1 / 49

Overview

Implementing a Converged Identification, Compliance and Reporting Strategy for Gaming Environments The Technologies and Considerations at Play Gaming Security Professionals of Canada Vancouver, British Columbia June 2012. Overview. Information and Today’s Security & Surveillance Concerns

katoka
Download Presentation

Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Implementing a Converged Identification, Compliance and Reporting Strategy for Gaming EnvironmentsThe Technologies and Considerations at PlayGaming Security Professionals of CanadaVancouver, British ColumbiaJune 2012

  2. Overview Information and Today’s Security & Surveillance Concerns A Day in the Life of a Casino Layers of Security Licence Plate Recognition / ID Recognition / Reporting Challenges and Obstacles of Information Report Automation in the Gaming Environment Considerations for Reporting Personal Information Protection AML Reporting, Self Exclusion and Investigations Intelligent Interfaces, Security, Notification, Alerting, Best Practices Business Intelligence Tracking Outcomes Reporting – Results/Conclusions

  3. Information - What's Going on! • The roles of Surveillance, Security, Compliance, and Risk Management in the modern gaming environment are complex and varied • The challenge is to provide a high level of protection to the assets and employees of the casino in a busy public environment • In order to control and manage the associated risks, we have to have effective tools to do the job! • The primary tool of Surveillance , Security and Risk Management is Information!

  4. Today’s Security & Surveillance Concerns • Volume of Data • Cameras are installed everywhere but who is watching • Large Groups of Undesirables • To many faces to remember • Multi-location environments (subjects can move from location to location) • After the Fact (Post Event) • Need an easier way to search if individuals were in the building post event • Requirement to add individuals to an undesirables list • Lack of Available Manpower • Budget cuts • Doing more with less • Increased work loads on security/surveillance operations

  5. The Consequence of Information • In today’s Gaming environments, the sheer volume of people in contrast to available security & surveillance resources poses unique issues: • Stand alone video is no longer the main viable basis for action • Communication has increased between the various departments in casinos but there is still a time lag and/or disconnect • Gaming regulations are ever tightening with higher expectations put on operators • Post event analysis is often too late to reduce loses via theft, trespass, self exclusion or criminal activity • Gaming facilities need tools to be pro-active and prevent issues before they happen

  6. A Day in the Life of a Casino Distraction / Collusion Violence Criminal Activity / Money Laundering Harassment Theft (Internal / External) Fraud / Cheating Slot Investigations, Audits Counterfeits (Tokens, Currency, Credit) Trespass Management / Ban Re-entry Player / Dealer Tracking (Reviews and Audits)

  7. “I’m Positive We’ve Got A File On That Guy” “It’s in here somewhere . . .”

  8. “ Or is it in one of these boxes? ”

  9. “ And I’m sure his picture is here somewhere?! And where is the report ? ”

  10. Which scenario have you been faced with?

  11. Layers of Security and Finding “that” Guy • Breaking down the Gaming facility into logical layers based on location based subject identification provides: • Opportunity for better identification and associated best practices • Trespass/self exclusion management, under age enforcement • Risk and harm reduction by providing choke points for matching and identification • Validation (watch list), authentication (valid ID), Verification (under age), Anti Money Laundering, Fraud • Best use of manned and unmanned space • Exterior, interior

  12. What are Logical Available Pro Active Layers Licence Plate Recognition ID Recognition Reporting

  13. License Plate Recognition (ANPR, LPR) • The intent of License Plate Recognition is to provide fully integrated recognition technology for aiding in reading, logging and identifying vehicles • Additionally LPR systems should allow for management of selected hotlist vehicles to issue automatic alerts when a registered vehicle enters or leaves a physical location • Integrated Patron linkages between persons of interest, vehicles, events (trespass, self exclusion, etc.), ID

  14. Today’s Edge LPR Camera Features Perfect read rate performance is around 90+% Internal 1024x768 high resolution LPR context camera Internal standard resolution color overview camera (640x480) Pulsed LED IR illuminator for effective use in 0 lux (total darkness) Up to 92-foot (28-meter) range with reflective license plates Embedded processors and LPR engines Reads up to 225 km/h (140MPH) Pan-tilt mount/Magnetic mount Tamper resistant with impact-proof capabilities Waterproof to IP67, -40C to 50C operating temperature ranges

  15. Dedicated LPR Solutions LPR Server IP LPR Cameras Alert/Reporting Clients Network Alerts against enrolled license plates in Patron Management Platform Unlimited Vehicle/Plate Support Unlimited Subject Support Subjects can be related to more than one vehicle Real-time Alert shows/links live plate, matched plate, vehicle, subject and subject ban status

  16. Types of ID Drivers Licence Birth Certificate Passport Military Visas Voter ID Employment Identification Old Age Security Alien Registration Permanent Resident Card Government (PIV)

  17. ID Standards • International Civil Aviation Organization • ID-1, ID-2, ID-3 and ID-000 • American Association of Motor Vehicle Administrators • North American (US/Canada) Licenses and IDs • Layout as ID-1 • Barcode, Magnetic Stripe • Federal Information Processing Standards 201 (USA) • Personal Identity Verification (PIV) • Physical access to Federally controlled facilities and logical access to Federally controlled information systems • Government Programs • Smart Cards (integrated circuit card [ICC]) - ID-1, ID-000 • Smart cards can provide identification, authentication, data storage and application processing (Contact, contactless or hybrid formats • Near Field Communication (NFC) • Short-range wireless technologies, typically requiring a distance of 4 cm or less • Likely to be used for purchasing from Smart Phones (BlackBerry Bold, Samsung, Google, Nokia)

  18. Reading and Authenticating ID (Readers) • Remove problems of human vulnerability to: • Fatigue, Distraction, etc. • Allow more focus on: • Human Behaviour, Facial Matching • Transaction Volumes • Multiple Types of IDs (Passports, Visas, DL, Other)

  19. Types of ID Readers Low Price Performance High Magnetic Stripe OCR/Bar Code (1D/2D) MRZ (Passport) Smart Card (Chip) All-in-One (Selected Features)

  20. Reader Data Extraction Reading and identifying document type Collecting information from document Confirming presence of known features Reference-checking information Presenting biometric for comparison

  21. ID Acquisition Technology Today Easy to use Touch screen integration Easy operation for non-experienced users Install on existing PCs and hardware Limited training required Full user/password security and Active Directory support

  22. Multiple ID Requirements (AML, Investigations) Enhanced Customer Due Diligence (CDD) Ability to support multiple IDs per patron Ability to scan and maintain copies of IDs as required for compliance Fully Searchable

  23. Subject Centric Requirements At any given time, individual departments need to isolate subject specific events and activities These subject driven events and activities may need to be expanded as additional information/reporting is required (AML, Visitor Management, Responsible Gaming, License Plate Reporting, etc.) This provides investigators, analysts and departmental staff the ability to analyze patron behaviour for their specific requirements in isolation or as a whole

  24. Incidents (Including Bans and Suspicious Transaction Reports) AML Large Cash Transactions, Disbursements Gaming Disputes Vehicle, License Plate Information

  25. Challenges and Obstacles of Information • Cost • Securing access to data • Aggregation of data from different systems • Interdepartmental cooperation • Compliance

  26. Key Benefits of Report Automation in the Gaming Environment • Cost Savings • Secure Interdepartmental Information Sharing • Total Trespass & Self Exclusion Management • Savings & Loss Tracking • Risk Management & Analysis • Compliance • Peace of Mind

  27. Information – The Key to Effective Risk Management • Information management is the key to any efficient security and compliance operation • To be effective the information collected must be: • Timely • Accurate • Consistent • Rapidly retrievable • Subject to logical work flow • The need for an efficient integrated system to provide a solution for incident data collection, analysis, management, report generation, distribution and rapid access to subject and incident related data is paramount in modern gaming environments

  28. Interdepartmental Information - Operational Considerations • Information originates from a variety of sources, some shared by default, others on an as required or need to know basis • Access to specific information / records must be controlled on a departmental, positional and individual level • Sensitive information (i.e. internal investigations) must be able to be restricted on a “need to know” basis • All data must be subject to a detailed audit procedure • Data flow and access must be configurable to comply with internal policies / procedures and best practices

  29. Considerations for Reporting • Multiple information, reporting and processes: • Personnel Management & Dispatch • Detailed Investigations • Security Reporting (Under Age, Assault, etc.) • Surveillance Reporting (Game/Player/Dealer Audits, etc.) • Self Exclusion & Responsible Gaming Reporting • Compliance Reporting (AML, etc.) • Suspicious Transaction Reporting • Patron Trespass Management • Patron/Activity Monitoring , Alerting and Custom Notification • System Interfacing

  30. Personal Information Protection & Electronic Documents Act (PIPEDA) & Privacy The use of personal information in Canadian commercial activities is protected by PIPEDA, or by substantially similar provincial legislation. You have to inform individuals concerning the collection of personal information about them. However, you do not have to inform individuals when you include personal information about them in any of the reports that you are required to make to FINTRAC. How organizations should collect, use and disclose personal information. They also address an individual's right to access his/her personal information and have it amended for commercial purposes. Accountability, Identifying Use, Consent , Limiting Collection, Limiting Use, Disclosure and Retention, Accuracy, Safeguarding Patron Information, Openness, Patron Access

  31. AML Reporting (Canada as an Example) Large Cash Transactions (LCTs) must be reported to Canada's Financial Transactions and Reports Analysis Centre (FINTRAC). FINTRAC receives, analyzes, assesses and discloses financial intelligence on suspected money laundering, terrorist financing, and threats to the security of Canada. The Centre is an integral part of our country's commitment to the fight against money laundering and terrorist activity financing. Canadian businesses must report LCTs to FINTRAC within 15 days of the transaction. An LCT is defined as one or more transactions, received from a single party, and totalling $10,000 or more.

  32. AML Expanding Reporting Requirements • Globally, reporting requirements year over year are increasing and becoming more granular • Full Time Compliance; • Expanded reporting requirements; • Expanded record keeping requirements; • Expanded client identification (ID) requirements; • Moving towards the need for self-assessment of risk and mitigation

  33. AML Expanded Reporting Requirements Receipt of Funds Records must be completed for every transaction; Suspicious ATTEMPTED transactions must be reported. You must not “tip off” the individual that you have, or intend to file, a report

  34. AML Expanded Record Keeping • Additional information must be kept: • Large Cash Transactions • Receipt of Funds Records • Client Information Records • Suspicious Transaction Records

  35. AML Expanded Record Keeping Detailed individual information must now be obtained and kept on file; Detailed account identification must be obtained and kept on file; All reports must be secured, in electronic or hard copy, for X years; If requested by AML agency– all records must be produced within X days.

  36. AML ID Requirements Casinos must : Verify client ID, date of birth, and occupation; Confirm the existence of the entity they represent; Attempt to collect identification and record findings; If suspicious, report to AML Agency (AUSTRAC, FINTRAC, FIU, etc.)

  37. AML Third Party ID Requirements If the client is not present, you must use a third party or entity to identify clients Existence of third party must also be confirmed Question of third party involvement in transaction must be asked of individual Third parties defined by AML entities as someone issuing instructions

  38. AML Self-Assessment of Risk This is a new requirement of compliance Engaging senior management in the detection and deterrence of money laundering and terrorist financing Built on a Risk-Based Approach Risk assessment/mitigation of your business Patron screening Ongoing monitoring of higher risk transactions

  39. AML Supported Transactions Buy-Ins - cash paid by the subject to the FINTRAC reporting entity Foreign Exchange - cash changed from one currency to another by the subject Deposits - cash deposited into the subject's account Disbursement - cash or merchandise paid to the subject by the FINTRAC reporting entity

  40. Investigations & Self Exclusion Link investigations to people, places, vehicles, etc. Drilldown to find historical information on individuals involved. Collect images, videos, word documents, emails, etc. in a single case Track Saving & Losses for each investigation Collect additional officers supplemental information

  41. Intelligent Data Interfaces (IT requirements) • Support for multiple Interfaces including PeopleSoft, Dacom, Bally’s, etc. • Business and importer workflow logic built in and configurable • i.e. Join or separate first and last name, remove spaces in names, clean-up data between systems • Configured for scheduled directory scans/imports for data automatic acquisition and updates

  42. Enhanced Security & Privacy Encrypt data at rest, in transit and at field level for ultimate protection Document assignment at the user and department level Ability to make confidential to specific users, provide a high level of document security and protection Complex Permissions to control access to information Property, Department and rolebased security levels

  43. Notifications • Alert key individuals as activities happen • Keep information flowing with “real-time” updates • Multiple Notifications Type (Alert, e-mail, etc.) • Send notifications to blackberry, iPhone and PDA’s • Used to integrate into 3rd party systems (Access Control, Alarm Management, etc)

  44. Integrated Alerting with open Architectures • Manage multiple system alerts • CMS Player Card Insertions • Escalation of alerts into security dispatches, investigations , etc. • Outbound notificationsto 3rd Party Systems (HR, Access Control, CMS, etc.)

  45. Best Practices (SOP, Rules of the Game, etc.) Departmental specific documentation needs to be maintained including: Standard operating procedures Rules of the game Compliance requirements

  46. Overlay Business Intelligence • BI delivers a unique approach to interactive data visualization. Using advanced link analysis - complemented by charts, timelines and other views - investigative analysts can discover non-obvious relationships and significant insights within their data more quickly than with other data visualization or business intelligence technology. • It allows analysts to easily combine disparate data sources and explore multiple visualizations in a single integrated workspace. • Connect to data for analysis, visualize hidden insights across disparate data, and share analysis results through collaboration. • Facebook, LinkedIn, etc.

  47. Tracking Outcomes Actions Taken • Integrated Outcomes can be documented • Multiple Entries • Denied Paid Outs • Trespass • Under Age Refusals • Vehicle Towing • Incident Reporting • Flag for follow-up actions

  48. Reporting – Results/Conclusions • Efficiency • Centralized shared information enhances productivity, allowing staff to work more effectively • Communication Among Groups, Departments And Agencies • Security, Surveillance, Risk Management, Legal, Health & Safety, Human Resources and Outside Agencies • Best Practices • Consistent documentation across departments ensures everyone is on the same page, avoiding conflicting reports on the same incident • Liability • Reduction in exposure • Solid trial / legal documentation • Reduction In Costs • Paper, storage, faxing, management • Recovery • Civil recovery and restitution • Tangible reportable savings and losses for budgeting purposes and action

  49. Questions & Answers James Moore – iView Systems jmoore@iviewsystems.com 905 829-2500 / 1-866-705-9671

More Related