Tenn. Comp. R. & Regs. 1350-03-.04 - SEGREGATION OF DUTIES
(1) Each Licensee
shall maintain an organizational structure that meets the following minimum
criteria designed to preserve the integrity of the Interactive Sports Gaming
operation:
(a) A system of personnel and chain
of command which permits management and supervisory personnel to be held
accountable for actions or omissions within their area of
responsibility;
(b) The segregation
of incompatible functions so that no employee is in a position either to commit
an error or perpetrate a fraud or to conceal an error or fraud in the normal
course of his or her duties;
(c)
Primary and secondary supervisory positions which permit the authorization or
supervision of necessary transactions at all relevant times; and
(d) Areas of responsibility that are not so
extensive as to be impractical for one individual to monitor.
(2) In addition to satisfying the
above requirements, each Licensee's organizational structure shall include, at
a minimum, the following functions, responsibilities, and supervisory roles:
(a) Accounting.
1. Each Licensee shall have one or more
individuals responsible for and dedicated to verifying financial transactions,
and reviewing and controlling accounting forms and data. This function, which
is sometimes referred to as "income or revenue audit," shall be independent of
the transactions under review.
2.
Key Personnel serving as accounting officer, or equivalent, shall supervise the
accounting functions, responsibilities, and supervisory roles as provided for
in this section.
(b)
Interactive Sports Gaming.
1. Each Licensee
shall have Interactive Sports Gaming functions, responsibilities, and
supervisory roles for Interactive Sports Gaming, which shall be responsible for
the conduct of the Interactive Sports Gaming in accordance with the
Rules.
2. Interactive Sports Gaming
shall be supervised by a management-level employee who ensures that there is
sufficient supervision, knowledge, and training to provide for the proper and
fair conduct of sports gaming.
3.
Key Personnel shall supervise the Interactive Sports Wagering functions,
responsibilities, and supervisory roles as provided for in this
section.
(c) Internal
Audit.
1. Each Licensee shall maintain an
Internal Audit function for Interactive Sports Gaming either through an
employee serving as internal auditor with sufficient background and experience
to fulfill the role, through the use of company Internal Audit, or through
outsourcing of this function. The Internal Audit function shall be responsible
for, without limitation, the following:
(i)
Reviewing and appraising the adequacy of internal controls;
(ii) Ensuring compliance with internal
controls through observations, interviews and review of accounting
documentation; and
(iii) Reporting
instances of non-compliance with the system of internal controls.
2. Reporting of any material
weaknesses in the system of internal controls.
3. Recommending improvements in the system of
internal controls.
4. If maintained
in-house, the Internal Audit function shall be supervised by Key Personnel
serving as accounting officer, or equivalent.
5. The Internal Audit function shall maintain
its independence through an organizational reporting line that is outside the
management of the sports gaming operation. The supervisor of the Internal Audit
function shall have authority to access and report to any Person or group
independent of the business, such as to a non-executive independent director,
compliance committee member, or independent audit committee.
6. Reports documenting audits performed shall
be maintained for a minimum of five years and shall be provided to the Council
within ten (10) days of completion.
7. All material exceptions resulting from
Internal Audit work shall be investigated and resolved with the results of such
being provided to the Council within ten (10) days of the resolution of the
exception, and thereafter retained by the Licensee for a minimum of five (5)
years.
8. Material Internal Audit
findings shall be reported to management within ten (10) days of the finding.
Non-material Internal Audit findings shall be reported to management within ten
(10) days of the finding validation.
9. Management shall be required to respond to
Internal Audit findings stating corrective measures to be taken to avoid
recurrence of the audit exception. A report on corrective measures to be taken
shall be sent to the Council simultaneously with or within ten (10) days of the
Internal Audit non-compliance report.
(d) Management Information Systems (MIS).
1. Each Licensee shall maintain an MIS
function, which shall be responsible for the operation and integrity of the
Sports Gaming System and the quality, reliability, and accuracy of all computer
systems used in the operation.
2.
The MIS function shall be responsible for, without limitation, the
specification of appropriate computer software, hardware, and procedures for
security, physical integrity, business continuity, and maintenance of:
(i) Access codes and other data-related
security controls used to ensure appropriately limited access to computers and
the system-wide reliability of data;
(ii) Computer tapes, disks, or other
electronic storage media containing data relevant to sports wagering
operations;
(iii) Computer
hardware, communications equipment and software used in the conduct of sports
gaming operations; and
(iv)
Adequate segregation of duties exists among developers, testing personnel,
administrators, personnel who may promote changes into production, personnel
who may access frozen code, etc.
3. Key Personnel holding the position of an
administrative officer, or equivalent, shall supervise the MIS
function.
4. All incidents related
to information systems security, which may compromise the confidentiality,
integrity, or availability of the Sports Gaming System, or involving Player
Personally Identifiable Information (PII) shall be reported to the Council
Immediately.
(e)
Compliance.
1. Each Licensee shall maintain a
Compliance function, which shall be responsible for, without limitation, the
following:
(i) Due diligence and regulating
reporting requirements;
(ii)
Serving as contact with the Council on regulatory matters;
(iii) Monitoring self-exclusion
program;
(iv) Player
complaints;
(v) Investigating
Unusual and Suspicious Wagering Activity; and
(vi) AML monitoring and reporting pursuant to
federal law.
2. Key
Personnel serving in the role of a compliance officer, or equivalent, shall
supervise the Compliance function.
Notes
Authority: T.C.A. ยงยง 4-49-106, 4-49-110, 4-49-115, and 4-49-125.
State regulations are updated quarterly; we currently have two versions available. Below is a comparison between our most recent version and the prior quarterly release. More comparison features will be added as we have more versions to compare.
No prior version found.