GH GambleHub

AML va KYC bo’yicha hisobot

1) Vazifasi va qamrovi

Maqsad: barcha yurisdiksiyalar va sheriklar (banklar, PSP, KYC/KYB provayderlari) uchun AML/KYC bo’yicha takrorlanadigan, tekshiriladigan va o’z vaqtida hisobot berishni ta’minlash, jarimalar/blokirovkalar xavfini kamaytirish va nazorat funksiyalarini mustahkamlash.
Qamrov: o’yinchilar va hamkorlarning onbordingi (KYC/KYB), sanksiyalar/PER, tranzaksiyalar monitoringi, EDD, SAR/STR, mablag’manbalari (SoF/SoW), RG-signallar, PIIni saqlash va undan foydalanish, hodisalar va bildirishnomalar.

2) Hisobotlar va chastotalar tasnifi

1. Tartibga solish: onbording, sanksiyalar alertasi/RER, SAR/STR, shikoyatlar, ko’rilgan choralar bo’yicha ma’lumotlar.

Chastotalar: har oyda/chorakda; noxush hisobotlar - belgilangan muddatlarda (masalan, 72 soat ≤).

2. Banklar/PSP: tranzaksiyalar hajmi, charjbeklar, shubhali patternlar, EDD-keyslar.

Chastotalar: har hafta/oyda, so’rov bo’yicha - ad hoc.

3. Ichki: KRIs/KPIs, KYC, FPR/FNR, SLA provayderlar voronkalari, AML keys maqomlari.

Chastotalar: kunduzgi dashbordlar, haftalik qo’mitalar, oylik retrospektivlar.

4. Vendorlar/autsors: sifat va SLA KUS/sanksiya provayderlari, muvaffaqiyatsizlikka chidamlilik, yolg’on ijobiy.

Chastotalar: oylik, choraklik sharhlar.

3) Ma’lumotlarning yagona tuzilmasi (maydonlarning minimumi)

Cubject (oʻyinchi/sherik): subject_id, turi (player/partner), mamlakati, yoshga oid maqomi (18 +), risk_score, kyc_level, pep_flag, sanctions_flag, soe/sow_status.
Документы KYC: doc_type, doc_number_hash, issuer_country, expiry_date, liveness_passed, verification_provider, verification_result, confidence_score.
Транзакции: tx_id, ts, amount, currency, method, psp, device_id, ip_geo, velocity_flags, rule_hits[].
Алерты AML: alert_id, rule_id, severity, reason_codes[], owner, status, opened_at, closed_at, action_taken (EDD/SAR/STR/block/none).
Санкции/PEP: list_version, hit_type (sanctions/pep/adverse media), match_score, disposition (true/false positive), reviewer_id.
PII kirish jurnali: actor, action (view/export/delete), dataset, ts, purpose, ticket_id.

💡 Talab: har bir hisobot to’plami uchun data_lineage maydoni (manba → transformatsiya → iste’molchi), sxemalar versiyalarini nazorat qilish.

4) hisobot uchun KRIs/KPIs

KYC:
  • KYC pass rate, KYC fail%, Liveness dropout%, Avg TAT (min/soat), FPR/FNR modellari.
Sanksiyalar/YaH:
  • 1k onbordingga hit-rate, FPR%, Dispo TAT, ikkilamchi tekshiruvlar ulushi.
AML/Tranzaksiyalar:
  • Alerts per 10k tx,% eskalatsiyalar EDD, SAR/STR per 10k active, Conversion alert → action.
Vendorlar va SLA:
  • Provayderning ish vaqti, o’rtacha latency API,% retrayev, mavjud bo’lmaslik ulushi> X min.
Maʼlumot sifati:
  • hisobot buxgalteriya hisobi, kunduzgi ETLning success rate tafovutlari, majburiy maydonlarning o’tkazib yuborilishi%.

5) Sifatni nazorat qilish va solishtirish

DQ qoidalari: not null/format/diapazonlar/referenslar; SLA tuzatish.

Solishtirmalar (reconciliation):
  • Onbording registrlari vs KYC-provayder,
  • DWH tranzaksiyalari vs PSP/bank hisobotlari,
  • SAR/STR reyestri vs jo’natilgan xabarlar,
  • Sanksiyalar ro’yxati N vs N-1 (delta) versiyasi.
  • Isbotlanuvchanlik: yukning xesh-summasi, qayta hisob-kitob daftarlari, o’zgarmas loglar (WORM/obyekt ombori).

6) Hisobotlarning standart shakllari (shablonlar)

6. 1 AML/KYC regulyator ma’lumotlari (har oyda)

Ko’rsatkichQiymatiΔ oyga nisbatanChegaraMaqom
Yangi onbordinglar48,210+7%
KYC fail %11. 2%+1. 3 b.p.12%
Sanctions/PEP hit-rate2. 1%+0. 4 b.p.3%
Alerts per 10k tx37−5≤50
EDD share of alerts14%+ 2 p.p.≤20%
SAR/STR filed28+6
Avg TAT (KYC)9. 6 min−1. 1≤12

Qoidabuzarlik/noxush hodisalar: 0 tanqidiy, 1 o’rtacha (KYC-provayderning yashirligi 18 min).
Koʻrilgan choralar: fallback faollashtirildi, velocity qoidalari yangilandi.

6. 2 Bank/PSP uchun hisobot (har oyda)

To’lov kanallari bo’yicha depozitlar/chiqimlar hajmi, chargeback rate, shubhali patternlar, bloklangan akkauntlar/qurilmalar ro’yxati (xeshlar), EDD/hold choralari.

6. 3 Sanksiyalar/YaH bo’yicha ichki hisobot (har hafta)

HaftaOnbordingsHit-rate %FPR %Dispo TAT (м)Roʻyxat versiyasi
2025-W4311,9822. 09. 142OFAC 2025. 10. 21 / EU 2025. 10. 18

7) Ish jarayonlari (SOP) va RACI

7. 1 SOP: Oylik tartibga solish hisoboti

1. ETLni boshlash T + 1 02:00 → 2) DQ-validatsiya → 3) PSP/DWH bilan solishtirish → 4) PDF/CSV/JSON tayyorlash → 5) Yuridik revyu → 6) Imzo/jo’natish → 7) Arxiv/xesh/jurnal.
RACI: Responsible — Compliance Analyst; Accountable — Head of Compliance; Consulted — Legal, DPO, Payments, Security; Informed — C-level.

7. 2 SOP: SAR/STR

Triggerlar (rule/machine-learning/qo’lda), EDD-tekshirish, yechim (file/not), fayling, olinganligini tasdiqlash, reyestrni yangilash, keyingi choralar (hold/blok/bank/regulyatorga xabar).

7. 3 SOP: KS/sanksiyalar hodisasi

FPR> chegara yoki degradatsiya SLA → hodisa-brij → ikkinchi provayderni yoqish → qoidalarni kalibrlash → hodisa to’g "risidagi hisobot (TTR/sabab/choralar).

8) Avtomatlashtirish: arxitektura konturi

Yig’ish: CDC/prod-DBdan oqim, webhooks KS/sanksiyalar, PSP-SFTP, log-kollektorlar.
Хранилище: Data Lake (RAW → CURATED), DWH (reporting marts: aml_alerts, kyc_events, sanctions_hits, psp_recon).
Ishlov berish: SLA/retrajli orkestrator (Airflow/Argo), agregatlar uchun policy-as-code.
SOAR: pleybuklar for SAR/EDD, ostonalardagi avto-eskalatsiyalar, chiptalar va bildirishnomalar.
Maʼlumotlar/lineage katalogi: sxemalar va qaramliklarning avtomatik avlodi, hisobotlar versiyasi.

9) Agregatsiyalar va amalga oshirish namunalari

9. 1 SQL-misol (psevdo)

sql
-- Sanctions/PEP weekly hit-rate with FPR
SELECT date_trunc('week', screening_ts) AS week,
COUNT() FILTER (WHERE hit = true) 100.0 / COUNT() AS hit_rate_pct,
COUNT() FILTER (WHERE hit = true AND disposition = 'false_positive') 100.0
/ NULLIF(COUNT() FILTER (WHERE hit = true),0) AS fpr_pct
FROM sanctions_screenings
WHERE screening_ts >= current_date - interval '90 day'
GROUP BY 1
ORDER BY 1 DESC;

9. 2 JSON-SAR/STR tushirish sxemasi (soddalashtirilgan)

json
{
"report_id": "SAR-2025-000128",
"filed_at": "2025-11-01T10:42:12Z",
"subject": {"id":"player_9f4a", "country":"EE", "risk_score":82},
"transactions": [{"tx_id":"T123", "amount":950.00, "currency":"EUR", "ts":"2025-10-28T21:10:00Z"}],
"reasons": ["velocity_withdrawals", "device_cluster"],
"actions": ["hold","EDD","bank_notification"],
"attachments": ["/evidence/aml/SAR-2025-000128.pdf"],
"confidentiality":"restricted"
}

10) Chegara qiymatlari va eskalatsiyalar (mo’ljallar)

Sanctions/PEP hit-rate:> 3% - eskalatsiya; FPR%:> 12% - kalibrlash hodisasi.
KYC fail%:> 15% sutkada - fallback/qo’lda VIP oqimini yoqish.
Dispo TAT:> 48 soat - ishlarni qayta taqsimlash va high-value ustuvorligini oshirish.
SAR/STR per 10k active: sakrash> medianaga 2 × - qoidalar/kampaniyalarning shoshilinch taftishi.
ETL success: <99% - sabablar tahlili, SRE/Compliance hisoboti.

11) Saqlash, foydalanish va audit

Retention: hisobotlar va reyestrlar - kamida X yil (siyosat bilan belgilanadi); SAR/STR - yurisdiksiyaga ko’ra (odatda uzoqroq).
PII-nazorat: maydonlarni minimallashtirish, subject_id taxallusini olish, eng kam imtiyozlar tamoyili bo’yicha foydalanish, majburiy audit logs ko’rib chiqish/eksport qilish.
Eksport: qabul qiluvchilarning oq roʻyxati; barcha tushirishlar imzolanadi va xeshlanadi; Oxirgi versiyalar uchun WORM ombori.

12) O’zgarishlarni boshqarish (Change/CAB)

Hisobot metriklari/qoidalaridagi o’zgarishlar CABdan o’tadi: biznes tavsifi, KRIlarga ta’siri, test tanlamalari, sandbox uchun A/B, kiritish sanasi, qaytarish rejasi.
Hisobotlarning versiyasi: report_version, changelog, qiyosiy tablar (v-1 vs v).

13) Vendorlar va shartnoma majburiyatlari

Onbordingdan oldin: due diligence (benefitsiarlarga nisbatan sanksiyalar/PER, ISO/SOC2, DPIA/DTIA, DPA/SCCs).
Foydalanishda: SLA choraklik tekshiruvlari, test alertlari, loglarni solishtirish, subprotsessorlarni fiksatsiya qilish.
Offboarding: kalitlarni/kirishlarni chaqirib olish, maʼlumotlarni olib tashlash/qaytarish, yopish dalolatnomasi va olib tashlashning to’liqligi to’g’risidagi hisobot.

14) Rollar va o’zaro hamkorlik

Head of Compliance (A): hisobotlarni tasdiqlash, tavakkal-ishtaha.
Compliance Analyst (R): hisobotlarni yig’ish/validatsiya/solishtirish/shakllantirish.
DPO/Legal (C): qayta ishlashning qonuniyligi, xabarnoma.
Payments/FRM (C): tranzaksiyalar, chargebacks, antifrod.
Security/SRE (C): hodisalar, kirish, loging, ETL barqarorligi.
Data/BI (R): modellar, vitrinalar, dashbordlar.
Support/VIP (I): RG/EDD keysi kommunikatsiyalari.

15) Dashbordlar va vizualizatsiya (minimal vidjetlar)

KYC Funnel: roʻyxatdan oʻtgan → KYC init → pass/fail → SoF/SoW.
Sanctions/PEP: hit-rate/FPR/TAT, roʻyxatlar versiyasi, ikkilamchi tekshiruvlar ulushi.

AML Alerts: qoidalar/segmentlar/mintaqalar bo’yicha; conversion alert→action; EDD ulushi

SAR/STR: filings dinamikasi, sabablari, to’lov usullari bo’yicha share.
SLA provayderlar: aptaym, latency, retrai, hodisalar.
DQ&ETL: xatolar, o’tkazib yuborishlar, payplaynlarning muvaffaqiyatlari, sifatli svetofor.

16) Hisobotning tayyorlik chek-varaqasi

  • Lineage va sxemalar versiyalari bilan maʼlumotlar toʻplami shakllantirildi
  • DQ-validatsiyalar va solishtirishlar o’tkazildi
  • Tasdiqlangan KRIs/KPIs va chegaralar
  • Legal/DPO review tugadi
  • Imzolangan/zaheshivlangan/arxivlangan
  • Adreslarga yuborildi, yetkazib berish daftarlari saqlandi

17) Ilovalar (shablonlar)

17. 1 SAR/STR kartochkasi (reyestr)

ID, sana, subyekt, mamlakatlar/usullar, summa, sabablar (rule_ids), EDD-choralar, qaror, fayling sanasi, tasdiqlash, javobgarlik, dalillarga havolalar.

17. 2 KYC (CSV) oylik hisobot namunasi


month;country;onboardings;kyc_pass;kyc_fail;avg_tat_min;liveness_dropout_pct;provider_sla_uptime;notes
2025-10;EE;14320;12688;1632;9.6;3.1;99.92;fallback activated 10/21

17. 3 Sanksiyalar/PER (CSV) bo’yicha hisobot shabloni


week;onboardings;screened;hits;fpr_pct;dispo_tat_min;list_ofac;list_eu;list_uk
2025-W43;11982;11982;252;9.1;42;2025-10-21;2025-10-18;2025-10-19

TL; DR

Barqaror AML/KYC-hisobot = standartlashtirilgan ma’lumotlar sxemasi + qat’iy DQ/solishtirmalar + tushunarli KRIs/KPIs va chegaralar + avtomatlashtirish ETL/SOAR + shaffof RACI va saqlash/audit. Bu tartibga solish xavfini kamaytiradi, tahdidlarga munosabatni tezlashtiradi va iGaming-biznesning barqarorligini saqlaydi.

Contact

Biz bilan bog‘laning

Har qanday savol yoki yordam bo‘yicha bizga murojaat qiling.Doimo yordam berishga tayyormiz.

Integratsiyani boshlash

Email — majburiy. Telegram yoki WhatsApp — ixtiyoriy.

Ismingiz ixtiyoriy
Email ixtiyoriy
Mavzu ixtiyoriy
Xabar ixtiyoriy
Telegram ixtiyoriy
@
Agar Telegram qoldirilgan bo‘lsa — javob Email bilan birga o‘sha yerga ham yuboriladi.
WhatsApp ixtiyoriy
Format: mamlakat kodi va raqam (masalan, +998XXXXXXXX).

Yuborish orqali ma'lumotlaringiz qayta ishlanishiga rozilik bildirasiz.