Implementing a Card Fraud Rule to Comply with the Interactive Gambling Act 2001

What is the Interactive Gambling Act 2001?

The Interactive Gambling Act 2001 (IGA) is a piece of Australian legislation designed to regulate and control online gambling activities. Its primary goal is to minimize the harm associated with gambling, especially in an online environment. One of the significant amendments to the IGA was introduced to ban the use of credit cards for online gambling transactions. This amendment aligns with the government’s efforts to reduce gambling-related debt and financial harm among Australian consumers and is aimed at preventing gamblers from using borrowed money they may not have the means to repay.

Understanding the Online Gambling Credit Card Ban

The amendment to the Interactive Gambling Act 2001 specifically prohibits the use of credit cards for online gambling transactions by Australian credit card holders. This means that Australian banks and financial institutions must ensure that credit cards issued by them cannot be used to fund online gambling activities. The ban is a proactive measure to protect consumers from falling into debt due to the easy availability of credit for gambling purposes.

So now you are an Analyst working in the Fraud Analytics team, how will you go about Implementing this Fraud Rule in a Bank: What Will This Rule Consist Of?

To comply with the amendment to the IGA, banks must implement a fraud detection rule within their systems. This rule would be designed to automatically block or decline any transaction attempts using an Australian-issued credit card for online gambling. The rule should be robust enough to detect and prevent such transactions effectively.

Key Components or features required for this Rule: 

1. Merchant Category Codes (MCC):

• Definition: MCCs are four-digit codes assigned to merchants based on the type of goods or services they provide. Online gambling sites have specific MCCs that can be identified. Identifying MCCs associated with online gambling (e.g., MCC 7995 for betting and wagering) is crucial. The system should be able to detect these MCCs and block the associated transactions automatically. 
• Example/Sample: A few merchant category codes for gambling establishments are 

• 7995 – BETTING, WAGERING, LOTTERY, GAMBLING TICKETS OR CHIPS 
• 7801 – GOVERNMENT LICENSED CASINOS (ONLINE GAMBLING)
• 7999 – AMUSEMENT/RECREATIONAL SERVICES NOT ELSEWHERE CLASSIFIED

• Usage: The fraud rule should flag and decline transactions involving MCCs associated with gambling and betting for these MCC’s when other conditions are satisfied. Not all merchants listed with these MCC codes are gambling/betting institutions or there are cases where businesses incorrectly list them under a different MCC, or they purposefully list them under a different category to avoid higher scrutiny or regulations.  

  2. Bank Identification Numbers (BIN):

• Definition: BINs are the first six digits of a credit card number that identify the institution that issued the card. The bank needs to obtain a list of all current and active Credit card BIN number ranges and cross reference them. The rule should specifically target BINs associated with Australian-issued credit cards. This ensures that the ban is enforced on all cards issued by Australian financial institutions. 
• Example/Sample: A few Australian issued credit card Bin numbers from both Visa and Mastercard are 407220, 450949, 456462, 456469, 546827.
• Usage: The rule should apply to transactions initiated with BINs that correspond to Australian-issued credit cards, ensuring that only these cards are subjected to the gambling ban.

3. Transaction Decline Codes:

• Definition: Decline codes are used by banks to explain why a transaction was rejected. Update the bank’s systems to reject all credit card transactions associated with the identified gambling establishment BIN ranges and identify the specific decline code to be used for this rule.

• Example/Sample: A few sample decline codes are 

• 05 / Do not honor 
• 93 / Violation, cannot complete 
• 57 / Transaction not permitted, card

• Usage: The rule should be configured to generate specific decline codes that indicate the transaction was rejected due to an attempt to use a credit card for online gambling. This transparency helps both the consumer and the bank understand the reason behind the declined transaction.

Additional Features to Ensure Compliance

• Real-Time Monitoring:
  • The system should be equipped to monitor transactions in real-time, allowing for immediate detection and blocking of prohibited gambling-related transactions.
• Regular Updates and Maintenance:
  • The fraud detection system should be regularly updated to account for new MCC codes, emerging gambling sites, a new Credit card offering with a different Bin range and evolving fraud tactics.
• Customer Communication:
  • It’s important to have clear communication channels to inform customers why their transaction was blocked, especially in the case of false positives where a legitimate transaction is incorrectly flagged.

Addressing False Positives and Merchants evading detection

• Few merchants may intentionally use a non-gambling MCC to evade detection, are additional controls required to prevent this? (MCC – 5945, 7311, 9406, are additional controls required to prevent this?
• Are there any Merchants incorrectly classified into the gambling category? How to identify them.

Implementing a robust fraud rule to comply with the amendment to the Interactive Gambling Act 2001 is crucial for Australian banks. By leveraging MCC codes, BIN ranges, decline codes, and other advanced signals, financial institutions can effectively enforce the ban on credit card use for online gambling. This not only helps in complying with the regulatory requirements but also protects consumers from the financial harm associated with gambling-related debt. Continuous monitoring, regular updates, and transparent communication are essential components of a successful implementation.