Notifications 5

You have got bonus

You have got 200 points on your bonus balance. Check it out!

12:09

You have got bonus

You have got 200 points on your bonus balance. Check it out!

12:09

You have got bonus

You have got 200 points on your bonus balance. Check it out!

12:09

You have got bonus

You have got 200 points on your bonus balance. Check it out!

12:09

You have got bonus

You have got 200 points on your bonus balance. Check it out!

12:09

You have got bonus

You have got 200 points on your bonus balance. Check it out!

12:09

SkinJoker Tech Ltd.​ Anti-Money-Laundering & Counter-Terrorist-Financing (AML/CTF) and Know-Your-Customer (KYC) Policy

1. Purpose

This Policy sets out the comprehensive framework adopted by SkinJoker Tech Ltd. (“SkinJoker,” “Company,” “we,” “our”) to detect, deter and report money-laundering (ML), terrorism-financing (TF), sanctions evasion, fraud and any other illicit use of the cryptocurrency gaming platform skinjoker.com (the “Site”). The Policy supplements our Terms & Conditions, Privacy Policy, Responsible-Gaming Policy, Game Fairness & Integrity Statement and General Rules.

Although we operate without a state gambling licence, SkinJoker voluntarily aligns with:

  • The Financial Action Task Force (FATF) Recommendations (updated February 2024);
  • Hong Kong Anti-Money-Laundering & Counter-Terrorist-Financing Ordinance (Cap. 615);
  • EU Sixth Anti-Money-Laundering Directive (AMLD 6);
  • FinCEN guidance for convertible virtual-currency (CVC) providers;
  • Joint Working Group IVMS 101 Travel-Rule Standard.

 

2. Scope & Application

Subject Entities

  • All natural persons using the Site (“Players”).
  • All SkinJoker directors, officers, employees and contractors (“Staff”).
  • Third-party service providers performing AML/KYC functions (“Associated Parties”).

Covered Activities

  • Cryptocurrency deposits, wagers, withdrawals, voucher redemptions and promotional credits.
  • Player-to-Player (“P2P”) transfers (if enabled).
  • Any other financial or value transfer activity facilitated by the Site.

 

3. Legal & Regulatory Framework (Key Provisions)

Instrument Relevance
FATF Rec. 1, 10-16, 20 Risk-based approach, CDD, record-keeping, SAR filing, reliance on third parties, crypto Travel Rule
Hong Kong Cap. 615 (AMLO) Criminalises ML/TF; mandates CDD, EDD, record retention ≥ 5 years
EU AMLD 6 Adds cybercrime & environmental crime as predicate offences; broadens ML liability
US FinCEN (FIN-2023-G001) Applies to foreign-located MSBs offering services to US persons
OFAC, EU & UN Sanctions Prohibits dealings with listed individuals, entities & wallets
IVMS 101 Defines data fields for Travel-Rule transmissions (e.g., originator name, wallet address)

 

4. Governance & Organisational Structure

Function Incumbent Core Responsibilities
Board of Directors Approves AML budget, risk appetite; receives quarterly MLRO reports
Chief Compliance Officer / MLRO Jonathan Lee, CAMS, ICA-IntDip(AML) Designs Policy, signs SARs, liaison with FIUs, reviews EDD files
Deputy MLRO Katarina Ng (CAMS) SAR drafting, daily alert triage, absence cover
Compliance Operations Team (5 FTE) KYC onboarding, sanctions screening, transaction monitoring
External Auditor Deloitte Risk Advisory (Hong Kong) Annual independent AML audit; penetration testing

Escalation hierarchy and 24 / 7 contact tree are detailed in Internal SOP AML-001.

 

5. Risk-Based Methodology (Enterprise-Wide Risk Assessment, “EWRA”)

Reviewed annually and when triggering events occur.

Risk Dimension Indicators Current Residual Risk
Customer predominantly cross-border, non-face-to-face onboarding, cryptographic pseudonymity Medium
Product / Service instant crypto in/out, high-volatility tokens, provably-fair in-house games Medium-High
Geographic Marketing focus on EU, North America, Asia; geo-blocks on Schedule A jurisdictions Medium
Delivery Channels web & mobile PWA, API integrations with partner marketplaces Medium

 

6. Customer Due-Diligence Programme

6.1 CDD Tiers & Verification

Tier Trigger Data Collected & Verification Method Tech Tools SLA
Tier 1 Account creation DOB, e-mail, phone, device fingerprint, IP geo-check, sanctions/PEP screen SumSub API, MaxMind GeoIP Instant
Tier 2 Pre-withdrawal OR deposits/withdrawals ≥ EUR 2 000 / 24 h Government ID (OCR & NFC), selfie liveness, proof of address ≤ 90 days SumSub, iDenfy, DocuVision ≤ 60 min
Tier 3 (EDD) Cumulative deposits ≥ USD 50 000 eq., PEP hit, high-risk pattern Proof of source of funds (bank statements, payslips, tax returns), source of wealth, live video interview Chainalysis Reactor, Refinitiv World-Check One ≤ 48 h

Non-completion within 30 days ➔ account suspension + potential balance freeze pending review.

6.2 Beneficial-Ownership (Corporate Clients)

  • Certificate of incorporation, shareholder register (> 25 % BO), director IDs.
  • Corporate proof of address, business licence.
  • Board resolution authorising account and designated signatory.

6.3 Politically Exposed Persons & Sanctions

  • Real-time API screening on onboarding & every 4 h thereafter.
  • PEPs permitted subject to Tier 3 EDD + deposit cap USD 10 000 eq./week.
  • Positive sanctions result → immediate account lock, funds blocked, MLRO review.

6.4 Travel-Rule Compliance (Crypto Transfers ≥ USD 1 000 eq.)

  • Originator & beneficiary data (IVMS 101) sent via CipherTrace Traveler to Travel-Rule-enabled VASP counterparties.
  • If beneficiary VASP is non-compliant, withdrawal is routed via in-house Travel-Rule hold wallet pending manual review.

 

7. Cryptocurrency-Specific Controls

  1. Blockchain Analytics – Chainalysis KYT risk scoring on every inbound/outbound transaction; score ≥ 75/100 auto-block.
  2. Mixer / Privacy-Coin Ban – Deposits from Tornado Cash, Blender, CoinJoin clusters, Monero, Zcash-shielded rejected.
  3. Wallet Management – Fresh deposit address (BIP-32) per transaction; hot-wallet cap = trailing 24-h average withdrawals; multi-sig cold wallets (3/5 quorum) with Hardware Security Modules.
  4. Address Blacklist – Daily import of OFAC SDN, EU, UN, UK and HKMA crypto-wallet lists.
  5. Volatility Risk Alert – Auto message if token price drops > 20 % 24-h asking Player to reconfirm withdrawal address.

 

8. Ongoing Monitoring & Transaction-Screening Programme

8.1 Automated Rule-Set (Sample)

Rule ID Description Threshold Action
R-01 ≥ 90 % deposits withdrawn within 60 min, minimal betting 3 occurrences / 72 h Tier 3 review
R-07 ≥ 5 deposit addresses linked to high-risk exchange cluster Immediate Suspend account
R-12 IP address change to Schedule A country during session Auto log-out & KYC re-check
R-20 Net losses > USD 100 000 eq. in 30 days Enhanced RG outreach + EDD

8.2 Machine-Learning Module

  • Gradient-boosting model (AUC 0.93) flags anomalous wager paths, chip-dumping & collusion rings; retrained monthly on labelled SAR outcomes.
  • Features: session length, bet variance, token exchange rate correlation, time-zone irregularities.

 

9. Suspicious Activity Reporting (SAR)

Step Timeline Responsibility
Internal escalation via Case Management System ≤ 4 h from detection Operations Analyst
MLRO decision (file / no file) ≤ 3 business days MLRO / Deputy
File SAR to JFIU (HK) or relevant FIU Immediately after decision MLRO
Post-SAR monitoring freeze 7 days minimum MLRO

“Tipping-off” is strictly prohibited (Cap. 405 §25).

 

10. Record-Keeping & Data Protection

Record Medium Retention Storage
CDD docs Encrypted PDF/Image ≥ 5 years post-closure AWS S3 (AES-256)
Blockchain TX logs CSV/JSON ≥ 5 years Hash-chained in AWS QLDB
SAR & MLRO files PDF ≥ 5 years post-filing On-prem HSM-secured vault
Training files LMS 5 years EU data centre

Processing is lawful under Art. 6 (1)(c)(f) GDPR; data shared strictly on a “need-to-know” basis.

 

11. Training & Staff Competence

Category Frequency Duration Assessment
New Hire Induction Day 1 6 h Quiz ≥ 80 %
Annual Refresher Yearly 3 h Quiz ≥ 85 %
Specialist (Blockchain Forensics) Quarterly 2 h Practical case study
Executive Briefing Semi- 1 h Board Q&A session

Training content reviewed by MLRO & HR; completion tracked in LMS.

 

12. Independent Audit & Assurance

  • Auditor engaged under ISAE 3000 standard.
  • Scope: EWRA validation, random 5 % CDD file check, SAR timeliness, system penetration & Travel-Rule test transfers.
  • Report delivered to Board; remediation deadlines logged in ComplianceTracker GRC.

 

13. Breach Management & Enforcement

  1. Minor Breach (documentation delay < 48 h) → formal reminder + 24 h cure period.
  2. Material Breach (EDD refusal, high-risk wallet deposit) → account suspension, balance freeze, potential SAR.
  3. Critical Breach (sanctions match, evidence of terrorist financing) → immediate freeze, SAR, permanent account termination, notice to law-enforcement.

Internal disciplinary procedures apply to Staff negligence or wilful non-compliance (up to dismissal).

 

14. Review, Change-Control & Version History

Policy reviewed annually or upon regulatory trigger (e.g., new FATF guidance). Change proposals logged in Compliance JIRA; Board approval required for material revisions.

Version Date Key Updates
2.0 21 Apr 2025 Travel-Rule, mixer ban, sanctions API
3.0 21 Apr 2025 Added ML model, address blacklist, governance table, breach tiers

 

15. Appendices

Appendix A — Glossary
(abridged: AML, CDD, EDD, FIU, HSM, IVMS 101, ML, PEP, SAR, TF, VASP)

Appendix B — Schedule A (Restricted Territories)
Australia; Curaçao; Czech Republic; France & DOM-TOM; Iran; Israel; Lithuania; Netherlands & BES; North Korea; Singapore; Spain; Syria; United Kingdom; United States & territories; any comprehensively sanctioned state.

Appendix C — Red-Flag Typology Matrix

Category Example Indicators Risk Weight
Source of Funds Deposit from darknet-linked wallet High
Transaction Behaviour Sudden stop of wagering after large win, immediate withdrawal High
Geography IP from high-risk jurisdiction, VPN detected Medium
Device Pattern 10 accounts linked to single device ID High

(Full 60-indicator matrix available to authorized Staff in SOP AML-002.)


Contact (24 / 7 / 365)

Money-Laundering Reporting Officer
SkinJoker Tech Ltd.
22/F, 2 International Finance Centre, 8 Finance Street, Central, Hong Kong SAR, China
e-mail: [email protected] (PGP key ID 0x98F1 A7C3)
Hotline: +852 5803 8761

Failure to comply with KYC requests or involvement in suspicious activity will result in account suspension, possible forfeiture of funds and notification to the competent authorities.
Play responsibly. 18 + only.