Imagine billions of pesos quietly moving through casinos and online platforms, funds tainted by fraud, hidden amidst the glow of gaming lights. In the Philippines, this isn’t fiction, it’s a sobering reality that has sparked legislative overhauls, high-profile investigations, and the dismantling of entire illicit financial networks.

This article peels back the layers of what’s driving these vulnerabilities. It starts with the Anti-Money Laundering Act of 2001 (RA 9160) and walks you through pivotal reforms like RA 10927 and RA 11521, which broadened the system to include casinos, POGOs, and digital players. You’ll explore how the Anti-Money Laundering Council (AMLC) enforces compliance, what led to the Philippines landing on—and eventually exiting—the FATF grey list, and why powerful money laundering schemes like the Alice Guo POGO case triggered massive crackdowns.

From critical KYC and suspicious transaction reporting obligations, to emerging threats in FinTech, cryptocurrency, and online gambling, this deep-dive is designed to keep money launderers at bay and support financial transparency in the Philippines. Let’s begin with a clear view of how this multi-layered AML framework took shape and why it still matters today.

India’s fintech ecosystem is defined by its regulatory layering. While the RBI leads in payments and digital lending, SEBI, and NPCI also play pivotal roles—making the compliance environment multifaceted.

For AML and KYC, fintechs, NBFCs, SFBs, and payment entities face intensified scrutiny. In 2024, the RBI intensified its enforcement—making AML and KYC non-negotiable. Prominent fintechs faced license risks and business disruptions over non-compliance. One striking enforcement action: Paytm Payments Bank was barred from onboarding new customers or allowing deposits, top-ups, or wallet activity after March 15, 2024, under RBI’s directive for AML non-compliance.

Key Anti-Money Laundering Laws Shaping the Philippines’ Compliance Landscape

RA 9160 (2001) – The Foundational Anti-Money Laundering Act

It defines money laundering, sets penalties, and mandates that covered institutions report covered transactions and suspicious transactions to the AMLC. Under RA 9160, a covered transaction (CTR) generally means cash or transfer transactions over PHP 500,000 (about USD 9,000) in a single day, and a casino transaction over PHP 5,000,000. Suspicious transactions (STRs) are any transactions regardless of amount that have no clear legal purpose or are inconsistent with a customer’s profile. Violating the AMLA is a serious crime: money laundering carries 7–14 years imprisonment and fines of at least PHP 3,000,000 (up to twice the value laundered)[9]. Covered institutions must keep records for 5 years, file reports promptly, and appoint compliance officers.

RA 10927 (2017) – Expanding AML Rules to Casinos and Online Gaming

This amendment recognized that casinos were vulnerable to abuse. It formally designated casinos including internet-based and ship-based casinos as covered persons under the AMLA. Casinos must implement full AML/CFT programs, appoint dedicated compliance officers, conduct periodic risk assessments, and file STRs and CTRs for transactions above the thresholds. For example, cash transactions exceeding PHP 5,000,000 in a casino must be reported to the AMLC. PAGCOR, the gaming regulator, issued its own AML/CFT guidelines for licensed casinos, requiring them to train staff, monitor high-risk jurisdictions, and cooperate fully with the AMLC.

RA 11521 (2021) – Strengthening AML Coverage in the Digital Era

The latest amendment further strengthened the AML framework. RA 11521 expanded the list of covered institutions (including adding Virtual Asset Service Providers, i.e. crypto exchanges, closed technological loopholes, and increased reporting requirements. It broadened AMLC powers (such as ex parte bank inquiries, subpoenas, and search orders) and updated its mandate to cover emerging threats. In practice, this means firms like digital banks, e-money issuers, and other fintech entities must now meet KYC and STR reporting standards equivalent to traditional banks. Together, these laws ensure that any person or entity handling large flows of money in the Philippines must perform Know-Your-Customer procedures, monitor ongoing activity, and report any red-flag transactions or clients to the AMLC.

The Anti-Money Laundering Council (AMLC) and Compliance Obligations

The AMLC is the Philippines’ primary AML/CFT agency and Financial Intelligence Unit. By law it is headed by the BSP Governor (as Chairman), with the Insurance Commissioner and the SEC Chairperson as members. The AMLC’s main functions are to require and collect covered transaction reports and STRs, analyze the information, and, where appropriate, investigate or refer money laundering cases for prosecution. In practice, the AMLC works closely with the National Bureau of Investigation, the Office of the Ombudsman, and the Department of Justice (among others) to build cases and freeze illicit assets. It also issues rules and advisories (e.g. on beneficial ownership or risk-based measures) to guide covered persons in compliance.

All covered entities must register with the AMLC and submit reports in prescribed forms. Covered Transactions (CTRs) – cash transactions above PHP 500,000 (and PHP 5,000,000 for casinos) are reported routinely. More importantly, any suspicious transaction must be reported via an STR. Once a covered institution identifies a suspicious transaction, it must file an STR with the AMLC within five (5) working days. This report should detail the parties, amounts, and reasons for suspicion to enable timely follow-up. Importantly, Philippine law shields reporters from liability: “no administrative, criminal or civil proceedings shall lie against any person for having made a covered or suspicious transaction report in good faith”. This legal immunity encourages banks, casinos, and others to report questionable activities without fear of penalty for false alarms. In addition, covered entities must implement robust AML programs: conducting full KYC (Know Your Customer) / CDD (Customer Due Diligence) before onboarding clients, performing ongoing due diligence (including for politically exposed persons), maintaining transaction records for at least five years, and conducting regular internal audits of their AML controls.

Philippines History In FATF Grey List and Its Status On 2025

In June 2021, the Philippines was placed on the Financial Action Task Force (FATF) “grey list” of jurisdictions under increased AML/CFT monitoring. FATF cited concerns such as money laundering through casino junkets, weak oversight of money service businesses, and insufficient prosecution of terrorism financing. Being grey-listed meant the Philippines had to implement an action plan to fix these deficiencies or risk potential blacklisting. The government launched a series of reforms, including Executive Order No. 33 (July 2023) to coordinate AMLC and other agencies on FATF action items, and stepped-up enforcement in high-risk sectors. As a result of these efforts, on 21 February 2025 the FATF officially removed the Philippines from the grey list.

This exit reflects that the country has “substantially completed its action plan” by strengthening supervisory regimes (especially for casinos and DNFBPs), improving transparency of beneficial ownership, and enhancing cross-border remittance controls. The AMLC press release noted that delisting will facilitate faster and lower-cost cross-border transactions, reduce compliance barriers, and enhance financial transparency, a boon for trade, investment, and the many Overseas Filipino Workers sending remittances home. The Philippines’ FATF journey underlines that ongoing vigilance is required: grey listing brought international scrutiny, and sustained reforms will be needed to meet global AML standards.

AML Threats in the Philippines: Key Risks and Emerging Challenges

Despite the advancements in the Philippine anti-money laundering (AML) framework, several persistent and emerging threats continue to pose significant challenges:

Casinos and POGOs in the Philippines: AML Compliance and Reporting Requirements

Casinos and gaming operations have long been AML priorities in the Philippines. By law (RA 10927) casinos are covered persons, subject to the same CTR/STR obligations as banks. They must establish anti-money-laundering programs, appoint compliance officers at each location, and conduct risk assessments for new products[16]. PAGCOR’s AML guidelines further require casinos to know their patrons and to file CTRs for high-value bets (the law’s PHP 5M threshold) and STRs for any suspicious gambling activity. This sector was a FATF focus: investigations found large unexplained flows tied to “casino junkets” (private high-stakes gambling trips), leading to stricter scrutiny by regulators.

Philippine Offshore Gaming Operators (POGOs), i.e. online gambling businesses serving foreign players, have also been an AML concern. The AMLC has conducted risk studies showing significant money flow through POGO hubs (e.g. a net PHP 7.64 billion inflow from 2017–2019). In past years the AMLC publicly blacklisted non-cooperative POGOs. More recently, authorities moved against the industry: in July 2024 President Marcos issued an executive order banning all POGOs, citing links to “illicit areas furthest from gaming such as financial scamming, money laundering, prostitution, human trafficking, etc”. The crackdown reflected evidence that some POGO facilities were fronts for scams and illicit banking. By early 2025, the government had effectively shut down or canceled most POGO licenses. Nonetheless, banks and payment companies continue to monitor any residual POGO-related transactions carefully. In summary, any casino or gaming operator in the Philippines must implement rigorous AML controls: verify customer identities, monitor large cash wagers or pay-outs, and file covered/suspicious transaction reports with the AMLC promptly, just like other financial institutions.

Case Study: The Alice Guo POGO Money-Laundering Scandal

A high-profile example of AML enforcement is the Alice Guo case. Alice Guo (Guo Hua Ping), a natural-born Filipino citizen posing as a Bamban, Tarlac town mayor, was linked by authorities to a POGO hub and related scams. In August 2024, Philippine investigators raided a POGO-operated casino in Bamban and uncovered alleged fraud and human-trafficking operations. The AMLC then filed charges: in late August 2024, 62 counts of money laundering were approved against Guo and dozens of co-accused. The AMLC alleges that Guo and associates laundered “more than PHP 100 million ($1.8 million) in proceeds from criminal activities” and that they illicitly amassed assets worth about PHP 6 billion (properties, vehicles, even a helicopter)[20]. These funds allegedly flowed through the POGO enterprise and financial networks, then were funneled into real estate and luxury items. Guo has fled the country and is now a fugitive, but Philippine prosecutors seek her extradition to stand trial.

The Alice Guo case underscores the AMLC’s multi-agency approach: the AMLC coordinated with the National Bureau of Investigation and other agencies to trace complex money laundering schemes involving fraud, human trafficking, and securities violations. It also shows the penalties at stake: if convicted, Guo faces long prison terms and massive forfeiture of ill-gotten assets. For the AML community, this case highlights vulnerabilities in the gaming and offshore gaming sectors, and the importance of international cooperation in pursuing suspects who flee abroad.

KYC Compliance and Suspicious Transaction Reporting

Filing Suspicious Transaction Reports (STRs) with the AMLC

When any employee detects an anomalous or suspicious transaction, the institution must promptly file a Suspicious Transaction Report (STR) with the AMLC. As noted, the STR is due within five working days of detection. The report should include details of the transaction, the parties involved, and the reasons for suspicion. STRs are considered confidential, and Philippine law specifically protects reporting entities from legal action if they report in good faith. Failure to report is itself a violation. In practice, banks employ compliance officers and automated monitoring tools to identify STRs. All reported information goes into the AMLC’s central database for analysis. Regulators (BSP, SEC, etc.) also audit institutions to ensure that CDD/KYC procedures meet standards. In summary, rigorous KYC/CDD plus vigilant STR reporting are linchpins of the Philippine AML system – and firms are trained and legally obligated to follow these processes to the letter.

AML Challenges and Best Practices In Philippines

The Philippines faces several enduring AML challenges. High remittance flows (over USD 35 billion annually) and informal transfer channels mean illicit funds can move easily. The country’s cash-heavy economy (especially in gambling, retail, and small business) also provides cover for laundering. In recent years, digital finance has introduced new risks: virtual asset service providers (crypto exchanges, e-wallets) and online banking require updated controls. Terrorist financing, though less prevalent, remains a concern, FATF noted in 2021 a lack of successful prosecutions in that area. Being on the FATF grey list underscored these gaps (e.g. casino junkets, unregistered money transfer operators).

Best practices to counter these challenges include a robust risk-based approach. Institutions and regulators should focus resources on high-risk clients and sectors (e.g. casino VIP programs, high-net-worth transfers, cross-border gambling). Continuous training of staff on new laundering typologies (like crypto-facilitated scams) is essential. Technology is a force multiplier: banks are encouraged to deploy automated transaction monitoring and analytics to flag anomalies, as manual checks are insufficient for high volumes. The BSP’s recognition of e-KYC (e.g. PhilSys digital IDs) helps make remote verification secure.

Government-wide, interagency and international cooperation is key. The AMLC coordinates with the Egmont Group of FIUs for intelligence-sharing, and with partner countries for extraditions and asset tracing. Domestically, regulators regularly issue circulars and advisories (e.g. on beneficiary ownership, risk-based measures) to ensure consistent standards. Public awareness campaigns by educating Filipinos on “What is Money Laundering and how it can be prevented”, also help by enlisting citizens as the first line of defense (e.g. telling people to refuse dubious schemes).

While no system is foolproof, the Philippines has taken steps to close loopholes identified by FATF and bolster defenses. By maintaining strict KYC/CDD, timely STR reporting, effective oversight of casinos/POGOs, and leveraging technology, the country aims to stay ahead of evolving money laundering techniques. Compliance with AML Council regulations and global best practices – together with public vigilance – will be crucial to preserving the integrity of the Philippine financial system

Sources

Anti-Money Laundering (AML) in the Philippines (Amlc.gov.ph)
AML/KYC framework and compliance obligations (Sumsub, Respicio.ph)
Philippines’ removal from FATF Grey List and regulatory updates (Reuters, Insurance.gov.ph)
Casino, POGOs, and offshore gaming risks in AML enforcement (PAGCOR, FOI.gov.ph, Reuters)
High-profile money laundering cases and prosecutions (Philippine News Agency, Reuters)
KYC and eKYC requirements in the Philippines (BSP.gov.ph)