Revolut, Open Banking & Illegal Offshore Casinos: Player Evidence Raises New Questions Over Chargebacks, Descriptor Masking, and Regulatory Exposure

A player communication reviewed by FinTelegram raises a serious compliance question for Revolut: did the fintech initially tell a customer that Mastercard chargebacks had been raised and finally decided, only to later admit that no chargebacks had been submitted at all? Against the backdrop of FinTelegram’s long-running investigations into illegal offshore casino payment rails, the case sharpens a broader issue: whether Revolut’s controls are robust enough when gambling payments are routed through open-banking facilitators, masked descriptors, and intermediary payment layers.

Key Findings

• A player exchange reviewed by FinTelegram indicates that Revolut first suggested disputes had gone through Mastercard and reached a final outcome, then later admitted that no chargebacks had been submitted and the cases were closed internally.
• Revolut publicly says it may block illegal gambling transactions where required by local law and offers an optional “gambling block,” but that control is disabled by default and depends on transactions being identified as gambling.
• Revolut Business states that “gambling and quasi-cash merchants” are unsupported industries, which makes repeated casino-related payment exposure especially sensitive from a compliance perspective.
• Revolut’s current UK personal terms do not amount to a blanket retail ban on gambling for all adults; they prohibit illegal use generally, while the specific gambling-establishment block in the published UK terms is expressly stated for 16–17 accounts and is based on MCC classification.
• The European Banking Authority says payment institutions are commonly associated with elevated ML/TF risk, especially where they serve higher-risk sectors such as gambling and crypto, use cross-border models, platforms/marketplaces, intermediaries, and weak transaction monitoring.
• Dutch regulator Ksa has explicitly said it can issue binding directives to payment service providers to stop facilitating illegal gambling operators, showing that payment rails are now firmly inside the enforcement perimeter.

The Player Evidence: Why This Exchange Matters

FinTelegram reviewed screenshots of a player’s communication with Revolut concerning disputed casino-related transactions. In the first phase of the exchange, Revolut support reportedly told the player that the cases had been submitted through Mastercard under the appropriate dispute categories, that intermediary descriptors had been taken into account, and that final decisions had already been reached, leaving no reopening or pre-arbitration rights.

The player then pressed for the audit trail that would ordinarily exist if Mastercard chargebacks had really been initiated: chargeback reference numbers, ARNs, dispute reason codes, submission dates, second presentment status, pre-arbitration steps, and confirmation of whether Mastercard or the acquirer had actually reviewed the disputes.

That pressure appears to have produced the key admission. In the later exchange, Revolut support allegedly confirmed that no chargebacks were submitted to the acquiring banks, that the disputes were closed internally, and that the Mastercard chargeback process was not initiated. If that reading is correct, the issue is not merely an unfavorable outcome for the player. It is a potentially misleading description of what process was actually used.

From a compliance standpoint, this distinction is critical. A customer told that a scheme chargeback was raised and rejected is in a very different position from a customer whose bank simply made an internal decision not to initiate the scheme process at all.

Revolut’s Published Position on Gambling

Revolut’s public materials show a mixed picture, but not a simple one.

Revolut says its optional “gambling block” can block card payments identified as gambling, including bookmakers, online casinos, and sports betting apps, but it is disabled by default when an account is opened. Revolut also says that in some European countries it is required to block transactions to and from illegal gambling providers and that it enforces regulator lists on a legal basis.

At the same time, Revolut’s published UK personal terms do not impose a blanket prohibition on adult retail customers using accounts for gambling. The general restriction is on using the account for illegal purposes. The specific published gambling-establishment card restriction appears in the schedule for 16–17 accounts, where Revolut says it relies on the merchant’s MCC code rather than the actual details of the purchase.

For business users, the position is stricter. Revolut Business lists “gambling and quasi-cash merchants” among unsupported industries.

That means the more accurate compliance framing is this: Revolut clearly recognizes gambling as a special-risk area and claims some control mechanisms, but those controls depend heavily on identification, classification, and legal-trigger lists. That leaves obvious room for failure when gambling payments are laundered through alternative descriptors, intermediaries, or open-banking layers.

Why Open Banking Changes the Risk Picture

This is where FinTelegram’s broader payment-rails research becomes highly relevant.

Revolut Bank UAB is licensed in Lithuania as a bank and is authorized not only for core banking activity but also for payment functions including card-based payment execution, acquiring of payment, money remittance, payment initiation services, and account information services.

Meanwhile, open-banking specialists such as Yapily Connect are regulated payment-initiation providers; Yapily’s own site says Yapily Connect UAB is regulated by the Bank of Lithuania and that Yapily offers solutions for iGaming. ACPR’s 2017 annual report states that Perspecteev became the first company licensed in Europe to provide the PSD2 account-information and payment-initiation services.

Read our Yapily reports here.

This matters because a bank like Revolut does not necessarily “accept” an illegal casino as a formal gambling merchant in the classic acquiring sense for risk to arise. The risk can emerge one layer earlier or later in the chain:

• the player sees a casino front-end;
• the payment is routed through an open-banking facilitator or gateway;
• the bank sees a payment initiation request, a proxy payee, or an intermediary descriptor;
• the real economic beneficiary or gambling context may be obscured or fragmented across entities and steps.

That is precisely the kind of layered structure regulators worry about. The EBA says payment institutions often serve higher-risk sectors including gambling and crypto; that platforms and marketplaces add layers that increase overall ML/TF risk; and that intermediaries, cross-border models, and poor transaction monitoring materially increase exposure.

Descriptor Masking, MCC Dependence, and “Transaction Laundering” Risk

Revolut’s own published terms for younger users are revealing on one point: when it blocks gambling-establishment purchases, it says it relies on the merchant’s registered business type (MCC code), not the actual details of what is being bought.

That is not evidence of wrongdoing by Revolut. But it does show the structural vulnerability. If the effective gambling payment is disguised through:

• a non-gambling MCC,
• a gateway or facilitator descriptor,
• a substitute payee,
• a marketplace- or platform-like wrapper,
• or an open-banking payment flow that does not transparently present the underlying gambling merchant,

then gambling controls tied to classification, merchant type, or local blocklists may be less effective in practice.

This is the heart of the player’s complaint in the screenshots. The player did not argue that intermediaries are prohibited per se. The complaint was that descriptors such as MBM Ramp, BlueOC, Sknvrs, or TransferOp Payment Gateway Ltd may have obscured the true merchant and the real nature of the funded service, which in turn could affect whether Revolut framed the disputes correctly and whether it should have attempted scheme remedies at all.

For FinTelegram’s long-running offshore casino investigations, that is a familiar pattern: a regulated payment or open-banking rail at the visible front, with the unlawful gambling context concealed by payment architecture.

The Enforcement Angle: Why Regulators Could Take Interest

Revolut is already under supervisory pressure elsewhere. The Bank of Lithuania’s public register shows Revolut Bank UAB was fined €3.5 million on 4 April 2025 for AML/CFT-related violations, and it also lists earlier sanctions and warnings, including prior AML/CFT measures and other enforcement actions.

The EBA’s 2023 report on payment institutions is directly relevant here. It says the sector is commonly associated with higher ML/TF risk; that gambling companies are proportionately more common among PI customers than in banking; that platforms and marketplaces add layers; that payment institutions often have a higher risk appetite than retail banks; and that common weaknesses include insufficient transaction monitoring, poor suspicious transaction reporting, weak governance, and overreliance on banks to detect suspicious activity.

Against that background, a regulator looking at persistent illegal-casino rail exposure through Revolut would likely focus on several questions:

1. Transaction monitoring: Did Revolut identify repeat patterns consistent with illegal gambling or payment laundering?
2. Counterparty due diligence: Did it understand who the real payees and facilitators were behind recurring open-banking and gateway flows?
3. Customer dispute handling: Did it properly classify customer disputes where merchant descriptors may have masked the underlying transaction?
4. Governance and escalation: Were recurring casino-related complaints treated as isolated customer-service incidents or as a broader compliance signal?
5. Country-specific blocking obligations: Where regulators publish blacklists or require payment blocking, were those obligations implemented effectively?

That last point is not theoretical. The Dutch gambling regulator Ksa has publicly said that since online gambling legalization it has the power to issue a binding directive to payment service providers to stop facilitating illegal gambling operators.

In other words, payment firms are no longer peripheral to gambling enforcement. They are increasingly treated as chokepoints.

Could Revolut Face Regulatory Action?

Potentially, yes. Whether any specific action is warranted would depend on the underlying facts, but the possible supervisory pathways are clear.

For its EU banking operations, the Bank of Lithuania and, depending on context, ECB-linked supervisory structures could examine whether Revolut’s AML/CFT systems, transaction monitoring, governance, and high-risk-sector controls are adequate. In the UK, the FCA and PRA would be interested in governance, systems and controls, customer treatment, and financial-crime risk management where UK-regulated entities are involved. Gambling regulators in relevant jurisdictions may also scrutinize whether payment providers are facilitating payments to blacklisted or unlicensed operators despite national blocking regimes.

None of that means Revolut has knowingly accepted illegal casino operators as direct merchants on its own books. In many cases, the more plausible compliance concern is indirect facilitation: allowing payments to pass through regulated-looking open-banking or gateway layers that conceal the true gambling destination. But from a supervisory perspective, that distinction does not eliminate the problem. It sharpens the question of whether the bank’s controls are good enough for the business model and risk environment in which it operates.

FinTelegram’s Preliminary Compliance View

Based on the player material reviewed and the wider payment-rails context, FinTelegram’s preliminary view is as follows:

Revolut’s exposure to the offshore casino ecosystem appears less like an isolated edge case and more like a recurring control problem tied to modern payment architecture. The central risk is not simply “gambling” in the abstract. It is the combination of:

• illegal offshore operators,
• open-banking facilitators,
• intermediary descriptors,
• fragmented counterparties,
• cross-border payment chains,
• and consumer disputes that can be misframed if banks rely too heavily on formal descriptors rather than economic reality.

If Revolut support first told the player that Mastercard chargebacks had been submitted and finally decided, then later admitted they had never been initiated, that raises uncomfortable questions not only about customer communications but about whether the underlying payment pattern was truly investigated on its substance.

Call for Whistleblowers

If you have used Revolut in connection with offshore casinos, open-banking gambling deposits, masked merchant descriptors, failed withdrawals, or refused chargeback requests, FinTelegram would like to hear from you.

In particular, we are interested in:

• screenshots showing how Revolut described disputed gambling payments,
• transaction records involving open-banking facilitators or generic gateway descriptors,
• cases where a chargeback was said to be “rejected” but may never have been raised,
• and examples of repeated deposits to casino-linked payment chains despite Revolut’s published gambling controls.

Please share documents, screenshots, and payment records confidentially via Whistle42. Your information may help establish whether this is a customer-service failure, a descriptor problem, or a broader compliance blind spot in one of Europe’s most important fintech payment rails.