Anti-Money-Laundering (AML) Policy

1. Why AML matters in online gambling

Online gambling is a heavily regulated industry because the cash-equivalent nature of its transactions — deposits, withdrawals, bonus conversions, and crypto rails — can be misused by bad actors looking to launder the proceeds of crime. A criminal who deposits dirty funds, plays a token amount, and then withdraws to a "clean" payment method has effectively converted illicit cash into seemingly legitimate winnings. Without strong controls, casinos would be an easy laundering pipeline.

Every reputable jurisdiction requires licensed operators to comply with international AML standards, most notably the recommendations issued by the Financial Action Task Force (FATF) and translated into local law by licensing authorities such as the Curacao Gaming Authority. Compliance is a legal pre-condition for holding a gaming licence. AML controls also protect honest players: funds held with a compliant operator are far less likely to be frozen by banks during regulatory reviews, and withdrawals less likely to be reversed while a processor investigates the source operator.

2. Maxim88's licensing context

Maxim88 operates under a licence issued by the Curacao Gaming Authority — the modernised Curacao regime that, since the 2023 reform, applies stricter AML, KYC, and player-protection standards than the legacy sub-licence model. Under this framework, the operator must maintain a written AML programme, appoint a designated compliance function, perform customer due diligence, monitor transactions, file suspicious activity reports where required, and screen against international sanctions lists.

The Curacao framework explicitly references international standards: the FATF 40 Recommendations, the equivalent EU AML Directives where applicable, and bilateral sanctions regimes maintained by the UN, OFAC, the EU, and the UK HM Treasury. For full licence details and verification, see /license/.

3. Customer Due Diligence (CDD) — KYC

Customer Due Diligence — commonly called Know Your Customer or KYC — is the foundation of any AML programme. It is the process of confirming that you are who you say you are, that you are old enough to gamble, and that your account is not a front for someone else. CDD applies at registration, before first withdrawal, and on an ongoing basis where new risk indicators emerge.

• At registration: phone-number and email verification, declared date of birth (must be 18 or over), declared full legal name, and declared residential address.
• Before first withdrawal: full KYC document submission — government-issued photo ID (national IC or passport), recent proof of address (utility bill, bank statement, or government letter, typically within three months), and proof of payment-method ownership (card-front photo with middle digits masked, e-wallet screenshot, or bank statement matching the registered name).
• Cross-link: the full procedural KYC walkthrough is at /kyc/, including document quality requirements, common rejection reasons, and typical turnaround times.
• Enhanced Due Diligence (EDD): applies to Politically Exposed Persons (PEPs), high-value depositors, players from higher-risk jurisdictions, and accounts with unusual transaction patterns. EDD typically involves source-of-funds documentation and senior-management approval.
• Document handling: KYC documents are encrypted at rest, transmitted over TLS, and accessible only to designated compliance staff. Documents are never shared with affiliates or marketing partners.

4. Source of Funds (SoF) checks

Where deposit volumes are high relative to the player's stated profile, where patterns are inconsistent with prior behaviour, or where automated risk scoring elevates an account, the operator may request a Source of Funds (SoF) declaration with supporting documentation. The aim is to confirm that the money flowing into the account has a lawful origin.

Acceptable SoF documents include — depending on situation — recent payslips, recent bank statements, a letter of employment, evidence of business income for self-employed players, recent tax returns, or a record of an investment liquidation, inheritance, or property sale.

SoF requests are a routine part of operating under a Curacao licence. They are not an accusation and should not be alarming — they protect the operator's licence, the player's account against third-party misuse, and the integrity of the platform. Refusing to provide SoF documentation will typically result in a withdrawal pause until the matter is resolved, and prolonged refusal can lead to account closure with funds returned to source.

5. Transaction Monitoring

The operator runs automated transaction-monitoring across all deposits, withdrawals, transfers, and bonus conversions. Rule-based and behavioural-analytics systems flag patterns that correlate with money laundering or account abuse, and flagged events are escalated to compliance staff for human review. Typical triggers include:

• Rapid deposit-and-withdraw cycles without play activity — depositing funds, requesting withdrawal almost immediately with little real wagering (the "layering" stage of laundering).
• Transactions involving high-risk jurisdictions or sanctioned countries — payments routed through geographies on FATF grey/black lists or under active sanctions.
• Structured deposits below reporting thresholds (smurfing) — many small deposits sized just under reporting thresholds, in an attempt to avoid detection.
• Use of payment methods in someone else's name — third-party cards, e-wallets, or bank transfers that do not match the registered player name.
• Crypto deposits from mixers, tumblers, or sanctioned wallet addresses — incoming on-chain transfers traced to anonymising services or sanctioned addresses.
• Sudden large deposits inconsistent with prior activity — a step-change in deposit size that does not fit the player's established profile.
• Velocity anomalies — deposit frequency or method-switching that deviates sharply from normal play behaviour.

Most automated alerts are routine and resolved without player intervention. A subset requires additional documentation (updated KYC, payment-method proof, or SoF), and a smaller subset triggers a Suspicious Activity Report (described next).

6. Suspicious Activity Reports (SARs)

Where required by law or by the conditions of its licence, the operator files a Suspicious Activity Report (SAR) — sometimes called a Suspicious Transaction Report (STR) — with the relevant Financial Intelligence Unit (FIU) in the licensing jurisdiction or, where applicable, in the player's country of residence. The decision to file is made by the operator's designated compliance officer.

By design and by law, affected players are not notified when a SAR is filed. This "no tipping off" rule is a confidentiality requirement imposed by virtually every FIU worldwide and is standard practice across licensed gambling operators globally — it is not unique to Maxim88. Players subject to legitimate AML escalation will only experience the visible parts of the process (KYC re-verification, SoF requests, withdrawal hold), not the regulatory reporting itself.

7. Sanctions Compliance

The operator screens every registrant — and on an ongoing basis every transaction — against international sanctions lists. Sanctions screening is a hard gate: a positive match means the account cannot be opened, funded, or paid out until the match is investigated and either confirmed or cleared as a false positive. The lists screened include, at minimum:

• UN Security Council Consolidated List — the global baseline of designated individuals and entities.
• OFAC SDN List — the United States' Specially Designated Nationals list, applicable due to extra-territorial reach.
• EU Consolidated Sanctions List — covering EU restrictive measures across current sanctions regimes.
• UK HM Treasury Consolidated List — the United Kingdom's consolidated list of financial sanctions targets.
• Local jurisdiction sanctions — additional national lists where applicable to the player's country of residence or the operator's banking partners.

Matching is performed on the registered full legal name combined with date of birth — to reduce false positives caused by common-name collisions. Where a registrant matches a sanctions entry, the account is blocked from registration, deposit, and withdrawal pending investigation. Genuine false positives can be cleared via Live Chat (see /contact/) by submitting additional ID documents that disambiguate the player from the sanctioned individual.

8. Record keeping

Customer-identification documents, transaction records, KYC and SoF correspondence, sanctions-screening results, and AML-related internal communications are retained for a minimum of five years after account closure, or longer where the licensing jurisdiction or applicable law requires. Some jurisdictions specify seven or ten years for certain record categories; the operator follows the longest applicable retention period.

Record keeping in this Policy refers to data held by the operator, where the underlying transactions take place. maxim88link.com itself does not hold transaction records, KYC documents, or any AML correspondence — there is no facility to do so on this domain. Data handling specific to maxim88link.com (anonymous Google Analytics 4 events, Cloudflare edge logs) is described separately in the Privacy Policy.

9. maxim88link.com's role in AML compliance

As a standby/backup landing page, maxim88link.com plays a deliberately limited role in the broader AML framework. It is not a financial intermediary, not a payment processor, and not a player-account host.

• No funds, no transactions: we do not hold balances or process deposits or withdrawals on this domain, so we have no direct AML transaction-monitoring obligations. Every regulated transaction occurs on the operator's platform.
• Routing only to verified operator destinations: outbound affiliate buttons lead exclusively to the licensed operator, an alternative-link partner, an alternative-link partner, and an alternative-link partner. No other outbound paths exist, and no "alternative" destination bypasses the operator's KYC, sanctions, and transaction-monitoring stack.
• No money-movement features: we do not facilitate cross-border money movement, currency conversion, third-party payments, peer-to-peer transfers, or any other cash-equivalent activity on this domain.
• Cooperation with the operator's compliance team: we monitor for obvious abuse of the affiliate channel (fraudulent referrals, bot-driven sign-ups) and cooperate with any lawful regulator request that reaches us through the operator.

10. Player responsibilities

AML compliance is a shared effort. The operator runs the systems, but players are expected to use the platform honestly. Following the expectations below prevents the overwhelming majority of avoidable account holds:

• Provide accurate, up-to-date personal information at registration — full legal name as it appears on your ID, true date of birth, real residential address, working phone and email.
• Use only payment methods registered in your own name — no cards, e-wallets, or bank accounts belonging to a friend, family member, employer, or anyone else. Third-party payments are a hard AML red flag.
• Respond promptly to KYC or source-of-funds requests — long delays trigger automated escalation; quick responses resolve almost all cases without further friction.
• Do not allow third parties to access or fund your account — never share your password, never let someone else log in, and never accept "I'll deposit for you" arrangements.
• Do not use the platform to convert funds for someone else — deposits in, withdrawals to a different person's account, or routing through your account on behalf of others are classic laundering patterns and are explicitly prohibited.
• Disclose if you become a Politically Exposed Person (PEP), or have a close family or business relationship with a PEP — this triggers EDD but is straightforward when disclosed proactively.
• Report any suspicious activity in your own account immediately via Live Chat — unfamiliar logins, unrecognised deposits, unrequested withdrawals, or any sign that someone else has touched your account.

11. Contact for AML matters

For AML-related questions — whether you have received a KYC re-verification request, a source-of-funds request, a withdrawal hold, or a sanctions-screening message — contact the operator's Live Chat via the path at /contact/. The compliance team handles AML escalations directly, and Live Chat is the only verified support channel routed through this site.

There is no separate AML email address on maxim88link.com and no separate AML mailbox at the operator level either — escalations are handled inside the support stack. Live Chat agents will identify AML-specific questions and route them to compliance. Do not respond to any unsolicited message claiming to come from an "AML" or "compliance" mailbox at this domain.

Related

• KYC Guide — full document submission walkthrough, common rejection reasons, and turnaround times
• Terms & Conditions — site-level terms of use and affiliate disclosure
• Privacy Policy — what maxim88link.com collects (anonymous analytics only)
• License Verification — Curacao Gaming Authority licence details