14/09/25
This article examines CuraƧaoās updated AML/CFT framework for the iGaming sector - with particular focus on crypto payments, customer due diligence (CDD), enhanced due diligence (EDD), reporting obligations, and regulatory enforcement. We assess the official requirements and their implications for operators navigating this evolving landscape.
š Regulatory Framework and Standards
The CuraƧao Gaming Authority (CGA) is the regulator and AML/CFT supervisor for the gambling sector under the new National Ordinance on Games of Chance (LOK). This law, which came into effect in late 2024, replaced the old masterāsublicense model with a system of direct licensing and stricter oversight.
Operators are subject to two key statutes: the National Ordinance on the Identification when Rendering Services (LID) and the National Ordinance on the Reporting of Unusual Transactions (LMOT). Together, these laws require:
ā¢ Customer identification and verification (CDD).
ā¢ Enhanced due diligence (EDD) for higher-risk clients, including crypto users.
ā¢ Ongoing transaction monitoring.
ā¢ Reporting unusual or suspicious transactions to the Financial Intelligence Unit (FIU CuraƧao) via the goAML platform.
The CGAās AML/CFT policy (effective 9 January 2025) stresses a risk-based approach (RBA). This requires operators to assess their business risk, classify customers, and apply proportionate due diligence. For crypto, which is considered higher-risk, operators must go further in verifying the source of funds and wallet traceability.
Official guidance also requires:
ā¢ Verification with government ID, proof of address, and, where applicable, proof of source of wealth.
ā¢ Sanctions and Politically Exposed Persons (PEP) screening.
ā¢ Appointment of an AML Compliance Officer (MLRO).
ā¢ Internal policies, staff training, and compliance by payment processors and affiliates.
āļø Crypto in CuraƧao Compared to Other Jurisdictions
Historically, CuraƧaoās gaming regime was lenient. With the LOK reforms, standards are now much closer to those of the EU, Malta, and the UK.
Where CuraƧao once tolerated relatively flexible crypto use, the CGA now treats these transactions as inherently higher-risk. Anonymous wallets or mixer-based deposits are flagged for enhanced scrutiny - and operators must refuse or terminate accounts if adequate source-of-funds verification cannot be achieved.
Thresholds are an important issue. Industry sources refer to a NAf 4,000ā5,000 range as relevant for triggering full CDD or reporting obligations. The precise figure depends on the type of transaction and is set by FIU and CGA guidance. Operators must consult official documentation to ensure compliance with the applicable threshold.
In contrast with some other jurisdictions, CuraƧaoās relatively modest thresholds mean that operators must implement systems to monitor even moderate-value deposits. This is particularly relevant for crypto, where volatility and transaction structuring can obscure values.
The transition away from sub-licensing also raises compliance costs: operators must now apply directly for B2C or B2B licenses, maintain a presence on the island, and demonstrate sufficient liquidity. Crypto-accepting businesses must meet all of these obligations in addition to strict AML/KYC.
š Enforcement and Practical Application
While detailed enforcement cases are not widely published, both the CGA and the Public Prosecutorās Office have confirmed that non-compliance with AML/KYC standards is subject to sanctions. Operators have already faced administrative measures and settlements for failing to verify players before permitting wagers or processing deposits.
Practical implications include:
ā¢ Operators must verify identity before allowing significant deposits or wagers.
ā¢ Crypto deposits must be traceable; mixers or anonymous wallets present unacceptable risks unless thoroughly verified.
ā¢ Suspicious or unusual activity must be reported promptly to FIU CuraƧao via goAML.
ā¢ Compliance programmes must integrate software that tracks crypto flows and screens wallet addresses for risk indicators.
For example, a gaming operator accepting crypto deposits from abroad must:
1. Perform CDD at or below the regulatory threshold.
2. Apply EDD where wallets, jurisdictions, or payment patterns are high-risk.
3. Refuse transactions where source-of-funds cannot be confirmed.
4. Ensure all staff and third-party processors are trained and contractually bound to follow CuraƧao AML/CFT rules.
ā Conclusion
CuraƧaoās regulatory overhaul makes clear that cryptocurrency in iGaming is not exempt from strict AML/CFT obligations. The new LOK law, CGA AML/CFT policy, and FIU reporting requirements mandate thorough CDD, EDD, sanctions and PEP screening, and transaction monitoring. Crypto payments are treated as higher risk, requiring more rigorous due diligence and, where necessary, refusal of business.
For operators, the message is simple: AML/KYC is not optional - and crypto adds an extra layer of responsibility. Non-compliance risks penalties, suspension, or loss of license.
If you are exploring CuraƧao licensing or crypto payment integration, contact NUR Legal. We assist iGaming businesses with compliance structuring, regulatory audits, and legal strategy in line with CuraƧaoās evolving standards.
#iGaming #CryptoPayments #CuraƧao #AML #KYC #RegulatoryCompliance #GamingLaw #CryptoRegulation #RiskBasedApproach #SanctionsScreening #FIU
Emil Korpinen