Lottery Scams
Last Updated: 06/08/2026
Protect your business with reliable and effective AML strategies with AML UAE.
Lottery Scams: Key Takeaways
Advance-fee fraud presented as a lottery prize is a well-established method for generating criminal proceeds through victim deception. Compliance teams carry STR reporting obligations under Federal Decree Law No. (10) of 2025, when indicators of this activity may appear. Scrutinise any account that receives multiple, unrelated inbound payments referencing prize fees or lottery releases.
What are Lottery Scams?
Lottery scams are a type of advance-fee fraud scheme in which perpetrators falsely inform targets that they have won a lottery, sweepstakes, or prize competition, then demand upfront fees before any winnings are released. The prize does not exist. Only the fees paid by victims are real, and those funds constitute proceeds of a criminal act, under the Federal Decree Law No. 10 of 2025 (FDL 10/2025), Article 2, any act of using, transferring, or concealing funds generated through a predicate offence amounts to money laundering.
The scheme is operationally simple. A victim receives a notification claiming they have won a substantial prize. The perpetrator then cites taxes, legal fees, customs duties, or administrative charges that must be paid before the prize can be transferred. Once the victim pays, a new fee is invented. This cycle continues until the victim refuses to pay further or depletes their funds.
Regulatory Framework related to Lottery Scams
FDL 10/2025 is the primary AML/CFT/CPF statute in the UAE. Article 2 criminalises money laundering as any act of acquiring, using, possessing, converting, transferring, or concealing funds that are proceeds of a predicate offence, including fraud.
Proceeds collected through a lottery scam, fees, prize taxes, and release charges paid by victims fall within this definition. Money laundering under Article 2 is an autonomous offence; prosecution of the predicate offence is not required, and knowledge of the specific predicate may be inferred from objective circumstances.
Article 19 of FDL 10/2025 places an obligation on all regulated entities to identify, assess, and manage their ML/TF risks. Cabinet Resolution No. (134) of 2025 operationalises these obligations through Articles 6 to 9 (CDD requirements), Article 17 (STR indicators), and Article 18 (STR reporting obligations).
Article 25 of CR 134/2025 requires all regulated entities to retain transaction and customer records for a minimum of five years. This obligation is directly relevant when investigating lottery scam flows through account histories.
Penalties for non-compliance are significant. Cabinet Resolution No. (71) of 2024 (CR 71/2024) sets administrative fines for STR reporting failures at up to AED 500,000. Failure to conduct adequate CDD carries fines of up to AED 200,000 under the same instrument. Criminal penalties under FDL 10/2025, Article 26, include imprisonment of one to ten years and fines of AED 100,000 to AED 5,000,000 for money laundering.
Primary Authority or Supervisory Body
The UAE Financial Intelligence Unit (UAEFIU), established under Article 11 of FDL 10/2025 as an independent unit within the Central Bank of the UAE (CBUAE), receives all suspicious transaction reports filed via the goAML platform. The UAEFIU analyses reported intelligence and disseminates financial intelligence to law enforcement and regulatory authorities. The Ministry of Economy and Tourism (MOET) supervises the majority of DNFBPs on the UAE mainland, while the Ministry of Justice (MoJ) supervises lawyers and notaries.
Reporting or Compliance Obligations and Channels of Lottery Scams
Regulated entities, including financial institutions, DNFBPs, and VASPs, must file a suspicious transaction report (STR) via the goAML platform without delay upon identifying indicators of lottery scam activity. The obligation is triggered by suspicion, not certainty. Article 18 of FDL 10/2025 requires reporting without delay. The regulated entity must avoid tipping off to the customer or any related party that an STR has been filed.
Where a customer is identified as a victim of a lottery scam rather than a perpetrator, the reporting obligation may still apply if the account has been used to facilitate the flow of scam proceeds. Each circumstance requires a case-by-case assessment of the available indicators.
Recent Developments, Enforcement Actions, or Supervisory Priorities
The UAE National Risk Assessment 2024 (UAE NRA 2024) rates fraud as a HIGH money laundering threat. The NRA specifically identifies impersonation fraud, Business Email Compromise (BEC), and pig butchering scams as active fraud typologies in the banking sector. The UAE’s National AML/CFT/CPF Strategy identifies combating financial crime as a priority, with a particular focus on fraud-related ML flows.
Regulatory Reference
Federal Decree Law No. (10) of 2025,Article 2 (Money Laundering Criminalisation) and Article 18 (STR Obligation); Cabinet Resolution No. (134) of 2025, Articles 17 and 18 (STR Indicators and Reporting); Cabinet Resolution No. (71) of 2024,STR and CDD Penalty Schedule
What does Lottery Scams Mean?
Think of a lottery scam as a promised gift that reverses the moment you reach for it. Each time a victim pays a fee, the prize appears closer but remains permanently out of reach. The scammer knows from the start that no prize exists. The fees themselves are the product. Once a victim’s funds reach the scammer’s accounts, the money begins its journey into the formal financial system through remittance transfers, cash withdrawals, and purchases across multiple jurisdictions.
Why Detecting Lottery Scams Matters
Lottery scam proceeds move rapidly. Once an advance fee payment leaves a victim’s account, it typically passes through multiple money transfer services within hours. By the time a compliance officer flags the transaction, the funds may already be in a different jurisdiction.
Financial institutions and DNFBPs that fail to meet the indicators face both regulatory and reputational consequences. STR non-filing under CR 71/2024 carries fines of up to AED 500,000 per violation. Accounts used to receive and forward lottery scam proceeds may also likely involve CDD failures; the customer’s stated profile will not match their transaction activity. CDD failures carry separate fines of up to AED 200,000 under the same instrument.
The compliance risk is compounded by the involvement of money mules. A money mule may appear to be an ordinary customer. Their account is used to receive and rapidly move proceeds, with no obvious connection to the organised crime group directing the scheme from another jurisdiction. This layered structure makes detection harder and increases the institutional exposure if the mule account passes CDD without challenge. Every compliance team that successfully identifies and reports a lottery scam account contributes to disrupting the broader financial flows of organised crime.
How Lottery Scams Work
Organised Crime Groups Construct the False Prize Narrative
An organised crime group designs the scam’s front-facing communication. They produce official-looking letters, emails, or text messages that notify the target of a large prize win. The notification references a credible-sounding lottery name, registration number, or awarding body. The group selects jurisdictions for the supposed lottery that have limited public registry information, making the claim difficult to disprove quickly.
The communication instructs the target to contact a claims agent. That agent is a member of the group or a contracted facilitator. The initial contact establishes trust through professional language and documentation before any money is requested.
Victims Submit Advance Fee Payments
Once trust is established, the claims agent introduces the first fee. Common labels include lottery tax, release fee, customs clearance charge, or legal processing cost. The amount is deliberately kept modest relative to the claimed prize. The target perceives the fee as a small investment to secure a large return.
Payment methods are selected to minimise traceability. Cash transfers via money transfer operators, peer-to-peer payment services, and prepaid stored-value instruments are commonly directed. If a victim questions the method, the agent explains that these channels are required by the lottery’s payment rules. Subsequent fees escalate in amount and frequency, often continuing until the victim’s resources are exhausted.
Money Mules Receive and Distribute Collected Funds
The fees paid by victims are directed to accounts controlled by money mules rather than to the organised crime group directly. A money mule is typically a recruited individual who either willingly or unknowingly allows their personal account to be used to receive and forward illicit funds. In lottery scam schemes, mule accounts may receive small payments from multiple victims simultaneously.
Within a short window after receipt, sometimes hours, the mule forwards the combined amount to a second account, often in a different country. This rapid onward transfer is a diagnostic indicator. Transaction monitoring systems that flag accounts with high inbound volumes from multiple unrelated parties, followed by immediate outbound transfers, are positioned to catch this pattern.
Proceeds Move Across Payment Channels and Jurisdictions
The organised crime group routes proceed through multiple channels to fragment the payment trail. Money remittance services, online payment platforms, and correspondent bank transfers are all used at different stages. Each jurisdictional hop reduces the clarity of the origin. The use of multiple payment channels within a short period is a documented indicator of layering.
Cross-border correspondent transaction data is one of the most valuable data sources for reconstructing these flows. Each payment instruction carries originator and beneficiary information that, when reviewed alongside KYC records, reveals inconsistencies between stated business purpose and actual account activity.
Funds Are Integrated Through Financial Products and Services
At the integration stage, the proceeds re-enter the economy through purchases, cash withdrawals, or transfers to accounts with a more legitimate-appearing profile. Personal checking accounts used to receive what appears to be business income, combined with outward transfers to accounts in secrecy jurisdictions, are a characteristic final stage. The organised crime group retains the value after deducting the mule’s fee or converting the funds into cash or other instruments.
Real-World Examples of Lottery Scams
The Remittance Hub Scheme
An organised crime group operating from a jurisdiction with limited financial oversight establishes a network of money mule accounts across three countries. Each mule account is registered in the name of a legitimately identified individual who has consented to receive payments in exchange for a percentage of the incoming funds. The group contacts victims through social media and email, claiming they have won an international prize. Victims are instructed to pay release fees by transferring funds via a named money transfer operator to the mule accounts.
Over a four-week period, forty-seven victims transferred amounts ranging from USD 200 to USD 3,500 each. The mule account shows frequent inbound payments from unrelated individuals across multiple countries, followed within twenty-four hours by outbound transfers to accounts in a third jurisdiction. The mule account’s KYC profile describes the customer as a private individual with no stated business.
A transaction monitoring alert flagging the volume and frequency of inbound transfers leads a compliance officer to freeze the account and file an STR.
The lesson: lottery scam flows create a distinctive inbound pattern, multiple small payments, unrelated senders, and rapid outward transfer that is detectable at the account level if transaction monitoring rules are calibrated for volume and frequency.
The Online Platform Aggregation Scheme
A criminal network uses an online payment platform to aggregate victim fee payments across a dozen active scam campaigns. Each campaign uses a different lottery name, but all funds are directed to the same set of receiving accounts. The platform’s transaction records show numerous deposits referencing ‘prize processing’, ‘lottery administration’, and ‘award release’. The originating accounts belong to individuals in multiple countries. None of the receiving accounts has a documented lottery licence or regulatory approval.
The platform’s compliance team identifies the concentration of lottery-referencing transactions into a small number of accounts during a routine transaction monitoring review. A pattern of identical reference text across unrelated senders is a strong indicator of a coordinated scheme. The compliance team restricts the accounts and files an STR.
The operational lesson: reference text normalisation within transaction monitoring systems, grouping transactions by similar payment references, provides a detection layer that amount-based rules alone cannot deliver.
The Peer-to-Peer Dispersal Network
An organised crime group instructs victims to send their advance fee payments using peer-to-peer payment applications, citing ease and speed. Each victim sends a small amount to what appears to be a private individual. The receiving accounts on the P2P platform rapidly push funds to bank accounts at a regulated financial institution. The bank accounts show patterns of frequent, small incoming transfers followed by rapid outflows via multiple different money remittance services.
A compliance officer conducting an enhanced due diligence review on one of the receiving accounts discovers that the customer’s stated income does not match the volume of incoming transfers. The customer cannot explain the origin of the funds. Multiple victims have referenced the same receiving account number in complaints filed with consumer protection agencies. The financial institution terminates the relationship and files an STR.
The lesson: peer-to-peer and mobile payment platforms create a layering step that disguises the aggregated nature of advance fee collections; detecting the pattern requires follow-through to the bank accounts that receive consolidated P2P outflows.
How Do Lottery Scams Facilitate Money Laundering?
Lottery scams are a direct instrument of illicit acquisition: the tactic is Illicit Acquisition, meaning the criminal proceeds are generated through deception rather than through a legitimate commercial transaction. The scheme converts victim funds, which are lawfully held by their owners, into criminal proceeds the moment the deception succeeds and the fee is paid under false pretences.
Once those funds are in the hands of a money mule or the organised crime group, they are immediately subject to a layering process. Transfer instructions, reference codes, and account structures are rotated to prevent any single financial institution from seeing the full picture of the flow. The advance fee payment is typically small in isolation, but aggregates across hundreds or thousands of victims into material sums that justify the infrastructure the criminal group maintains. The speed of the flow is the key characteristic: placement and layering often occur within the same transaction cycle, leaving a very narrow window for detection and intervention.
How Do Criminals Exploit Lottery Scams?
Money mules are the primary operational layer between the criminal group and the financial system. A money mule provides their account and identity to receive victim payments, then forwards those payments on instruction. Some mules are fully aware of their role; others are themselves deceived into participating through job fraud or romance scams. Either way, the mule’s account absorbs the direct regulatory exposure while the organised crime group remains at a distance from any institution’s scrutiny.
Organised crime groups design and manage the scheme’s infrastructure. They operate multiple active scam campaigns simultaneously, often from jurisdictions that limit international information-sharing. They manage the front-facing communications, recruit and direct money mules, and select the payment channels used at each stage. Crucially, they exploit the cross-border nature of the scheme to distribute the trail across multiple supervisory jurisdictions. No single compliance team sees the complete picture. Each institution sees only one link in a chain that spans multiple countries and financial systems.
What Are the Red Flags That Identify Lottery Scams?
| Category | Red Flag Indicator |
| Customer | Customer claims to operate an international lottery but cannot produce a licence, regulatory registration, or verified authorisation from any recognised gaming authority. |
| Customer | The entity describes itself as engaged in sweepstakes management activities but is domiciled in a jurisdiction with no credible regulatory oversight of lottery or prize operations. |
| Customer | Customer profile occupation, income, and business type are inconsistent with the volume and frequency of lottery-referencing fund movements through the account. |
| Customer | Beneficial ownership documentation for an entity claiming lottery operations is incomplete, unavailable, or contradicts filings in other jurisdictions. |
| Transaction | Multiple incoming payments from unrelated individuals, each referencing ‘lottery fees’, ‘prize taxes’, ‘release charges’, or similar terms, flow into a single personal account. |
| Transaction | Frequent outbound transfers are labelled as ‘lottery winnings’ or ‘prize disbursements’ but lack supporting documentation, player records, or payment schedules that a licensed operator would maintain. |
| Transaction | Incoming payments referencing prize or fee releases are followed immediately by outgoing transfers to accounts in third countries, with no holding period. |
| Transaction | Payments from multiple victims, each making a lottery-related transfer, all reference the same personal account number as the receiving account. |
| Geographic | Lottery-related fund flows, including fraud, originate from or are directed to jurisdictions identified as high-risk under the UAE NRA 2024 or on international high-risk country lists. |
| Geographic | The entity’s claimed lottery jurisdiction has no publicly accessible registry of licensed lottery operators that would allow the entity’s registration to be verified. |
| Geographic | Cross-border transfers referencing lottery winnings move through multiple correspondent banking chains with no discernible commercial rationale for the routing. |
| Product | Prepaid stored-value instruments or cash are used to receive or forward lottery release fee payments in preference to traceable bank transfers. |
| Product | A personal checking account is used as the collection point for lottery-related business income, with no business account relationship established. |
| Channel | Multiple money remittance services or money transfer operators are used in rapid succession to forward lottery-referencing proceeds, rotating through services to avoid any single channel’s monitoring thresholds. |
| Channel | Peer-to-peer payment applications are used to collect advance fee payments from victims before aggregating the proceeds into a bank account at a regulated institution. |
| Channel | Frequent usage of online payment platforms to collect small lottery-referencing payments from numerous unrelated individuals is not accompanied by any documented promotional, operational, or gaming licence. |
Which Controls Counter Lottery Scams?
| Control | What It Disrupts | Detects / Prevents / Deters | Specific Limitation |
| Customer Due Diligence (CDD) | Account opening by mule accounts with false profile information | Detects profile inconsistencies at onboarding | Cannot detect mule accounts where the identity is genuine, and the mule’s consent is withheld from the institution. |
| Enhanced Due Diligence (EDD) | Escalation of scrutiny for high-risk customers and jurisdictions | Detects undisclosed fund sources and inconsistent business activity | Depends on risk-rating accuracy at the CDD stage |
| Transaction Monitoring | Accounts receiving multiple small inbound payments from unrelated senders | Detects volume, frequency, and reference text anomalies | Standard threshold-based rules may not be calibrated for low-value, high-frequency patterns |
| Ongoing Due Diligence | Profile drift between stated purpose and actual activity | Detects accounts whose transaction behaviour diverges from their risk profile over time | Requires periodic review cycles that may lag behind active schemes |
| Suspicious Activity Reporting (SARs/STRs) | Criminal group’s ability to move proceeds undetected | Deters by creating a reporting chain that alerts the UAEFIU | STR quality depends on the specificity of the indicator documentation |
| OSINT and External Source Verification | False lottery operator identity claims | Detects where a claimed operator has no verifiable public presence | Only effective if the compliance team uses external verification as a standard CDD step |
| Country Risk Assessment | Accounts with high-risk jurisdictional connections | Deters by applying EDD triggers to lottery-referencing flows from high-risk geographies | Does not address domestic lottery scam flows where no cross-border element exists |
| Service Restriction | Continued operation of high-risk accounts | Prevents further proceeds from accumulating in a flagged account | May alert the account holder before an STR investigation is complete |
| Client Relationship Termination | Persistent use of an account for lottery scam proceeds | Removes the institution’s exposure from a confirmed mule account | Takes effect after the risk has already materialised |
| Staff AML Training and Awareness | Front-line staff failing to escalate lottery-referencing enquiries | Deters by equipping staff to identify verbal or written indicators | Effectiveness depends on training frequency and the specificity of the typology content |
| Customer Education and Awareness | Victim payments reaching mule accounts in the first place | Deters by informing potential victims before they make a payment | Does not address perpetrators and has no direct AML detection function |
How Do AI and RegTech Automate Detection of Lottery Scams?
Transaction monitoring systems detect lottery scam activity most effectively when rules are designed for behavioural patterns rather than individual transaction amounts. A single advance fee payment of USD 300 will not trigger a standard threshold alert. However, forty payments of USD 300 arriving within five days from forty unrelated senders, each referencing prize or lottery terminology, is a clear signal.
AI-driven transaction monitoring systems apply natural language processing (NLP) to reference text fields in payment instructions, clustering transactions that share key terminology regardless of the sender or amount.
Network analytics tools map the relationships between accounts. When a single receiving account is connected to dozens of sending accounts that have no other relationship with each other, the network graph flags a hub-and-spoke structure consistent with advance fee collection. Graph analytics applied to cross-institution data, where available through supervisory information-sharing frameworks, extend this detection capability across multiple financial institutions simultaneously.
Machine learning anomaly detection identifies accounts whose transaction velocity, volume, and counterparty diversity diverge sharply from a modelled baseline for their customer segment.
A private individual’s account that suddenly begins receiving fifty inbound transfers per week from unrelated parties in multiple countries sits far outside the behavioural envelope that a machine learning model would expect.
These anomaly signals can be escalated automatically to compliance analysts for review, prioritising the highest-divergence cases.
Adverse media screening tools using NLP scan regulatory announcements, fraud databases, and news sources for mentions of lottery scam networks. Where a customer name, account number, or registered address matches a publicly documented scam entity, the screening flag can trigger an immediate EDD review before any transaction is processed.
What Data Should Compliance Teams Collect to Detect Lottery Scams?
| Data Point | Source System | What It Reveals about Lottery Scams |
| Inbound payment reference text | Core banking/payment processing platform | Identifies clusters of lottery, prize, or fee terminology across multiple incoming transactions to a single account |
| Sender identity and country of origin | KYC platform/transaction monitoring | Reveals whether inbound payments originate from a diverse set of unrelated individuals across multiple countries, consistent with a victim pool |
| Transaction velocity and frequency | Transaction monitoring system | Detects the abnormal pattern of multiple small inbound payments received within a compressed time window |
| Onward transfer timing and destination. | Core banking/correspondent banking records | Identifies the rapid forward movement of funds to external accounts immediately after receipt, a layering indicator |
| Correspondent and cross-border transaction data | Correspondent banking platform / SWIFT data | Reconstructs the international routing of lottery scam proceeds across jurisdictions |
| Customer KYC profile versus actual activity | KYC platform / CDD records | Reveals mismatches between the customer’s stated occupation, income, and business purpose and the actual volume and nature of transactions |
| Fraud database and shared intelligence data | Fraud data repository/law enforcement referrals | Identifies whether the account or its counterparties have been flagged in previous fraud investigations |
| Geographical risk data | Geographical and jurisdictional risk data system | Contextualises transfers referencing lottery activity that involves high-risk jurisdictions identified in the UAE NRA 2024 |
How Do Lottery Scams Aggravate Channel Risk and Jurisdictional Risk?
Channel Risk is elevated by lottery scam typologies because the scheme specifically selects payment channels that maximise obscurity.
Perpetrators direct victims to use money transfer operators, peer-to-peer payment platforms, prepaid instruments, and online payment services in preference to direct bank transfers.
Each channel operates under different oversight frameworks and reporting thresholds. By rotating between channels and jurisdictions, the criminal group ensures that no single institution sees a complete picture of the flow.
An institution that provides money remittance services without calibrated transaction monitoring for lottery-referencing reference text faces disproportionate channel risk exposure.
Jurisdictional Risk compounds the channel risk. Lottery scam operations are designed to exploit regulatory asymmetries between countries.
The supposed lottery is attributed to a jurisdiction with no credible gaming authority. The mule account is in a second jurisdiction. The victim population is spread across a third set of countries. The receiving accounts for the forwarded proceeds are in a fourth jurisdiction.
Compliance teams that assess jurisdictional risk only at onboarding, rather than continuously across transaction flows, are particularly vulnerable.
How Can Compliance Officers Identify Lottery Scam Accounts?
Indicators of lottery scam activity at the account level include: an account receiving inbound payments from multiple, unrelated individuals whose only common attribute is a lottery-referencing payment description; an entity claiming to operate a lottery or sweepstakes business without any verifiable licence, public registration, or physical presence in the jurisdiction of the claimed lottery; the rapid onward transfer of combined inbound balances to accounts in high-risk or secrecy jurisdictions without any documented business rationale; and frequent use of money remittance services across multiple jurisdictions by an account that has no correspondent banking or international business profile that would justify the cross-border activity.
Indicators at the customer level include: a customer who cannot explain the source of multiple incoming payments; a customer whose income and occupation stated at onboarding do not support the volume of lottery-referencing credits to their account; and a customer who receives payments from individuals later identified by law enforcement or supervisory authorities as lottery scam victims.
Who Is Affected
Lottery scam exposure is not limited to consumer-facing institutions. Any regulated entity in the payment chain, such as financial institutions, money transfer operators, online payment platforms, peer-to-peer service providers, and DNFBPs that handle high-volume cash transactions, is at risk of processing lottery scam proceeds through accounts that appear to serve legitimate customer needs.
Money mule accounts are held at retail banks and credit unions. Victim payments pass through remittance operators and P2P platforms. The organised crime group directing the scheme may maintain accounts at correspondent banks and commercial lenders in multiple jurisdictions. Each entity in the chain carries an independent AML compliance obligation under FDL 10/2025 and CR 134/2025, regardless of whether it is proximate to the originating fraud or merely an intermediate link in the proceeds flow.
Sectors at Highest Exposure
| Sector | Risk Rating | Reasoning |
| Money Transfer and Remittance Services | Critical | Lottery scam proceeds move primarily through remittance channels; multiple transfers between the same counterparties in quick succession are a primary detection point. |
| Online Payment Platforms and P2P Services | Critical | These platforms are the collection point for advance fee payments from victims; their accessibility and limited face-to-face CDD create high exposure. |
| Retail Banking (Personal Accounts) | High | Mule accounts are typically personal checking accounts at retail banks; the bank absorbs the exposure from the account being used to forward proceeds. |
| Commercial Gaming and Sweepstakes | High | Entities claiming legitimate gaming operations may be fraudulent lottery fronts; licensing verification is an essential CDD step for this sector. |
| Money Service Businesses (MSBs) | High | Cash exchange and hawala operators may be used at the final integration stage to convert proceeds to cash or transfer value informally. |
Geographies and Contexts of Concern
The UAE NRA 2024 identifies fraud as a HIGH ML threat, which encompasses advance fee schemes such as lottery scams, reflecting the UAE’s role as an international financial hub with diverse transaction flows. Cross-border correspondent transaction data involving jurisdictions listed on FATF’s high-risk country lists, as updated by the NAMLCFTC, is particularly relevant for lottery scam detection. Jurisdictions with no effective gambling regulation or no public registry of licensed lottery operators present an elevated risk when cited as the source of a customer’s lottery-related income claims.
UAE-based compliance teams should apply heightened scrutiny to any account receiving inbound remittances referencing prize or lottery terminology from countries that do not appear on a legitimate licensed lottery operator database.
Best Practices for Lottery Scams Risk Management
- Implement reference text monitoring rules in transaction monitoring systems. Configure alert rules to flag inbound transactions containing lottery-related terminology, prize, release fee, lottery winnings, or sweepstakes, regardless of individual transaction amount, with a secondary rule for volume aggregation across a defined time window.
- Require documentary evidence of a valid gaming licence for any customer claiming to operate a lottery, sweepstakes, or prize competition. At onboarding, any entity describing lottery-related activity should be required to produce a verifiable gaming licence from a recognised regulatory authority.
- Apply country risk assessment to all lottery-referencing cross-border flows. Where inbound payments referencing lottery activity originate from jurisdictions with no credible gaming regulation, the transaction should automatically trigger an EDD review.
- Train frontline and customer-facing staff to recognise verbal and written indicators of lottery scam activity. Staff who receive customer requests to transfer funds described as ‘lottery fees’ or ‘prize claims’ should be equipped to escalate before completing the transaction.
- Conduct OSINT verification for all customers claiming lottery or sweepstakes operations. Use open-source verification tools to check whether the customer’s claimed lottery entity exists in the public registry of the relevant jurisdiction, has a licensed presence, and has a verifiable digital footprint consistent with a legitimate operator.
- Apply enhanced due diligence to all personal accounts exhibiting hub-and-spoke inbound transaction patterns. An account receiving inbound transfers from five or more unrelated senders within a defined period should be reviewed against the customer’s stated purpose and income.
- Implement ongoing due diligence reviews calibrated to detect profile drift. Periodic CDD refresh cycles should compare the customer’s current transaction profile against their CDD baseline. CR 134/2025, Article 8 requires that the CDD profile be updated when the risk profile changes.
- File STRs promptly upon identifying lottery scam indicators; do not delay pending certainty. The obligation under FDL 10/2025, Article 18, is triggered by suspicion, not proof. A compliance team that delays an STR while seeking to verify whether a lottery is genuine risks breaching the reporting obligation.
- Terminate client relationships where lottery scam involvement is confirmed. Once a compliance team confirms that an account has been used to receive and forward lottery scam proceeds, client relationship termination is appropriate. Documentation must be retained for a minimum of five years under Article 25 of CR 134/2025.
- Use Suspicious Activity Report data to refine transaction monitoring rules. After each STR referencing lottery scam activity, the compliance team should review the specific indicators that triggered the report and assess whether existing rules would have flagged the account earlier.
How Lottery Scams and Fraud Are Related
Lottery scams are a specific variant of fraud, classified in the AML taxonomy as a sub-technique of Fraud. The parent typology, fraud, encompasses any scheme in which a perpetrator obtains funds or property through deception. Lottery scams operationalise this through a specific mechanism: the false promise of a prize to induce voluntary advance fee payments from victims.
The distinction matters for detection because lottery scams have a characteristic payment structure, multiple small inbound transfers referencing prize or fee terminology, that differs from other fraud variants such as invoice fraud, impersonation fraud, or Business Email Compromise. A compliance team that recognises the lottery scam payment pattern as a subset of advance fee fraud can apply targeted transaction monitoring rules calibrated for its specific indicators, rather than relying on broad fraud detection logic that may miss the low-value, high-frequency signature of this typology.
Proceeds derived from fraud, including lottery scam schemes, may constitute proceeds of a predicate offence under Article 2 of FDL 10/2025 and therefore be subject to the UAE’s anti-money laundering framework. Any institution that detects lottery scam flows is therefore simultaneously detecting potential money laundering, and the STR and CDD obligations apply with the same force as for any other ML typology.
Related Term
| Related Term | Connection |
| Fraud | Parent typology: lottery scams are an advance fee fraud variant within the broader fraud category |
| Money Mules | Primary operational actor in the lottery scam proceeds collection and distribution. |
| Transaction Monitoring | Key detection control; rule calibration for lottery-referencing reference text is essential. |
| Customer Due Diligence | Required at onboarding and ongoing; first gate for identifying mule accounts. |
| Enhanced Due Diligence | Applied when lottery scam indicators trigger a risk escalation |
| Suspicious Transaction Report | The mandatory reporting mechanism when lottery scam indicators are identified |
| Advance Fee Fraud | A broader category that encompasses lottery scams alongside other fee-extraction schemes |
| Correspondent Banking | Cross-border correspondent flows carry lottery scam proceeds across jurisdictions. |
Related Process or Typology
| Related Process or Typology | Connection |
| Advance Fee Fraud | Lottery scams are the prize-notification variant of advance fee fraud. |
| Business Email Compromise | Both generate fraud proceeds through deception; BEC targets business accounts, while lottery scams target individuals. |
| Money Mule Recruitment | Lottery scam proceeds move through recruited or deceived mule accounts. |
| Trade-Based Money Laundering | A potential method for laundering lottery scam proceeds through trade transactions |
Related Control or Obligation
| Related Control or Obligation | Connection |
| STR Reporting Obligation | FDL 10/2025 Art. 18 requires reporting without delay |
| CDD Requirements | CR 134/2025 Arts. 6-9 require profile and activity consistency checks |
| Record Keeping | CR 134/2025 Art. 25 requires five-year retention of transaction records. |
| Country Risk Assessment | CR 134/2025 Art. 5 EWRA must incorporate jurisdictional risk relevant to lottery scam geographies. |
What Financial Instruments Do Criminals Use in Lottery Scams?
Bank accounts are used at both the mule receipt stage and the integration stage. A mule account at a retail bank receives advance fee payments from multiple victims and then executes outbound transfers to accounts in other jurisdictions. Compliance teams treating bank accounts as low-risk by default will miss the mule account pattern unless transaction monitoring is specifically designed for the high-inbound, rapid-outbound signature.
Cash appears at the integration stage, when proceeds are withdrawn in cash from ATMs or over the counter at retail branches, thereby severing the electronic transaction trail. Cash withdrawals following a period of high-volume inbound transfers are a diagnostic indicator.
Prepaid and other stored-value payment instruments are used at the collection stage to receive advance fee payments from victims who may not have access to bank accounts or who are directed by the perpetrators to use specific channels. Prepaid cards and e-wallets with limited CDD requirements allow criminals to receive value with minimal identity verification on the recipient side.
Related Term
| Variant or Synonym | Context or Jurisdiction | Distinction from Primary Term |
| Advance Fee Fraud | Global | A broader category that encompasses all fee-extraction schemes, including lottery, inheritance, and business opportunity fraud |
| 419 Fraud | West Africa origin; global usage | Named after Section 419 of the Nigerian Criminal Code, it is historically associated with lottery and inheritance scams originating from West Africa. |
| Prize Scam | Global | Describes the same lottery notification mechanism; focuses on the prize rather than the fee as the defining element |
| Sweepstakes Fraud | North America; global usage | The sweepstakes label is used when the false prize is described as a sweepstakes win rather than a lottery jackpot. |
| Lottery Fraud | Global | Used interchangeably with Lottery Scams; emphasises the fraudulent nature of the lottery claim |
| Inheritance Scam | Global | A related advance fee variant in which the false premise is an inheritance rather than a lottery prize; the fee extraction mechanism is identical |
What Products and Services Do Criminals Abuse in Lottery Scams and Schemes?
Money transfer and remittance services are the primary channel through which advance fee payments are moved between victims and mule accounts, and between mule accounts and the organised crime group’s receiving accounts. The speed of remittance transfers, combined with the cross-border nature of many operators, means that funds can be in a second jurisdiction within minutes of a victim’s payment.
Online payment platforms allow perpetrators to collect advance fee payments from large numbers of victims simultaneously, often without requiring the recipient account to undergo rigorous CDD. The digital nature of these platforms, combined with their global reach, makes them well-suited to lottery scam operations that target victims across multiple countries.
Peer-to-peer payment systems provide a low-friction mechanism for victims to send small amounts to individual receiving accounts. The social framing of P2P applications, designed for friend and family transfers, creates a trust environment that perpetrators exploit. Victims perceive P2P payments as informal and easily reversible, whereas in practice, the transfers are immediate and irrevocable.
Personal checking accounts serve as the mule account at the receiving end of the advance fee flow. A personal checking account has a straightforward CDD profile, making it an effective disguise for funds that are commercial in nature. Perpetrators specifically direct mule accounts to present as personal rather than business accounts to minimise the CDD scrutiny applied at onboarding.
How AML UAE Helps Manage Lottery Scam Risks
The detection gap that lottery scam typologies exploit is specific: most transaction monitoring systems are calibrated for transaction amounts, not for the behavioural and reference text patterns that define advance fee fraud flows. AML UAE assists financial institutions and DNFBPs in closing that gap through targeted typology training, calibrated risk framework design, and compliance programme assessments that test the specific control gaps this typology creates.
AML UAE’s AML training programmes include dedicated coverage of advance fee fraud typologies, with case-based learning that equips front-line staff to identify verbal and written indicators before a transaction is processed. Training content is updated to reflect current UAE NRA findings and supervisory priorities, including the UAE’s classification of fraud as a HIGH ML threat.
For institutions seeking to assess whether their transaction monitoring rules are positioned to detect lottery scam patterns, AML UAE offers compliance framework reviews that benchmark rule sets against documented typology signatures. Where gaps are identified, AML UAE supports the design and implementation of enhanced alert logic, including reference text-based rules and counterparty diversity monitoring.
Compliance teams that need to strengthen their CDD processes for high-risk customer categories, including money transfer operators and online payment platforms, can engage AML UAE for CDD programme design aligned with CR 134/2025 Articles 6 to 9 and the MOET supervisory expectations set out in the UAE NRA 2024 framework.
Closing Summary
Lottery scams generate criminal proceeds through deception, and those proceeds carry the full weight of the UAE’s AML legal framework from the moment they enter the financial system. Financial institutions and DNFBPs that handle accounts involved in advance fee fraud flows face simultaneous exposure.
The reporting obligation arises at the point of suspicion, not the point of certainty. Acting promptly and documenting the indicators that supported the STR decision is the foundation of a defensible compliance position.
The indicators of lottery scam activity are detectable. Multiple small inbound payments from unrelated individuals, each referencing prize or fee terminology, followed by rapid outbound transfers to external accounts, is a signature pattern.
Transaction monitoring rules calibrated for this signature, supplemented by reference text analysis, counterparty diversity monitoring, and regular OSINT verification of claimed lottery operators, position an institution to identify this typology before the proceeds complete their layering journey.
The investment required to detect lottery scam activity is primarily in rule design and staff training, not in new technology. Compliance teams that review their existing monitoring configurations against the typology’s documented behavioural signature, and that equip front-line staff with the knowledge to escalate verbal indicators before a transaction is processed, will close the detection gap that this typology exploits.
The lottery scam detection failure we see most consistently is a threshold problem. Compliance teams have built monitoring for large transactions, but the fees for lottery scams are deliberately small. What distinguishes this typology is not the size of any individual payment but the structural pattern: many payments, many unrelated senders, identical or similar reference text, and immediate outflow. Until teams configure rules for that pattern rather than for amounts alone, the typology will continue to move through monitoring systems undetected.
Pathik Shah - CAMS, FCA, CISA | Founder and Principal Consultant, NIYEAHMA Consultants LLP
Frequently Asked Questions
A lottery scam is an advance-fee fraud typology in which perpetrators falsely notify victims they have won a prize, then extract upfront fees before any winnings are released. In AML, it is classified as a predicate offence typology under Federal Decree Law No. (10) of 2025, Article 2, because the fees collected constitute proceeds of fraud. Any financial institution that handles accounts receiving or forwarding those proceeds is exposed to ML risk and associated compliance obligations.
FDL 10/2025, Article 2 criminalises the use, transfer, or concealment of funds that are proceeds of a predicate offence. Fraud, including the advance fee fraud mechanism of lottery scams, is a predicate offence. Once victim fee payments are received into a mule account and forwarded, the act of transferring those proceeds constitutes money laundering under UAE law. The institution handling the mule account faces both an STR obligation and potential liability for AML control failures.
The most reliable first indicator is multiple inbound transfers from unrelated individuals, each referencing prize fees, lottery taxes, or release charges. A single such transfer may appear as an unremarkable personal payment. The pattern, multiple senders, similar reference text, no commercial relationship between the senders, is the diagnostic signal. Transaction monitoring rules calibrated for reference text clustering and counterparty diversity will surface this pattern before it reaches a material threshold.
All STRs must be filed with the UAE Financial Intelligence Unit (UAEFIU) via the goAML platform, as established under Article 11 of FDL 10/2025. The UAEFIU is an independent unit within the Central Bank of the UAE. For MOET-supervised DNFBPs, the Ministry of Economy and Tourism also has supervisory oversight of the STR obligation.
A legitimate prize promotion is operated by a licensed entity in a jurisdiction with gaming regulation, is based on a genuine random or skill-based selection process and requires no advance fee payment from a winner. A lottery scam requires the alleged winner to pay fees before receiving their prize, cannot produce a valid gaming licence, and will not refund fees if the prize is not delivered. The advance fee payment requirement is the single clearest distinguishing indicator.
A money mule who knowingly receives and forwards funds that are proceeds of a predicate offence may be liable for money laundering under FDL 10/2025, Article 2, and Article 26, which provides for imprisonment of one to ten years and fines of AED 100,000 to AED 5,000,000. The knowledge element is assessed on the facts. A mule who was themselves deceived into participating may have a partial defence, but this does not remove the financial institution that handled the account’s reporting or investigation obligation.
First, request documentary evidence of the lottery: the official notification, the lottery operator’s licence, and the basis for the customer’s selection as a winner. If the documentation is absent, contradictory, or cannot be externally verified, escalate to EDD and consider an STR. Ongoing due diligence should assess whether subsequent inbound flows are consistent with a genuine prize payment or with a continuing advance fee collection operation.
Individual advance fee payments are typically small. A single payment of USD 200 or USD 500 will not trigger a standard amount-based threshold alert. The risk arises from aggregating dozens or hundreds of such payments into a single receiving account. Transaction monitoring systems that rely exclusively on per-transaction amount rules will miss this pattern. Effective detection requires rules that aggregate inbound volume across a defined time window and apply reference text analysis to identify lottery-related terminology clustering.
Prepaid and stored-value instruments present a heightened risk in lottery scam flows because they can be loaded and used across borders with limited counterparty identification. UAE-regulated entities that issue or facilitate prepaid instruments must apply proportionate due diligence to high-volume or lottery-referencing prepaid transactions.
The UAE NRA 2024 rates fraud as a HIGH money laundering threat, placing it alongside drug trafficking as the country’s most significant predicate offence category. The NRA specifically identifies impersonation fraud, Business Email Compromise (BEC), and pig butchering scams as active fraud typologies in the banking sector. Compliance teams must ensure that their Enterprise-Wide Risk Assessment (EWRA) under CR 134/2025, Article 5, reflects this national-level threat rating.
Front-line staff, particularly those in customer service, account opening, and payment operations, should be trained to recognise verbal and written lottery scam indicators, including customer requests to transfer funds described as prize fees or lottery taxes, inbound payments from unrelated parties referencing prize terminology, and customers who cannot explain the source of multiple incoming third-party transfers. Training should include a scripted escalation path that directs the indicator to the compliance function without alerting the customer.
Ongoing due diligence requires compliance teams to compare the customer’s current transaction profile against their CDD baseline at periodic intervals. An account that was opened for personal banking and has since begun receiving multiple third-party inbound transfers referencing prize or lottery terminology represents a material change in risk. CR 134/2025, Article 8 requires that the CDD profile be updated when the risk profile changes.
Protect Your Business from Lottery Scam Flows
Discover the warning signs of lottery-related fraud and strengthen your monitoring, CDD, and reporting response.
Share via :
About the Author
Pathik Shah
FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)
Pathik is an ACAMS-certified AML consultant specialising in governance, risk, and compliance for regulated entities in the UAE. He brings over 28 years of experience, with 1,000+ hours of AML training and 200+ advisory engagements across DNFBPs, VASPs, and FIs. He supports businesses in aligning with AML/CFT requirements from the CBUAE, DFSA, MoET, MoJ, VARA, CMA, FSRA, and FATF. Known for translating complex regulations into audit-ready procedures, Pathik enables operational clarity and compliance readiness.
Reach Out to Pathik