Lotto8 maintains an AML/CTF program to prevent the use of its services for money laundering, terrorist financing, or proliferation financing. This policy applies to all employees, contractors, and any third parties involved in onboarding players, processing payments, or delivering gaming services on behalf of Lotto8.
The Board of Directors holds ultimate responsibility for compliance with AML/CTF obligations. Lotto8 appoints a dedicated Money Laundering Reporting Officer (MLRO) who oversees day‑to‑day implementation, monitoring, and escalation of AML/CTF matters. The MLRO operates with independence and the necessary resources to fulfill duties, including reporting to senior management and regulatory bodies as required.
Lotto8 operates on a risk‑based framework comprising a Business Risk Assessment (BRA) and a Customer Risk Assessment (CRA). The BRA identifies money laundering and terrorist financing risks across products, channels, geographies, and customer types, and informs the control environment. The CRA assigns a risk rating to each player at onboarding and during the relationship, guiding the applicable level of due diligence and ongoing monitoring.
The Customer Acceptance Policy defines criteria and procedures for initiating and maintaining player relationships. Acceptance occurs only when the assessed ML/TF/PF risk is understood and mitigated through appropriate due diligence measures.
All players are screened against applicable sanctions lists and PEP databases. If a player is identified as a PEP or is subject to sanctions, senior management approval, source of funds verification, and enhanced ongoing monitoring are required before establishing or continuing the relationship.
Lotto8 may decline or terminate a player relationship if: the required CDD cannot be completed within the defined timeframe; documents are fraudulent or unverifiable; there is a confirmed or suspected link to ML/TF or sanctioned entities; or there are unresolved concerns about the integrity of the customer.
CDD is conducted to verify identity, understand the purpose and expected nature of the relationship, and monitor activity. Triggers for CDD include transactions equal to or above a defined monetary threshold or suspicious activity indicators, and ongoing monitoring is aligned to the customer’s risk rating.
EDD is applied in higher‑risk scenarios, including PEP involvement, high‑risk jurisdictions, or complex/large‑volume activity. EDD measures include additional identity verification, source of funds/wealth verification, and intensified ongoing monitoring with senior management oversight.
Lotto8 conducts ongoing monitoring of player accounts and transactions. The depth and frequency of monitoring are proportionate to the customer risk rating and informed by changes in behavior, geography, or product usage. KYC information is kept up to date through periodic reviews.
Lotto8 retains records of identification documents, verification data, transactions, communications, investigations, AML/CTF training, and regulatory reporting for a minimum of five (5) years after the end of the business relationship or the last transaction, or longer if required by law. Records are stored securely and made available to competent authorities upon legitimate request.
Any employee who suspects ML/TF must promptly report to the MLRO. The MLRO will investigate and, if warranted, file a Suspicious Activity Report with the appropriate financial intelligence unit. No one may disclose the existence of an investigation to the customer.
Lotto8 provides regular AML/CTF training covering applicable laws, internal procedures, risk indicators, and reporting processes to ensure staff competence in identifying and escalating suspicious activity.
This policy is reviewed at least annually and whenever regulatory changes occur. Material revisions require approval by the MLRO and senior management, with effective implementation overseen by the Compliance function.
