Date Published:

May 25, 2026

|

Topic:

The control point

Jackpot Payouts - The highest risk control point

Jackpot payouts - the highest risk control point

Unlike many other sectors, gaming through an EGM at a pub or club has a unique concept of an unknown player. Until a payout is made, a player remains unknown to a venue.

In this article, we focus on the payout as the highest-risk control point – collecting and verifying information and triggering any financial crime risk management practices.

The unknown player

International standard setter for AML,the Financial Action Task Force (FATF) - is an OECD-linked body that sets global standards for AML/CTF and reviews how nations effectively implement those standards.
This year, Australia is anticipated to undergo its fifth round of mutual evaluation to assess how effective our national AML framework is compared to the FATF standards – the last time Australia underwent this evaluation was 2014.

In the FATF standards, some service shave thresholds applied before AML frameworks are triggered – and gaming is one of those. Since 31 March 2026, Australia adopted through the AML Reforms the FATF aligned threshold of $5,000 to require AML controls being applied to a payout or betting event. For pubs and clubs, this changes the previous practice of invoking an AML Program when a payment of $10,000 or more occurred at venues with 16 or more licences to operate EGMs. For venues with less than 16 machines, there are more limited AML requirements.

A player must become known to a venue when they win $5,000 or more. For NSW and QLD based venues, this aligns with the amount state-based gaming regulators require a payment must be made to a bank account or via cheque. In other states, that amount can vary and even be below the $5,000 AML threshold – so EFT or Cheque payments are more frequent.

In some cases, both pubs and particularly clubs will have a membership – providing an opportunity to already know things about their winning players, including via carded-play. This can help the AML processes when those players win $5,000 or more by already knowing their name and other details - and if using carded-play, their gaming history.

Getting to know the player

Our previous article, TheGame has Changed, discussed the know your customer (KYC) requirements for a player winning $5,000 or more.

To recap:

  • Collecting their name, DOB, addresses, and occupation, and verifying the information to confirm the person is who they say they are,
  • Determining a customer risk-rating relating to money-laundering (ML) risk, and
  • Where required, collecting and verifying further information about any players that may present a higher level of ML risk.

Beyond these steps, your venue also needs to send money to the winning player, keep records of the transactions and any AML program activities, and have audit-ready information to answer any questions in future about what risk practices were conducted at the time of payout.

Record keeping

Record keeping is a key component of AML obligations – often less talked about and exciting than other measures like identity verification, screening or reporting suspicion to AUSTRAC. But record keeping is a critical element to evidence your AML Program is effective. Much like Australia as a nation needing to prove to FATF mutual evaluation assessors that its national framework is effective, venues too will need to evidence their AML Program in action for audits, independent views and visits from AUSTRAC.

Today, many venues are using paper-based forms to capture key information about the winning player and their identity. Then, they may use a system to record payments – to help reconcile banking activity and create the required Payout Register under state and territory gaming laws. And a separate event or incident management system may be used to capture any further AML Program activity that was used to manage or report risk – often the same system used for other incident reporting to comply with gaming and other related laws governing the operation of venue holding a gaming and/liquor licence.

So that could be up to four or five different places to piece together the record of what one winning player did atthe point of payout and how you managed any financial crime risks.

The control point

Three key elements of control at the point of payouts are:

  1. Simplifying the payout process,
  2. Keeping easy to access records and
  3. Being able to evidence what you did at a venue to mitigate financial crime risk – ranging from proper identification, to enacting enhanced due diligence measures.

The payout is the highest-risk control point – triggering any financial crime risk management practices required in your AML Program.

In the third and final article in this series, Compliance and Payment, we will discuss how a seamless end-to-end process and single platform for payouts enhances the certainty needed for venue owners and accountable boards to manage AML compliance at the point of payout.

AFSL: Australian Financial Services Licence, AHA: Australian Hotels Association, AUSTRAC: Australian Transaction Reports and Analysis Centre, ISO: International Organisation for Standardisation NPP: New Payments Program.
Cruz Payouts:
Home
About Us
Trust and Security
Book a Demo
Legal
Privacy
Terms of use
Help
Let's talk

CRUZ Payouts logo
© 2026 Cruz Group. All rights reserved. Patent ID Ref: 202590358

Built by Cruz Group — powering innovation across finance, technology, and everyday life.

CRUZ Group logo

Cruz Group is the brand used by Cruz Group Holdings, | ABN 89 627 532 718