to the criminal; integrating the now clean money
back into normal use.
Suspicious Activity: Activity conducted by a user or
non-user using the institution where there are indications that
the persons engaging in the transaction may be doing so for
fraudulent or illegal purposes.
Sanctions: Sanctions are activities conducted by the
international community to prohibit or constrain activities of
the target of the sanctions.For example, they are used:
To encourage a change in behaviour
for a target country or regime;
To apply pressure on a
target country to comply with set objectives;
As an
enforcement tool when international peace and security has been
threatened and diplomatic efforts have failed; or
To prevent
and suppress the financing of terrorists or terrorist acts.
4. Governance and Oversight
Stake has
appointed a Chief Compliance Officer (“CCO”) that is responsible
for coordinating the implementation of the AML Policy and policy
program. The Chief Compliance Officer’s duties also include
developing AML initiatives, work with other stakeholders to
revising the AML policy, assessing new regulatory requirements and
investigate potentially suspicious or unusual activity. Stake also
provides AML training to all of its employees on a regular
basis.
5. Know Your Customer and Transaction Monitoring
Stake will apply appropriate user due diligence and ongoing
monitoring measures required by law. Stake will endeavour to
prevent users from engaging in illicit or otherwise unauthorised
activity. Stake uses a combination of its software development and
other service agreements, which are enforced through internal
operational features to ensure that it complies with the
applicable law.
Know Your Customer
A. Customer Due
Diligence.
Stake has adopted a risk based CDD to enable
Stake to understand the nature and purpose of the user
relationship to the Stake platform in order to develop a customer
risk profile. In order to do so, Stake collects certain
documentary and non-documentary information at account-opening
commensurate with the nature of the type account and services that
Stake offers. Stake maintains different CDD for different accounts
and services.
For instance, the CDD requires users go through Stake’s
customer identification program (“CIP”). The CIP consists of
procedures for:
Collecting baseline (e.g., wallet address, email address)
information at account creation through Stake’s user onboarding
portal;
Monitoring the risk profile associated with the
underlying cryptocurrency wallet used to fund the user’s account;
Maintaining records of the information used to identify the
user; and
Determining if a user appears on any list of known
or suspected terrorists or terrorist organisations provided to the
financial institutions based on the above information.
The above steps are operationalised using the following
measures:
Identity and Age Verification. A third-party service provider
will support’s Stake’s ability to determine the legitimacy of the
identification information other KYC materials or information
provided and will confirm that the user is permissible. The
service provider also will confirm that the user does not appear
to be located in a comprehensively-sanctioned or otherwise
prohibited jurisdiction and will search global sanctions lists to
confirm that the user does not appear thereon using onboarding
information such as wallet addresses.
Customer Information. Stake will collect details on each
user to form a reasonable belief that Stake knows the identity of
its users commensurate with the user’s risk profile. For instance,
Stake may collect such details as the wallet address, name,
address, country, date of birth, or postal code (collectively,
“KYC Information”). Stake will collect any of the above KYC
Information prior to issuing a Stake funding address (e.g., QR
code) to users. Stake does not presently allow users who are
non-natural persons.Stake may, at its own description rely on the
performance by another institution of some or all of the elements
of our CIP.
Geo-blocking for Prohibited Jurisdictions. Stake
will require contractual client certifications that, through IP
address-based geo-blocking, no gaming services will be offered in
countries where such activity is not permitted.
Geo-blocking
for Sanctioned Jurisdictions. Stake also will require contractual
client certifications that such users are not subject to United
States, European Union, or other global sanctions or watch lists,
including individuals or entities associated with the United
States’ comprehensively sanctioned jurisdictions, Iran, Cuba,
North Korea, Syria and the Crimean region of Ukraine. Stake will
rely on various risk-based measures to verify these
representations including as in the below-described know-your-user
(“KYC”) measures and through IP address-based geo-blocking.
Contractual Prohibitions on Users Onboarding from Prohibited
Jurisdictions. Users are notified at onboarding that Stake does
not offer services in restricted jurisdictions. Stake’s policy on
restricting user activity stems from a combination of its risk,
fraud prevention, and AML standards, as well as any assessments
associated with the permissibility of its services in certain
jurisdictions.
B. Enhanced Due Diligence and Ongoing Monitoring
Stake performs ongoing monitoring on its users in order to detect
any behaviours or indicators that might raise suspicions in regard
to money laundering and terrorism financing practices. For that
purpose, Stake has implemented a set of red flag indicators that
help it determine such behaviours and require further action from
Stake in assessing the customer information.
Whenever one of those red flags is triggered, the user
account will be suspended and Stake will pursue enhanced due
diligence. Enhanced KYC diligence under this policy is deemed to
include, but not limit to, the provision of:
Full legal
name;
Country of citizenship;
Permanent Address
(which, for an individual, must be a residential or business
street address, and for an entity, must be a principal place of
business, local office or other physical location);
Identification number (either a taxpayer identification
number, or, if unavailable, a passport number and country of
issuance, alien identification card number or number and country
of issuance of another government-issued document evidencing
nationality or residence and bearing a photograph or similar
safeguard);
Identification Document; and
Source of
Funds and Source of Wealth.
Stake may use third party service provider to verify any of
the above information as determined to establish a reasonable
basis to know the true identity of the user where the user’s
activity warrants such action.
C. Acceptance Policy
Stake will not
accept a and will block the users that:
Do not provide the
identification information requested by Stake;
Provide fake
identification documents;
Try to use different means to
deceive about their location;
Are from restricted or
prohibited jurisdictions; or
Are subjected to United States,
European Union, or other global sanctions or watch lists;
Are gambling addicted or have mental health issues;
Its source of funds are originated or exchanges in
restricted jurisdictions;
Stake reserves the right to block
and suspend player for any other reasons at its own description
Transactions Monitoring
Stake is firmly committed to
complying with economic and trade sanctions programs imposed by
jurisdictions in which the firm conducts business. For that
purpose Stake established a transaction monitoring program with
controls and processes to identify and detect any unusual activity
in real time and in its ongoing monitoring.
Stake will conduct ongoing monitoring on a regular basis
using rule-based systems developed in-house and others from
third-party vendors to review user history and patterns of
activity to detect and report any unusual activity as required and
to develop and implement any additional controls or limits in its
platform.
Stake implemented procedures addressing the following two
key components of unusual or suspicious activity management:
identification
of unusual activity through methods of identification may include
employee and customer identification, law enforcement inquiries,
other referrals, or transaction and surveillance monitoring system
reports; and
alert management that focuses on processes used
to investigate, evaluate and document identified unusual or
potentially suspicious activity.
Stake will use the following processes to achieve both
goals:
Transaction Monitoring for Sanctioned or Prohibited
Jurisdictions. Stake may in its reasonable discretion impose
certain due diligence requests at user balance withdrawal. Stake
presently conducts a mixture of manual and automated transaction
monitoring processes to identify “red flag” behaviour. Where such
red flag behaviour is identified, Stake may refuse to process any
withdrawal attempts or collect additional information from the
recipient. Stake will further endeavour to limit any attempted
user account funding from prohibited jurisdictions (which are
identified in the Stake user facing disclosures and updated from
time to time internally) where the associated wallet address
indicates that the user or the user’s funds are located in such a
prohibited jurisdiction. For instance, Stake may prohibit a user
from funding their Stake account using a known U.S. based exchange
wallet as such assets indicate that the user is a U.S. person.
Users will have the ability to rebut any suspension with
additional information as part of Stake’s ongoing transaction
monitoring and user due diligence standards.
Screening for Sanctioned Parties. Prior to issuing a Stake
funding address to a user, Stake will screen a user’s wallet
address against applicable sanctions databases. Such screening
measures will rely on third party blockchain forensics vendors
such as Chainalysis. Stake will periodically re-screen wallet
addresses against such databases.
Identification of Unusual Activity. Stake will monitor
account activity for unusual size, volume, pattern or type of
transactions, taking into account risk factors and red flags that
are appropriate to its business. Monitoring will be conducted
running regular reports of unusual, high risk, or suspicious user
activity.
Anti-Mixing Measures.Stake will utilise software designed to
detect other suspicious deposit or withdrawal patterns. Such
instances will be dealt with on a case-by-case basis, depending on
the perceived level of risk. In such instances, a user may be
required to explain their methodology and purpose for using the
platform.
Chainalysis Review. Every single crypto deposit or
withdrawal both indirect and direct will run through Chainalysis
and reviewed for signs of fraud or suspicious behaviour. A user’s
account will be suspended and reviewed upon alert of potential
illicit behaviour. Sufficient proof of wealth may be requested
from high-risk accounts. Stake may refuse to withdraw to certain
“high-risk” addresses as determined in consultation with
Chainalysis risk scoring.
Withdrawal Threshold KYC. Additionally, and independently,
every account, wherever or with whomever associated, will be
suspended until adequate KYC diligence occurs once that account
reaches a withdrawal threshold dependent on the accounts risk
characterisation over the life of the account.
D. Other Ongoing Monitoring Controls
Additionally to the above mentioned controlling procedures, Stake
has also implemented the following procedures to complement its
know your customer and ongoing monitoring procedures:
Ban Evasion Detection. In addition, Stake will utilise
third-party service provider software designed to detect the use
by one user of multiple accounts. This software relies on
detection of links between the same devices used to access
multiple accounts. Such instances will be dealt with on a
case-by-case basis, depending on the perceived level of risk. In
such instances, a user may be required to explain their
methodology and purpose for using the platform. Stake accounts are
funded by users using local (non-custodial) or hosted (custodial)
wallets. In addition to a Chainalysis screening, Stake monitors
user activity within the Stake platform and any withdrawals must
meet Stake’s and its third-party service provider’s verification
processes. Stake further prohibits peer-to-peer account transfers
within the Stake platform infrastructure. Any attempts to
circumvent this restriction will be treated as a red flag.
Time Zone Monitoring. Stake has implemented time zone
controls that detects the users device information and crosses it
with restricted jurisdiction to understand if they are trying to
use geo location software to hide the jurisdictions where they are
connecting from.
Products and Services Review. Stake will establish
additional procedures to avoid facilitating user attempts to
exploit the Stake platform. Stake has a robust set of user-facing
terms that users attest to in order to utilise the Stake platform.
Stake will establish certain additional safeguards to mitigate
against the risk of such misuse. For instance, Stake may establish
policies or procedures for limiting which user assets can be
onboarded to the Stake platform. Stake lists the assets that are
available for use on the Stake platform. Stake does not allow the
use of anonymity enhancing technologies such as mixers, tumblers,
or certain coins and tokens. Where Stake becomes aware that an
anonymity enhancing technology is being used on the Stake
platform, Stake will disallow such use.
Vendor Management. Stake works with reputable third-party
service providers as part of its compliance infrastructure. Stake
will periodically assess the strength of its key third party
service providers to determine if additional services are needed,
the third-party service provider is not performing consistent with
its contractual obligations, or if other remedial action is
necessary for Stake to comply with this policy. Stake may request
information from any third-party service provider as part of its
vendor review process.
Compliance Innovation. In addition to vendor management,
Stake will continuously monitor any non documentary compliance
mechanisms to determine their viability for the Stake program.
Stake may run test or trial programs on a limited basis with such
compliance vendors to determine the effectiveness of such
programs. Blockchain native compliance tools include fraud
prevention services, on-chain KYC providers, and other tools
designed to reflect the technological features associated with
blockchain platforms.
bStake, with the assistance of its legal counsel and under
the oversight of its CCO, may provide employees AML,
anti-terrorist financing and trade sanctions compliance training
on a periodic basis, as deemed appropriate.
7. Reporting
Stake is obliged to
report any unusual or suspicious transactions, in accordance with
the National Ordinance. Customers that are identified as being on
a sanctions list, linked to money laundering or terrorism
financing or other criminal activities will be reported as
suspicious activity to the regulator.