The Isle of Man Gambling Supervision Commission (GSC) has issued a £140,000 fine to CyberHorizon Limited following an investigation that uncovered multiple violations of anti-money laundering (AML) and counter-terrorism financing (CTF) regulations. This action stems from a detailed review carried out by the GSC, which found that CyberHorizon had failed to fully comply with key aspects of the Gambling (Anti-Money Laundering and Countering the Financing of Terrorism) Code 2019.

CyberHorizon, which had been licensed under the Isle of Man’s Online Gambling Regulation Act (OGRA) from March 2021 until September 2023, came under scrutiny during a supervisory inspection initiated in June 2023. The inspection revealed several significant breaches, prompting the GSC to launch a formal regulatory investigation.

According to the findings, CyberHorizon had not adhered to several important regulatory requirements. Notably, the company failed to conduct regular reviews of its customer risk assessments, a key requirement under paragraph 8(3) of the Code. Additionally, it was determined that CyberHorizon had not implemented a technology risk assessment before launching its operations, in violation of paragraph 7 of the Code.

The investigation also found that CyberHorizon had neglected to cease customer relationships when users failed to provide enhanced due diligence or meet other regulatory standards, contravening paragraphs 10 and 14 of the Code. Furthermore, CyberHorizon did not establish a clear process for retrieving records following the cessation of its license, in breach of paragraph 18.

Imposed Penalty and Cooperation from CyberHorizon

In response to these breaches, the GSC initially imposed a £200,000 civil penalty on CyberHorizon. However, the fine was reduced by 30% to £140,000 after the company fully cooperated with the investigation and entered settlement discussions early on. The GSC acknowledged CyberHorizon’s willingness to resolve the matter constructively and expeditiously, which factored into the reduced penalty.

In a statement following the settlement, the GSC emphasized the gravity of the situation, stating, “The Commission is satisfied that the imposition of the civil penalty on CyberHorizon reflects the serious nature of the non-compliance and issues identified.” The regulator further noted that the directors of CyberHorizon had acknowledged the company’s shortcomings and accepted responsibility for failing to meet key regulatory obligations.

Wider Implications for the Industry

The GSC has made it clear that this case serves as a reminder to all firms operating within the regulated gambling sector of their responsibility to comply with AML and CTF requirements. The regulator warned that it would continue to enforce its powers robustly when breaches that pose risks to its regulatory objectives are identified. The Commission also reiterated its commitment to maintaining the Isle of Man’s reputation as a responsible and well-regulated jurisdiction.

“This case underscores the obligation of all operators to conduct their business in a way that effectively identifies and mitigates the risks associated with money laundering and terrorist financing,” the GSC said. It added that reliance on third-party providers for financial crime control must be subject to thorough oversight and assurance controls.

Following the investigation, CyberHorizon has taken steps to address the breaches and ensure future compliance with Isle of Man regulations. Although the company’s license was terminated in September 2023, CyberHorizon’s cooperation with the GSC throughout the investigation suggests that it is working to rectify the shortcomings identified.