Anti money laundering

INTRODUCTION


This Anti-Money Laundering Policy (hereinafter the "Policy") is aimed to govern the activities of WhiteBox B.V against money laundering, terrorist financing, or any other illegal or fraudulent activity. This Policy outlines the procedures, obligations, and standards applied by the Company in accordance with the applicable anti-money laundering and counter-terrorist financing legislation.

By accessing or using icecasino.com (hereinafter the "Website") all users (hereinafter the “Users”) acknowledge and accept the terms of this Policy, including any future amendments. The Company reserves the right to amend this Policy at any time in response to regulatory updates, internal risk assessments, or procedural enhancements. Users will be notified of any material changes, and continued use of the Website after such notification shall constitute acceptance of the updated terms. 


1. Implementation of this Policy

The Company maintains a structured Anti-Money Laundering and Counter-Terrorist Financing (AML/CFT) framework, which includes, but is not limited to, the following elements:

  • Customer Verification: The Company conducts identity verification procedures (Customer Due Diligence) on all Users as required by Curaçao AML regulations and internal risk thresholds.

  • Risk-Based Approach: Users are assessed using a risk-based methodology in line with the guidance of the Financial Action Task Force (FATF) and other regulatory standards. This includes evaluation based on geographical, behavioral, transactional, and customer-specific risk factors.

  • Ongoing Monitoring: All transactions conducted on the Website are subject to continuous monitoring. The Company applies internal rules to identify suspicious behavior and detect potential money laundering or terrorist financing indicators.

  • Employee Training: Staff involved in customer interaction, transaction processing, and compliance functions receive regular AML/CFT training. This ensures they are up to date with regulatory developments and internal procedures for detecting and reporting suspicious activity.

2. Risk Categories

The Company uses risk categories approach, established by FATF and GCB to determine whether or not each of Users present a risk of being involved in a money laundering scheme.

These risk categories are:

2.1 Country/Geographic risk

When a User registers an account on the Website, his or her place of residence/domicile (hereinafter the "Jurisdiction") must be considered as a matter of priority. At first, the Company checks whether the jurisdiction is on the European Commission's list of "high-risk third countries with strategic deficiencies" (see "sources"). Then, the Company checks whether or not the jurisdiction is presented in the list of "high-risk and other monitored jurisdictions", presented by FATF. Furthermore, the Company conducts its own monitoring of the jurisdictions based on the following parameters:

  •       Legal environment.

  •       Political environment.

  •       A country's economic structure.

  •       Cultural factors and the nature of civil society.

  •       Sources, location and concentration of criminal activity (if any).

2.2 User risk

The Company checks each User's activity on the Website on the absence or presence of one or more factors that may provide grounds to place this User in the "high-risk" category. These factors are:

a) enormous or high spenders (or extremely high spenders for this market);

b) suspicious activity of the User (suspicious activity, use of several devices to authorize on the Company in a short time-frame, use of one IP address by several Users, use of the User's device by other Website Users);

c) whether the user in question is a Politically Exposed Person (PEP) in the meaning of the European Union Directive 2015/849 and the Council;

d) presence on any international sanctions lists, including those maintained by the UN, EU, OFAC, or HMT;


2.3 Transaction risk

The Company makes every effort to eliminate any transaction risk(s) identified by FATF:

a) The Company does not accept transactions from anonymous payment instruments;

b) The Company does not allow funds to be transferred from one user's account to another user's account;

c) The Company does not accept cash from users;

d) The Company may accept only reputable electronic wallets from well-reputable jurisdictions;

e) The Company does not allow to have additional accounts and does not accept deposits from payment instruments that are not owned by the User.

2.4 Product Risk

The Company considers the types of products offered and the extent to which their features might be exploited for illicit activities, such as money laundering or financing terrorism. Products with the potential for large, rapid, or anonymous transactions, as well as those prone to manipulation, are identified as higher risk and are subject to enhanced controls.


3. Verification and Know Your Customer (KYC)

The Company adheres to the principles of Know Your Customer (KYC) and Customer Due Diligence (CDD) in accordance with the applicable AML/CFT laws, regulations and international standards.

All Users must undergo KYC verification, which involves the collection and verification of identity information and supporting documents to confirm their identity and the legitimacy of the source of funds.

3.1 Eligibility

To register and use the Website, a person must be at least eighteen (18) years of age. Verification measures are used to confirm a User’s age during the onboarding process.

If, during the verification process, any information or documents submitted are found to be false, forged, or misleading, the Company reserves the right to refuse registration or terminate the existing account.

3.2 Verification Requirements

The Company may initiate identity verification in the following situations:

a) When the User’s total transaction volume reaches or exceeds a regulatory or risk-based threshold;

b) When internal risk assessments identify the User as high-risk (as detailed in Section 2, “Risk Categories”);

c) When suspicious behavior is detected, such as inconsistencies in account activity, technical or behavioral red flags, or indicators of potential fraud;

d) In other cases where enhanced due diligence (EDD) is required under regulatory obligations, or at the discretion of the Company.

As part of the CDD process, the Company also collects information to determine the purpose and intended nature of the business relationship, including the User’s general source of funds, expected transaction behavior, and use of services.

3.3 Documentation

To complete verification, the User may be required to submit the following:

  • Valid government-issued ID (e.g., passport, national ID card);

  • Proof of payment method ownership, such as a photo of a bank card with permitted digits visible (name must not be masked);

  • Proof of address, not older than 3 months;

  • Selfie/liveness check, where applicable;

  • Supporting documents for source of funds or employment if requested;

  • Any other documents required for regulatory or risk-related purposes.

In certain cases, a video interview may be required to complete the identity verification process.

3.4 Enhanced Due Diligence (EDD)

Enhanced Due Diligence is conducted where a higher level of risk is identified. EDD is applied in the following situations:

  • The User is identified as a Politically Exposed Person (PEP), or a close associate/family member of a PEP;

  • The User is a resident of, or operates from, a jurisdiction listed by the FATF or the European Commission as high-risk or under increased monitoring;

  • Internal systems flag suspicious activity or transactions that appear inconsistent with the User’s profile.

Under EDD, the Company may require submission of additional information and documentation, including but not limited to:

  • Verified Source of Funds (SOF) documents (e.g. salary slips, contracts, bank statements, tax returns);

  • Where applicable, verified Source of Wealth (SOW) documentation for high-value activity;

  • Additional clarification on the purpose and expected use of the account and services;

  • Any other documents required to satisfy regulatory obligations or internal risk controls.

Additionally, the Company may suspend the User's account until the user passes a verification processes or provides the document(s) or information requested. If a User fails to provide adequate information or supporting documentation, the Company may restrict or terminate access.

4. Record Keeping period

In accordance with applicable AML/CFT legislation and regulatory guidance, the Company maintains a comprehensive record-keeping system to ensure accountability and traceability of customer activities.

The Company retains the following records in a secure and accessible format for a minimum period of five (5) years from the date of the last transaction or termination of the business relationship, whichever is later:

  • Identification and verification documents collected during the KYC and due diligence process;

  • Information and documents related to enhanced due diligence (EDD) and source of funds/wealth assessments;

  • Complete transaction records, including payment methods used, amounts deposited or withdrawn, and transaction timestamps;

  • Records of internal risk assessments, alerts, investigations, and decisions related to suspicious activity;

These records are maintained in accordance with applicable data protection laws, including provisions for secure access, confidentiality, and integrity of personal and financial information. Please refer to the Privacy Policy for more information on the storage of personal data of Website users.

5. Activity Monitoring

The Company employs a comprehensive transaction and behavior monitoring system designed to detect and prevent potential money laundering, terrorist financing, and other illicit activity. 

All user transactions and activities are subject to continuous review to identify inconsistencies, risk indicators, or unusual patterns that deviate from the expected behavior based on the user’s profile.

Where applicable, the following rules and principles are enforced:

  • For any banking or card transaction, the account or cardholder’s name must match the registered name on the user’s account. If a name change has occurred, supporting documentation must be submitted.

  • If deposits are made using non-withdrawable payment instruments, withdrawals may only be processed to a verifiable payment method owned by the user. In such cases, the Company may request documentation to confirm ownership.

  • The Company reserves the right to request additional verification documents (such as proof of payment method ownership or Source of Funds) in cases where discrepancies, unusual activity, or elevated risk are detected.

The Company constantly monitors all user activity as well as their transactions to ensure that they are free of money laundering methods. These methods are:

Placement.

At this point, the funds are converted into other financial instruments such as banking accounts, checks, money transfers, or used to purchase expensive items that can then be resold. The funds can then be invested in banks and other non-banking institutions (for example, money exchange institutions). To avoid any suspicions from the Company's side, a money-laundering entity may conduct several placements rather than placing the entire sum in one operation. This is known as "smurfing" or "structuring".

Layering.

The funds are moved or transferred to other accounts or financial instruments. This procedure is designed to conceal the source of the funds and prevent the identification of the person who performs various financial operations. The movement of funds and changes in their form complicates the process of monitoring funds.

Integration.

The funds are being returned to the financial system under the guise of lawfully obtained funds, with the ultimate goal of eventual integration into the financial system.

5.1 Suspicious Activity Prevention

The Company’s system and AML team actively screen for behaviors commonly associated with financial crime or misuse of the platform, including but not limited to:

  • Use of multiple payment cards across various payment providers;

  • Use of cards from different issuers or regions within a short time span;

  • Frequent switching between unrelated payment instruments (e.g., e-wallets, cards, bank transfers);

  • Refusal or unwillingness to verify payment methods;

  • Mismatch in geographic indicators, such as country of registration, IP address, device settings, or mobile provider;

  • Repeated use of devices linked to multiple accounts (based on device fingerprinting);

  • Avoidance or refusal of identity confirmation procedures, including video verification or selfie with ID.

When such behaviors are detected, the account may be subject to enhanced review, temporary restrictions, or full account suspension pending resolution.

6. Training of the staff on current AML procedures

The Company ensures that all relevant personnel involved in anti-money laundering, counter-terrorism financing, customer onboarding, and financial transactions are properly trained and kept up to date with current AML/CFT obligations and industry best practices.

Staff in key departments — including the financial operations team (responsible for processing user deposits and withdrawals) and the compliance department (responsible for conducting identity verification and due diligence) — undergo regular and structured training sessions tailored to their specific roles and responsibilities.

6.1 Frequency and Evaluation

The Company organizes mandatory AML/CFT training sessions for all relevant staff at least annually, with additional sessions conducted as needed in response to regulatory updates or internal procedural changes.

New employees must complete initial AML training as part of their onboarding process before accessing any AML-sensitive systems or handling user data.

In addition, the Company performs regular staff assessments to evaluate the level of understanding and competence of its employees in relation to AML/CTF and KYC practices. These assessments help identify areas for improvement and ensure that all team members remain fully equipped to perform their functions.

The training program is overseen by Senior Management and is documented in accordance with the Company’s internal control framework.

7. Reporting of Unusual Activity or Transactions 

The Company reserves the right to report any transaction or user behavior that raises suspicion of money laundering, terrorist financing, or other criminal activity.

If the Company identifies activity that cannot be reasonably explained or justified by the user and meets objective or subjective indicators of suspicious behavior, such activity may be reported to the appropriate authority of Curaçao.

8. References

Here you can find the source list (but not limited to) for this Policy. Additional legislation or documents may be applied.

1.     The Forty Recommendations and Special Recommendations on Terrorism Financing ("FATF Recommendations");

2.     Risk-based approach guidance for the casinos (RBA for Casinos), issued by FATF;

3.     Directive 2015/849 of the European Union and Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing;

4.     Commission Delegated Regulation (EU) 2016/1675 of 14 July 2016 supplementing Directive (EU) 2015/849 of the European Parliament and of the Council by identifying high-risk third countries with strategic deficiencies;

5.     The Prevention and Suppression of Money Laundering Activities Amending Law 13(Ι) of 2018 of the Republic of Cyprus;

6.     Curacao Gaming Control Board, Regulations for the combating of Money Laundering, the Financing of Terrorism and Proliferation of weapons of mass destruction, last update January 2025;

7.     FATF list of High-risk and other monitored jurisdictions: http://www.fatf-gafi.org/countries/#high-risk.