To support a preventive and compliant approach, this guide presents a methodology structured around the 5 W’s — a model designed to guide the identification, analysis, and reporting of unusual transactions to the Financial Activities Control Council (Coaf) in a clear, efficient, and technically sound manner.
1. What: Identification of atypical transactional patterns
The challenge in the iGaming sector does not lie in the scarcity of data, but in its abundance. Therefore, the focus of reporting is not on an isolated transaction, but on the set of behaviors that indicate atypical activity relative to the customer’s profile.
Structuring (Smurfing)
Characterized by multiple fractional deposits, often originating from different taxpayer IDs (CPFs), concentrated within a short time frame. The typical pattern includes subsequent inactivity or low-risk bets, suggesting an attempt to disguise the origin of funds.
Fund transfer (Chip dumping)
Evidenced by systematic losses in peer-to-peer games against the same opponent, with no apparent economic rationale. This indicates an indirect transfer of value between participants.
Coordinated betting
Groups of users exhibiting identical betting patterns on low-liquidity events, suggesting coordinated activity or match manipulation.
Pass-Through
Typical sequence: large deposit ? single low-risk bet (odds close to 1.00) ? immediate withdrawal request. The platform is used as an intermediary to obscure the source of funds.
The implementation of automated detection systems significantly reduces the time needed to identify these typologies, enabling near real-time analysis.
2. Who: Due diligence and customer identification
The KYC (Know Your Customer) process constitutes the first line of defense. In a digital environment, identity validation requires multiple layers of verification.
Registration data
Mandatory verification of CPF/CNPJ, full name, and date of birth using official databases. Any inconsistency at this stage should prevent account creation.
Connection analysis
Mapping of relationships between accounts through devices, IP addresses, payment methods, and biometric data. Detecting multiple accounts operated by the same individual is a key indicator.
Regulatory screening
Ongoing checks against Politically Exposed Persons (PEPs) lists, international sanctions (OFAC, UN, EU), and adverse media. Risk classification should be periodically updated.
Ultimate beneficial owner
Investigation of signs suggesting that a person is acting on behalf of third parties, especially when transactions are incompatible with their declared socioeconomic profile.
3. When: timeliness of reporting
Coaf regulations establish a 24-hour deadline after completing an analysis to submit a report. Given that iGaming operations function continuously, processes dependent on business hours represent a compliance risk.
Manual process
Event occurs overnight -> Detection the next morning -> Investigation begins -> Report drafted -> Submission by end of business day.
Estimated exposure time: 14+ hours.
Technology-assisted process
Event occurs -> Alert generated instantly -> Automated pre-analysis -> Analyst validates conclusions -> Submission completed.
Estimated reduction in total time: over 90%.
Automation of operational steps allows compliance teams to focus on complex analyses requiring specialized human judgment.
4. Where: official communication channel
The only valid channel for reporting suspicious activities is the Financial Activities Control System (SISCOAF). Communications via email, physical letters, or phone calls have no regulatory validity.
Additionally, manual completion of the SISCOAF form is subject to typing errors, omission of required fields, and formatting inconsistencies.
Any of these failures can compromise the validity of the report or trigger additional requests for clarification.
Choosing tools that structure data in the required system format significantly reduces formal errors and accelerates the submission process.
5. Why: rationale for reporting
The rationale is the most critical element of any report. Generic justifications (“high amounts,” “suspicious behavior”) are inadequate and may be rejected. The narrative must clearly establish the atypical nature of the operation compared to expected behavior.
Recommended structure:
Reference profile
“Customer identified as [name], CPF [number], registered on [date]. Transaction history shows average monthly deposits of BRL 800, with bets distributed across multiple sporting events.”
Description of atypicality
“On [date], between 03:15 and 03:45, the account received 15 PIX deposits from 12 distinct CPFs, totaling BRL 28,500 — 35.6 times higher than the historical monthly average.”
Executed operation
“At 03:50, immediately after deposit consolidation, the full balance was placed in a single eSports bet with odds of 1.02. After settlement, a withdrawal of BRL 29,070 was requested.”
Analysis and typification
“The identified pattern matches the ‘Pass-Through’ typology, in which the betting platform is used to obscure the origin and destination of funds.
The operation completely diverges from the customer’s established transactional profile, representing a sudden behavioral shift with no apparent justification.”
Is your checklist complete? And your timing?
Anti–Money Laundering (AML) compliance in iGaming is no longer about following a checklist — it has become a continuous intelligence operation.
The shift from manual, reactive, and error-prone processes to a technological ecosystem that monitors, analyzes, and structures data in real time is no longer a differentiator but a requirement for business sustainability and reputation in Brazil’s regulatory environment.
Operators that understand this shift and act proactively not only mitigate the risk of multimillion-dollar penalties but also build trust with both the market and their players.
Vitória Marques
SEO and Media Specialist at Legitimuz, a comprehensive one-stop-shop compliance platform for the iGaming sector. Its KYC, transactional monitoring, biometric, and geolocation solutions are designed to ensure full compliance with Law No. 14.790/2023 and SPA/MF ordinances.
With a focus on Anti–Money Laundering (AML), Legitimuz technology automates the reporting of suspicious transactions to Coaf, transforming regulatory compliance into a competitive advantage.
