Prohibited Practices
Effective Date: 10-08-2025
Account & Identity Fraud
Multiple-account creation — Opening or controlling more than one real-money profile (using slight changes in name, email, device, IP, house name, company, etc.) to bypass limits, reclaim sign-up offers, hedge bets, or hide prior sanctions. Synthetic or stolen identity onboarding involves registering with fabricated, borrowed, purchased, or deceased credentials, deep-fake selfies, or "Franken-docs," so the true owner of funds is concealed. Account rental, sale, or gifting — Lending, hiring, swapping, or buying access to a verified account so another person can wager, collect VIP benefits, or launder value while remaining invisible to KYC.
Financial Fraud & Money Laundering
Third-party deposits or withdrawals — Funding or cashing out with cards, bank accounts, or e-wallets that are not held in the verified customer's name, masking the origin or destination of money. Money-mule pass-through (balance transfer) — Using wagers or internal transfers so illicit value moves from account A to B under the guise of legitimate wins or losses. Structuring/smurfing — Splitting ample cash or e-wallet transactions into many small payments or withdrawals to stay below AML, velocity, or reporting thresholds. Rapid "cash-in cash-out" cycling — Depositing, making token or no play, then withdrawing (often repeatedly) to layer funds, test controls, or farm loyalty benefits. Withdrawal splitting/layering — Requesting chains of small cash-outs to multiple cards, wallets, or retail cash agents, fragmenting the audit trail. Corporate, charity, or public-fund gambling — Wagering with business, NGO, or government money that is not the personal property of the registered individual. Sanctions evasion/terrorist financing — Activity involving sanctioned entities, embargoed regions, extremist wallets, or politically exposed persons concealing status.
Payment Method Abuse
Chargeback fraud ("friendly fraud") — Disputing authorised deposits (card, SEPA, PayPal) after winnings are paid to keep both stake and profit. Card-testing velocity attacks — Firing numerous low-value deposits with stolen or generated card numbers until approval, escalating stakes or reversing transactions. Stolen or compromised e-wallet/bank credentials — Depositing or withdrawing with hacked PayPal, Skrill, open-banking tokens, or similar accounts. Prepaid or gift-card laundering — Turning stolen gift cards or corporate vouchers into a legitimate gaming balance.
Account Security & Access Violations
Account hijack/credential-stuffing — Logging in with leaked or phished credentials, draining balance, changing withdrawal details, or placing high-risk wagers. Social-engineering or coercion of staff — Manipulating, bribing, or threatening support, payments, or VIP personnel to override limits, leak data, or release blocked funds. Document forgery/KYC tampering — Altered PDFs, photoshopped IDs, deep-fake selfies, or mask attacks used to defeat identity, liveness, or address checks. False source-of-funds/wealth declarations — Fabricated employment, asset-sale, or inheritance stories provided to justify high limits or withdrawals.
Access & Location Violations
Under-age or self-excluded gambling — Minors or self-excluded users re-entering via alternate IDs, family accounts, or location masking. Location spoofing (VPN, proxy, TOR, GPS faker, remote desktop) — Hiding proper jurisdiction to access restricted markets, evade tax, or claim geo-specific bonuses. Device-fingerprint evasion farms — Anti-detect browsers, VMs, mobile emulators, or hardware-ID spoofers that make every login look like a new device. Ghost-terminal or thin-client play — Remote-controlling a device to spoof jurisdiction or identity in an authorised region. Tampering with geolocation SDK/device sensors — Injecting false Wi-Fi, cell, GPS, or IP data; using remote desktops to fake jurisdiction.
Automated Play & Technical Exploitation
Automated play/bots/scripts — Software, macros, RPA, or AI that place wagers, spin slots, purchase bingo cards, or cash out without real-time human input. Odds-scraping & high-frequency micro-bet bots — Sub-second polling of price feeds and auto-betting stale or mispriced lines, or spamming micro-stakes to meet turnover. Auto-spin/clicker bypass of slot safeguards — Scripts that ignore reality checks, spin caps, or pop-ups to achieve human-impossible play rates. Loss-recovery or Martingale scripts bypassing auto-stop — Automating escalating stake systems that defeat responsible-gaming spin caps.
Betting Manipulation & Arbitrage
Cross-operator arbitrage/matched betting — Taking opposing positions on other brands or exchanges so every outcome nets profit or clears wagering requirements. Wash betting/balance shifting — Linked accounts placing equal-and-opposite wagers within the same operator to migrate value, inflate turnover, or launder funds. Palpable-error hunting — Betting maximum stakes on obvious odds or payout errors before the operator detects and voids. Stale-line/feed-delay betting — Using faster data or on-venue sources to wager on live events ahead of the operator's feed ("online courtsiding"). Past-posting/latency gaps — Placing or amending bets milliseconds after an event (goal, race off) during suspension or grey states. Head-to-head balance transfers via niche sports — Two related users backing opposite sides of niche markets to push funds internally. Exchange market manipulation via self-matching — Posting back & lay offers between related wallets to distort odds or satisfy turnover.
Bonus & Promotion Abuse
Gnoming/bonus hunting — Serially opening new IDs when high-EV promos appear, minimising own risk and cashing out after play-through. Bonus stacking — Triggering overlapping promotions or multi-currency wallets so combined rewards exceed intended value. Self-referral/fake-referral abuse — Creating bogus "friends," bot traffic, or incentivised installs to harvest CPA or refer-a-friend rewards. Loyalty & comp-point farming — Repetitive low-risk bets or circular sportsbook wagers that generate more cashback or points than theoretical loss. Cashback/insurance-bet abuse — Hedging insured wagers externally, then withdrawing the refunded stake plus the incentive. Cash-out or reversal exploitation — Locking inflated early cash-outs due to feed delay, or cycling cash-out/cancel loops to meet turnover with the same funds. Enhanced-odds/price-boost exploitation — Max-betting promo odds while laying the opposite outcome elsewhere to pocket the marketing margin. Exploit of free-bet cancellation windows — Hedging externally and voiding original stake if pre-match cancellations are allowed. Partial cash-out hedge loops — Repeatedly taking small partial cash-outs to lock profit and re-stake the free-rolled remainder. Recycling promos across currency wallets or brand skins — Moving free spins or bonus chips between mirrored environments that share liquidity.
Technical System Exploitation
Client-side manipulation — Editing HTML, JavaScript, WebAssembly, or packets to alter stakes, RNG calls, outcomes, or return messages. Server race-condition exploitation — Running parallel sessions or replaying signed requests to double-claim rewards, refunds, or free spins. RNG prediction/seed manipulation — Reverse-engineering pseudo-random logic or intercepting RNG requests to foresee future results. Hidden API/endpoint abuse — Directly calling private endpoints, forging headers, or replaying tokens to gain conditions not offered in the public interface. Data-feed interception or delay injection — Throttling or corrupting official price/results feeds for others while retaining faster private data. Session-hijack or token-reuse — Stealing, replaying, or injecting web-session or websocket tokens to place bets on another account. Phantom wager settlement manipulation — Tampering with network packets so the platform never acknowledges a losing bet. Game-math or RTP glitch exploitation — Identifying and hammering titles with temporarily misconfigured payout tables or return settings.
Specialised Gaming Abuse
Collusion in bingo ticket purchase — Syndicates or bots buying large blocks of cards at the last second to dominate jackpot probability or overlay value. Bulk bingo ticket botting — Automated high-volume card purchases milliseconds before cut-off to monopolise jackpot odds. Progressive-jackpot padding or siphoning — Coordinated stake patterns or balance transfers to force must-drop thresholds or misallocate contributions. High-value jackpot deposits moments before draw — Sudden large purchases timed to exploit prize pools without prior play history. Layering via bingo chat gifts or in-game transfers — Moving balance to other users through virtual-gift features that bypass cashier limits.
Financial Transaction Manipulation
Negative-balance/unfunded wagering — Using delayed-settlement rails (ACH, e-check) so bets resolve before funds clear. Deposit-cancellation window exploits — Withdrawing winnings then revoking the original payment (recall, dispute). Currency-conversion & rounding fraud — Exploiting rate timing, spread errors, or decimal truncation across deposit, play, and withdrawal steps. Dormant-wallet seasoning involves parking proceeds in low-activity accounts to outlive claw-back or reporting deadlines and then reclaiming them via new credentials. Misuse of retail "pay-in cash, withdraw online" rails — Depositing anonymous cash in a shop, withdrawing to an online wallet to mask the origin. Friendly credit top-ups circumventing deposit limits — Player-to-player "loan" or top-up systems used to exceed personal funding caps.
Compliance & Verification Circumvention
Biometric spoofing & liveness bypass — Masks, replay videos, or GAN-generated faces used to fool selfie or face-match checks. Responsible-gambling tool abuse — Temporarily raising limits, cancelling cool-offs, or selective self-exclusion to reclaim balances or force refunds. Obstructing AML/enhanced due diligence — Stalling, submitting corrupt files, or implausible narratives while continuing to wager. KYC "slotting" — Cycling multiple partial KYC profiles (ID only, proof of address, etc.) to prolong high-value wagering without complete documentation.
Integrity Violations
Attempting to influence sporting outcomes — Match-fixing, spot-fixing, bribery, insider doping, or other interference while holding a betting interest. Betting on events the customer can influence — Wagers by athletes, officials, data scouts, or team staff on competitions they can affect directly. Live-feed hijack/ultra-low-latency data — Using OB-truck, on-venue, or private telemetry feeds running ahead of public streams for near-certain profit.
Disruptive & Malicious Behaviour
Internal collusion/staff bribery — Persuading employees or vendors to override blocks, leak risk ratings, or expedite withdrawals. System disruption (DDoS/traffic floods) for advantage: Attacks that cause market suspensions or price freezes benefit the attacker's pre-placed bets. False or extortionate complaints — Threatening chargebacks, regulator reports, or social-media smear to secure goodwill credits or refunds. Publishing or distributing exploit tools & guides — Selling, sharing, advertising scripts, databases, or insider data that facilitate prohibited behaviour. Fraudulent dispute of game malfunction — False claims of glitches or freezes to obtain unwarranted refunds or re-credits.
Administrative Violations
Circumventing bet or win limits — Splitting stakes across linked accounts, currencies, or sister brands to exceed operator maximums. Disproportionate micro-bet flooding — Thousands of near-zero-stakes wagers placed solely to satisfy leaderboard, cashback, or VIP volume. Referral kick-back chains (sub-affiliate fraud) — Layering self-controlled affiliate IDs so each wager triggers cascading commission to the same person. Suppressing, modifying, or deleting audit-trail entries — Attempting to alter server logs, bet IDs, or transaction history.
General Provision
Any new or derivative tactic achieving the same goals of fraud, bonus abuse, money laundering, integrity violation, or regulatory breach.