The casino “egregiously and willfully” violated its BSA/AML obligations:
Sparks disregarded its compliance manager. It chose not to file rightfully prepared Suspicious Activity Reports (SARs) and it instructed her to not interact with the Internal Revenue Service’s BSA auditors and prevented her from reviewing a copy of the completed exam report.
Sparks Nugget also committed hundreds of recordkeeping violations, and failed to report several Currency Transaction Reports (CTRs) as well as SARs. The management committee Sparks Nugget established to determine whether to file SARs never held a single meeting, and some committee members were unaware that they were even on the committee. Sparks Nugget lacked any mechanism to document or otherwise account for decisions not to file SARs, and its day-to- day managers maintained that no suspicious activity ever transpired in the millions of dollars of transactions that occurred at the casino.
Personally, I find this the most illuminating:
As is typical for many modern casinos, Sparks Nugget was in an excellent position to make effective use of risk-based, information-driven compliance. Sparks Nugget harnessed its software systems and its own employees to gather large amounts of information about its customers. The casino used this information to improve profits, to provide more personalized customer service, and to minimize the casino’s business risk. Despite this, and despite the requirements of the BSA, Sparks Nugget willfully failed to use this same information to fulfill its AML obligations under the law.