Casino Audit Guide

 admin
Casino Audit Guide Rating: 8,6/10 8160 votes

Guide Essentials. Introduction to. Home Complaints 7 Reels Casino - Player’s withdrawal has been delayed due to account audit. What makes casino accounting and auditing so complex? Attend this class to find out and improve your understanding of this highly regulated industry. From monitoring casino transactions, recording financial activity to reporting suspicious activity, tribal gaming operations face a myriad of challenges. Join our expert and learn to navigate through the complex regulations as well as accounting and auditing.

  1. Casino Audit Guide
  2. Casino Audit Guide
  3. Casino Revenue Audit Training
  4. Casino Audit Training
  5. Casino Audit Guidelines

ISACA issues guide to conducting IT audits

A new report from global IT association ISACA identifies five steps organizations should take to create an effective audit program and reap the benefits of a successful information systems audit.

IT audits help enterprises ensure the secure and reliable operation of the systems that are critical to organizational success. The effectiveness of the audit depends largely on the quality of the audit program, according to a new ISACA report, titled Information Systems Auditing Tools and Techniques: Creating Audit Programs.

According to the guide, the audit process consists of three phases: planning, fieldwork and documentation, and reporting and follow-up. The planning phase consists of five distinct steps.

  1. Determine audit subject.
  2. Define audit objective.
  3. Set audit scope.
  4. Perform pre-audit planning.
  5. Determine audit procedures and steps for data gathering.

'ISACA's new white paper provides audit and assurance professionals with practical guidance on how to develop audit programs from the ground up,' said Rosemary M. Amato, CMA, CISA, a director on ISACA's Board, and Director, Deloitte Accountant B.V. 'Audit processes are clearly defined by phase with activities clearly described. ISACA's new guide can be leveraged in your organization to add value to the audit function.'

Setting the audit scope is critical, according to the white paper, because 'the IS auditor will need to understand the IT environment and its components to identify the resources that will be required to conduct a comprehensive evaluation.' A clear scope helps the auditor determine the testing points relevant to the audit's objective.

Pre-audit planning includes tasks such as conducting a risk assessment, identifying regulatory compliance requirements and determining the resources that will be needed to perform the audit.

The final planning step—determining audit procedures and steps for data gathering—involves activities such as obtaining departmental policies for review, developing methodology to test and verify controls, and developing test scripts plus criteria to evaluate the test.

Once planning is complete, auditors can move on to the fieldwork and documentation phase (acquiring data, testing controls, issue discovery and validation, documenting results) and the reporting phase (gathering report requirements, drafting the report, issuing the report and follow-up), both of which are described in detail in ISACA's paper.

Guide

Casino Audit Guide

'Creating Audit Programs' indicates three important success elements: IS auditors should be familiar with standard frameworks, the operating environment of the entity under review, and the audit process used internally.

Casino revenue audit training
FIN-2010-G003
Casino or Card Club Compliance Program Assessment

This document describes factors that a casino or card club may need to consider in assessing the effectiveness of its Bank Secrecy Act (“BSA”) compliance program. The BSA requires casinos and card clubs to develop and implement compliance programs tailored to their business activities and risk profiles. A casino or card club may not need to address each of the factors described in this document. Also, a casino or card club should not construe the factors below as exhaustive and the only ones required to be addressed.

I. Elements of a BSA Compliance Program

Casino revenue audit training

A casino or card club is required to develop and implement a BSA compliance program that adequately addresses the risks posed by its products, services, customer base, and geographical location for the potential of money laundering and terrorist financing. At a minimum, each BSA compliance program1 must provide for:

  • A system of internal controls to assure ongoing compliance with the BSA;
  • Internal or external independent testing for compliance with a scope and frequency commensurate with the risks of money laundering and terrorist financing posed by the products and services provided;
  • Training of casino personnel, including training in the identification of unusual or suspicious transactions;
  • An individual or individuals to assure day-to-day compliance with the BSA;
  • Procedures for using all available information to determine and verify, when required, the name, address, social security or taxpayer identification number, and other identifying information for a person;
  • Procedures for using all available information to determine the occurrence of any transactions or patterns of transactions required to be reported as suspicious;
  • Procedures for using all available information to determine whether a record required under the BSA must be made and retained; and
  • For casinos and card clubs with automated data processing systems, use of the programs to aid in assuring compliance.

Casino Audit Guide

II. Criteria for Assessing a BSA Compliance Program

Casino Revenue Audit Training

A casino or card club may need to consider the following criteria, among others, when assessing its BSA compliance program:

Casino Audit Training

  • Management awareness and commitment to compliance;
  • Comprehensiveness of policies, procedures, and internal controls and whether policies, procedures, and internal controls need updating;
  • Level and frequency of training and whether training is appropriate for the business and compliance functions performed by personnel (e.g., front-line employees);
  • Compliance officer’s authority, responsibilities, and extent of control and effectiveness, as well as the expertise of the compliance staff;
  • Effectiveness of a compliance committee (if established);
  • Adequacy of internal or external audit reports in confirming whether the independent review:
    • Evaluated the comprehensiveness of the BSA compliance program and was conducted by an individual knowledgeable of the BSA’s requirements,
    • Provided a fair and unbiased appraisal of the BSA compliance program, including BSA-related policies, procedures, and internal controls, as well as other requirements such as reporting and record retention,
    • Determined whether the casino or card club is operating in compliance with the requirements of the BSA and the casino or card club’s own policies, procedures and internal controls, and
    • Included testing of internal controls and transactional systems and procedures to identify problems and weaknesses and, if necessary, recommend to management appropriate corrective actions;
  • Any BSA compliance deficiencies identified by audit reports and effectiveness of any subsequent corrective actions taken;
  • Extent of usage of appropriate automated systems and programs to support its compliance program;
  • Adequacy of account opening and documentation policies, procedures and processes;
  • Adequacy of policies, procedures and processes for the types of financial services offered or types of negotiable instruments accepted;
  • Adequacy of procedures and processes for filing currency transaction reports;
  • Adequacy of procedures and processes for detecting suspicious transactions or patterns of suspicious transactions and filing suspicious activity reports;
  • Whether there are areas of the operation which require special compliance considerations (e.g., creation of specific types of records, availability of records, records retention); and
  • Whether supervision of employees is adequate.

III. Basis for Revising a BSA Compliance Program

Based on its assessment, a casino or card club should consider the following in determining whether to revise its BSA compliance program:

  • Results of independent testing, including internal or external reviews or audits;
  • Results of examinations by the Internal Revenue Service or other governmental authorities;
  • Significant changes in cage or floor operations;
  • Significant changes in the types of financial services offered or types of negotiable instruments accepted;
  • Implementation of automated systems and programs that affect compliance;
  • Amendments to BSA regulations;
  • Amendments to BSA reporting forms;
  • New BSA guidance or advisories including, frequently asked questions;
  • SAR Activity Reviews – Trends, Tips & Issues, with articles on casinos, card clubs or gambling as well as Suspicious Activity Report (SAR) bulletins;
  • The extent to which FinCEN Form 103, Currency Transaction Reports by Casinos (“CTRCs”) filed during specified time frames were:
    • filed late,
    • included P.O. Boxes for customers’ addressees;
    • omitted critical information items;
  • The extent to which the casino or card club received correspondence indicating that CTRCs were filed that included errors or omissions that prevented processing, or indicating the existence of reporting errors or omissions, such as:
    • no street address,
    • incorrect social security numbers, and
    • no date of birth; and
  • The extent to which FinCEN Form 102, Suspicious Activity Report by Casinos and Card Clubs (“SARCs”), had:
    • no subject information,
    • no characterization of suspicious activity, or
    • inadequate narratives.

Deficiencies could result in BSA civil money penalties or other enforcement actions. Also, a casino or card club may need to consider corrective action, as appropriate. Deficiencies that may warrant taking corrective action include, but are not limited to the following:

  • Failure to implement a compliance program;
  • A significant breakdown in internal controls or lack of adherence to policy, procedures and controls to assure compliance with the BSA;
  • Inadequate testing, training, or other failures in an essential element of a BSA compliance program;
  • Compliance program continues to be deficient or violations continue to occur after the institution becomes aware of problems;
  • Failure to file SARCs when warranted:
    • Failure to investigate potential suspicious activity,
    • Failure to document reason for deciding not to file a SARC for activity initially identified as potentially suspicious, and
    • Failure to include all relevant information in a SARC;
  • Failure to file CTRCs;
  • Filing of CTRCs that lack key information (i.e., customer name; address; social security number (“SSN”) or other government identification number; identification credential with issuer and number; amount of currency; or date of transaction);
  • Failure to create or retain required records or to provide all the information required by those records;
  • Management participation in BSA violations; and
  • Assisting customers in structuring transactions to evade the reporting or recordkeeping requirements.
Audit

In conclusion, an effective BSA compliance program should reflect a casino or card club’s products, services, customer base, and geographical location. It is a sound practice for a casino or card club to periodically re-assess its BSA compliance program to assure sufficiency and effectiveness.

For questions about this guidance, please contact FinCEN’s Regulatory Helpline at (800) 949-2732.

Guidelines

For additional guidance, see Casino or Card Club Risk-Based Compliance Indicators, FIN-2010-G002 (June 30, 2010) and Frequently Asked Questions – Casino Recordkeeping, Reporting and Compliance Program Requirements, FIN-2007-G005 (November 14, 2007) and FIN-2009-G004 (September 30, 2009), and Recognizing Suspicious Activity - Red Flags for Casinos and Card Clubs, FIN-2008-G007 (August 1, 2008). Other reference material includes Structuring by Casino Patrons and Personnel, FIN-2009-A003 (July 1, 2009). See also In the matter of the Tonkawa Tribe of Oklahoma and Edward E. Street - FinCEN No. 2006-1 (March 24, 2006).

Casino Audit Guidelines

1 See 31 C.F.R. § 103.64(a). Compliance with this requirement satisfies the obligation under Section 352 of the USA PATRIOT Act to implement an anti-money laundering (“AML”) program. See 31 C.F.R. § 103.120(d).