by: Jadel Kaye B. Gines

Out with the Old, In with the New

As regulatory bodies catch up with criminals in combating the increasingly sophisticated methods of perpetrating the crime of money laundering, criminals inevitably find new ways and are now turning to online gaming. The pursuit is made more challenging by the unparalleled speed of technological advancements. From traditional cash transactions, banking transactions, and casino transactions to offshore gaming transactions, the list of covered transactions is only expected to increase and expand. 

With a projected value of $236.9 billion and over 3.27 billion gamers worldwide, the gaming industry offers anonymity, ease of cross-border transactions, and minimal regulation, making it an attractive playground for money launderers to elevate their game. A recent controversy involves alleged money laundering on Roblox, where users buy virtual items with “Robux,” an in-game currency purchased with fiat money. In a 2021 class action suit with the US District Court, an anonymous teen claimed Roblox unfairly removed items after they were sold. A $7.5 million settlement excludes 311 users flagged for spending over 80,000 Robux (~$1,000) on “suspicious” transactions. It was alleged that these users transferred money by buying fake items. Roblox in turn denied the claims, stating that it has strong internal controls.^[1]

The Frills and Perils of Online Gaming and E-Sports 

One defining feature of online games is the use of “in-game currency,” a virtual form of money which allows players to purchase various items, such as character skins, weapons, upgrades, or other digital accessories. This can be earned by completing challenges, missions, or earning points through gameplay, or by purchasing it with fiat money.

To understand in-game currencies, it is important to distinguish virtual currencies (VC) from fiat money. BSP Circular No. 944, s. 2017 defines VC as a “digital unit that is used as a medium of exchange or a form of digitally stored value created by agreement within the community of VC users.” As distinguished from fiat money, VCs “do not have legal tender status.” As such, you cannot use your game coins or gems to purchase snacks from your local sari-sari store. 

The Financial Action Task Force (FATF)—the global watchdog for money laundering and terrorist financing—classifies VCs into: (1) convertible which is exchangeable for fiat (e.g., Bitcoin), and (2) non-convertible which is used only within specific platforms. Most in-game currencies, like those in Fortnite, Roblox, and Minecraft, fall into the latter. Another significant distinction is that most, if not all, money laundering regulatory frameworks mainly focus on convertible VCs, since non-convertible ones do not flow back into the real economy. BSP Circular No. 944, s. 2017 reflects this by excluding non-convertible in-game currencies from its scope.

Anti-Money Laundering Laws and Regulations

In 2015, the FATF, the global watchdog for money laundering, released the Guidance for a Risk-Based Approach specifically for Virtual Currencies, specifically limiting its scope to convertible VCs, due to its “higher risks.” In 2024, the AMLC followed suit, releasing Guidelines on Transaction Reporting and Compliance Submissions, which cover virtual asset transactions.

While it is evident that the AMLC adopted FATF’s recommendations, its guidelines make no mention of non-convertible virtual currencies. As a result, these remain outside the scope of current regulation despite being central to many reported cases of money laundering in online games. Nonetheless, both FATF and AMLC have acknowledged the risks of money laundering in this space.

Recommendations

For Policy-making Bodies

As the FATF only covers convertible VCs in its Guidelines due to its “higher risks,”^[2] it recommends simplified measures for lower-risk industries. Yet, despite internal controls, money laundering activities persist within gaming platforms, suggesting self-regulation alone is insufficient to address the complexity and scale of the issue. Thus, the FATF should formally recognize that non-convertible VCs, common in gaming, also pose “high risks.” This acknowledgment is crucial to extending regulatory oversight to a largely unregulated and vulnerable area.

For Online Game Developers

1. User Verification and KYC Protocols

As criminals exploit loopholes to bypass security protocols, online game developers, though not currently classified as “covered persons,” should adopt proactive compliance measures. Implementing user verification and Know-Your-Customer (KYC) protocols, especially for transactions involving in-game currency or monetizable features, can deter anonymous misuse and enable better cooperation with law enforcement when suspicious activities arise.

2. The Use of Artificial Intelligence (AI) in Assessment and Investigation

AI is increasingly used by game developers to enhance user experience through optimized gameplay and behavior analysis. This technology should also be leveraged to detect suspicious activity. Developers can set internal thresholds for what qualifies as a “covered transaction,” with AI tracking the frequency and volume of in-game purchases, especially unusually large or repeated transactions in short periods. When flagged, the system could alert users and prompt further review. This proactive use of AI would deter illicit behavior and serve as an early-warning tool for potential money laundering.

C. The State and Its Competent Regulatory Authorities

The Philippines’ removal from the FATF grey list is a major achievement, yet a regulatory gap remains: the exclusion of non-convertible VCs. To address this, the AMLC should conduct risk assessments to evaluate current and potential threats posed by non-convertible VCs, including their local use and transaction volume within virtual environments.

The AMLC should also encourage game developers to form internal supervisory boards to monitor and enforce anti-money laundering (AML) safeguards. These bodies would set compliance standards, conduct regular risk assessments, and coordinate with authorities on suspicious activities.

Finally, the most ambitious recommendation is to require online game developers to register with the AMLC as “covered persons” under the AMLA. This would subject them to core AML obligations such as customer due diligence, record-keeping, and reporting of suspicious or covered transactions.

What Now?

As shown above, online games have become a growing avenue for money laundering. Current regulatory frameworks focus only on convertible virtual currencies, overlooking the threat posed by non-convertible VCs used in most online games. Addressing this threat requires a collaborative approach, and it must involve not just the State, but also policy-makers, regulators, and game developers. Only through joint efforts can we build proactive, adaptive, and comprehensive strategies to safeguard the digital economy and outmaneuver those who continue to operate in the shadows.

Jadel is a senior of the Ateneo Law School and an editor of the Ateneo Law Journal. She enjoys playing video games and has a love-hate relationship with collecting Pokemon cards.

---

^[1] Motion for Preliminary Approval of a Class Action Settlement, Mar. 28, 2023 (on file with the United States District Court, Northern District of California, San Francisco Division), in Jane Doe v. Roblox Corporation, Case No. 3:21-cv-03943-WHO (2023).

^[2] Financial Action Task Force, Guidance for a Risk-Based Approach Virtual Currencies (2015).