Compliance Framework Overview
Licensed operators under the Anjouan Internet Gaming Licence framework are subject to comprehensive and ongoing compliance obligations. These requirements are designed to protect the interests of players, maintain the integrity of the gaming ecosystem, and align with international regulatory best practices in anti-money laundering (AML), counter-terrorist financing (CTF), responsible gaming, and data protection.
The Anjouan Offshore Financial Authority (AOFA), together with Anjouan Licensing Services Inc., supervises compliance through periodic reviews, reporting requirements, and enforcement mechanisms. Non-compliance may result in regulatory action including licence suspension or revocation.
Anti-Money Laundering & Counter-Terrorist Financing (AML/CTF)
All licensed operators are required to implement and maintain a comprehensive AML/CTF programme that addresses the specific risks associated with online gaming operations. Core requirements include:
- Risk Assessment: A documented enterprise-wide risk assessment identifying and evaluating money laundering and terrorist financing risks specific to the operator's business model, customer base, products, and geographic exposure. The assessment must be reviewed and updated at least annually.
- Know Your Customer (KYC): Identity verification procedures for all registered players, including government-issued ID verification, proof of address, and source of funds checks for higher-risk individuals. Enhanced due diligence (EDD) is required for politically exposed persons (PEPs) and players from high-risk jurisdictions.
- Transaction Monitoring: Automated systems for monitoring financial transactions in real time, detecting unusual patterns, and generating alerts for manual review. Monitoring thresholds should be calibrated to the operator's risk profile.
- Suspicious Activity Reporting: Procedures for filing suspicious activity reports (SARs) promptly upon the formation of suspicion, with tipping-off prohibitions and comprehensive record-keeping.
- Sanctions Screening: Screening of all customers against international sanctions lists (UN, EU, OFAC, UK) at onboarding and on an ongoing basis.
- Record Retention: All customer identification data, transaction records, and compliance documentation must be retained for a minimum of five years.
- MLRO Appointment: Designation of a qualified Money Laundering Reporting Officer (MLRO) with appropriate authority and resources.
Responsible Gaming
Operators are required to implement player protection measures that promote responsible gaming and mitigate the risks of problem gambling. These measures include:
- Self-Exclusion: Mechanisms for players to voluntarily exclude themselves from gaming services for defined periods (temporary and indefinite options), with effective technical enforcement and immediate marketing cessation
- Deposit, Loss, and Wagering Limits: Tools enabling players to set financial limits with immediate effect for reductions and cooling-off periods for increases
- Session Time Controls: Features allowing players to set session duration limits and periodic reality check notifications
- Age Verification: Mandatory identity and age verification before any real-money play, with zero tolerance for underage gambling
- Information and Support: A dedicated responsible gaming page with links to support organisations, self-assessment tools, and clear information about available account management features
- Staff Training: Regular responsible gaming training for all customer-facing personnel
Technical Standards
Licensed operators and B2B suppliers must maintain technical infrastructure that meets defined standards for security, fairness, and operational reliability:
- Platform Security: Industry-standard encryption (TLS/SSL), secure data storage, regular penetration testing, and intrusion detection systems
- Fair Play: Random Number Generator (RNG) certification by an independent testing laboratory for all applicable games. Game Return to Player (RTP) rates must be documented and verifiable.
- Data Protection: Compliance with applicable data protection standards, including secure processing, storage, and transfer of player personal data
- Business Continuity: Disaster recovery plans, regular data backups, and redundant infrastructure to ensure service continuity
- Change Management: Documented procedures for platform updates, game additions, and infrastructure changes
Reporting & Supervision
Licensed operators are subject to ongoing supervisory requirements, including:
- Periodic Reporting: Regular submission of operational reports including key performance indicators, player activity summaries, and financial statements
- Compliance Audits: Periodic compliance reviews conducted by or on behalf of Anjouan Licensing Services Inc. to assess adherence to licence conditions and regulatory requirements
- Incident Reporting: Prompt notification of material events including security breaches, significant complaints, regulatory actions by other jurisdictions, and changes to corporate structure or beneficial ownership
- Licence Condition Adherence: Ongoing compliance with all conditions attached to the licence, including territorial restrictions, permitted gaming activities, and operational requirements
Territorial Restrictions
The Anjouan Internet Gaming Licence does not extend to the provision of internet gaming services in the following territories:
- Australia, Austria, Comoros, France, Germany, Netherlands, Spain, United Kingdom, United States of America
- All FATF-blacklisted countries
- Countries subject to international financial sanctions
- Any other jurisdictions specifically excluded by the Anjouan Offshore Financial Authority
Players accessing gaming services from excluded territories do so at their own risk. Disputes originating from excluded territories will not be mediated by the Anjouan Gaming Board or AOFA.
Enforcement
The regulatory framework provides for defined enforcement mechanisms to address non-compliance:
- Warning and Remediation: Initial notification of compliance deficiencies with a defined remediation period
- Enhanced Supervision: Increased reporting requirements and closer monitoring for operators identified as higher-risk
- Financial Penalties: Monetary sanctions for regulatory breaches
- Licence Suspension: Temporary suspension of licence pending resolution of compliance issues
- Licence Revocation: Permanent revocation for serious or repeated breaches of licence conditions or applicable laws