How to Report Online Gambling Investment Scams to the NBI and AMLC (Philippines)

How to Report Online Gambling Investment Scams to the NBI and AMLC (Philippines)

This article explains—step by step—how victims, witnesses, and compliance officers can report online gambling–flavored “investment” scams to Philippine authorities, with a focus on the National Bureau of Investigation (NBI) and the Anti-Money Laundering Council (AMLC). It also maps the relevant laws, evidence standards, and realistic outcomes so you can move fast and preserve your options. This is general information, not legal advice.

1) What you’re dealing with (and why two agencies)

Typical scheme. “Guaranteed returns” or “VIP betting pools,” “signal groups,” “AI odds trading,” or “VIP agents” tied to casinos/POGOs/sportsbooks. Victims are funneled through e-wallets, bank accounts, crypto wallets, or payment links; small initial wins are shown, then pressure to “unlock” withdrawals with more deposits; accounts get frozen or “taxes/fees” are demanded.

Likely crimes and laws breached

  • Estafa / Swindling (Art. 315, Revised Penal Code) and potentially Syndicated Estafa (PD 1689) if by at least five conspirators or through a syndicate.
  • Securities Regulation Code (SRC, RA 8799) violations (unregistered securities, unlicensed brokers, fraud) when “investment plans” are offered to the public.
  • Cybercrime Prevention Act (RA 10175) (computer-related fraud, identity offenses; venue and digital evidence rules).
  • Anti-Money Laundering Act (AMLA, RA 9160 as amended by RA 9194, 10365, 10927, 11521, and related rules)—the AMLC can trace/freeze laundered proceeds.
  • Casino coverage (RA 10927)—casinos (including internet-based) are “covered persons” under AMLA.
  • Illegal gambling laws (PD 1602, RA 9287 for numbers games) where applicable; PAGCOR rules for licensed operators.

Why report to both NBI and AMLC

  • NBI investigates the crime (estafa, cybercrime, SRC breaches), gathers evidence, and files cases for prosecution.
  • AMLC targets the money—tracing flows, coordinating with banks/e-wallets/crypto VASPs, seeking freeze and forfeiture orders to lock down proceeds quickly.

2) Immediate actions (first 24–48 hours)

  1. Stop sending funds and cut contact.
  2. Preserve evidence (see §3): screenshots, chat exports, URLs, blockchain txids, bank slips, e-wallet references.
  3. Notify your bank/e-wallet/crypto exchange: file a dispute/fraud ticket; ask for an internal block/flag on recipient accounts.
  4. List every transfer (date/time, amount, instrument, reference number, recipient name/alias, account/wallet details).
  5. Change passwords & enable MFA for your email, socials, and financial apps.
  6. Check licensing (optional but helpful): Is the gambling operator licensed by PAGCOR? Is the “investment” or solicitor registered with SEC? Note your findings.
  7. Prepare to file with NBI and AMLC (and, where appropriate, SEC and PAGCOR). Filing is free.

3) Evidence checklist (what to gather before you file)

Identity & narrative

  • Government ID (front/back), contact details.
  • A concise timeline: who approached you, where (FB/Telegram/WhatsApp/IG/TikTok/website/app), promises made, and deposit/withdrawal attempts.

Digital communications

  • Full chat exports (not just screenshots), including headers where available.
  • Emails (with full headers), SMS, call logs/recordings where lawful.

Payments

  • Bank: transaction history, teller slips, proof of transfer, account names/numbers; reference numbers.
  • E-wallets: transaction details and reference IDs.
  • Crypto: wallet addresses (your sending address and their receiving address), TXIDs, networks used (e.g., TRON, BSC, ETH), exchange deposit/withdrawal records.

Online artifacts

  • URLs, domains, mirror links, referral codes, landing pages, app packages/APKs.
  • Any “member portal” credentials (provide only to authorities), and screenshots of balances/“tax fee” prompts.

Attribution breadcrumbs

  • Names/aliases, phone numbers, GCash/PayMaya IDs, bank account names, screenshots of KYC pages, influencer posts, and referral trees.

Preservation notes

  • Avoid editing images (no crops that cut off timestamps).
  • Keep files in original format when possible; make a read-only backup.
  • Record hashes (optional advanced step) if you can.

4) Reporting to the NBI

Where in NBI

  • NBI–Cybercrime Division (CCD): for online schemes, phishing, account takeovers, platform misuse.
  • NBI–Anti-Fraud Division: for estafa/large-scale swindling and investment fraud. (If uncertain, file with either; they coordinate internally.)

What to file

  • Complaint-Affidavit (notarized) with annexes:

    • Your identity documents.
    • Timeline of events.
    • Evidence bundle (see §3), indexed as Annex “A,” “B,” etc.

  • Witness Affidavits (if more victims/witnesses).

  • Special notes for minors/OFWs: attach guardianship/consular details if applicable.

Contents of the Complaint-Affidavit (practical template)

  1. Parties (Complainant vs. Respondents “JOHN/JOANE DOES,” plus known aliases).
  2. Jurisdiction & venue (cite that elements occurred online and in your city or where funds were sent/received; RA 10175 allows venue where any element occurred).
  3. Facts (chronological narrative; quote exact representations—guaranteed returns, unlocking fees, VIP tiers).
  4. Modus (how the site/app/chat worked; pressure tactics; fake wins; blocked withdrawals).
  5. Transactions (tabulate dates, amounts, references, recipient identifiers, TXIDs).
  6. Damages (principal loss + incidental expenses).
  7. Offenses you believe were committed (estafa; violations of RA 10175; possibly SRC).
  8. Prayer (investigate, issue subpoenas, preserve data, apply for warrants, coordinate with AMLC, recommend charges).
  9. Verification & notarization.

Filing mechanics

  • In person at the NBI headquarters/regional office; many offices accept walk-in complaints.
  • Some offices allow online pre-coordination; if you can’t visit immediately, call ahead and ask for the receiving section for cybercrime/anti-fraud.
  • Keep two sets of your complaint with annexes; request a receiving copy with stamp.
  • NBI may invite you for clarificatory questions and device imaging; cooperate to preserve chain of custody.

What happens next

  • Case build-up: subpoenas to banks/e-wallets/ISPs; data preservation requests; coordination with PAGCOR/SEC/BSP.
  • Inquest/Prelim Investigation: if suspects are identified and arrested, or when filing with the DOJ/City Prosecutor.
  • Search warrants and digital forensics are possible where probable cause exists.

5) Reporting to the AMLC

Why involve AMLC early

Speed matters: freezing or flagging recipient accounts/wallets increases the chance of asset recovery or at least preventing further victimization. AMLC can:

  • Request bank inquiry into accounts suspected of holding proceeds of unlawful activities.
  • Apply ex parte for freeze orders (via the Court of Appeals) over deposits, investments, e-wallets, and sometimes virtual assets.
  • Coordinate domestically with BSP-supervised institutions and VASPs and internationally via FIU-to-FIU channels.

Who should report

  • Victims and witnesses may submit information/complaints to AMLC’s Secretariat/Public Assistance channels.
  • Covered persons (banks, e-money issuers, remittance companies, casinos, and VASPs under BSP rules) must file STRs/CTRs through goAML—your bank/e-wallet/exchange’s compliance team handles this. You can prod them by filing your internal fraud ticket and referencing AML concerns.

What to send AMLC

  • Narrative (shorter than the NBI affidavit is fine) + your identity details.
  • Payment trail with references (bank/e-wallet/crypto).
  • Counterparty identifiers (account names/numbers, wallet addresses, device IDs if you have them).
  • Any NBI reference (if already filed) and your bank/e-wallet ticket number.

Practical tips

  • Tell your bank/e-wallet/exchange to escalate your case to their AML Compliance for STR filing and rapid inter-bank coordination.
  • For crypto, ask the exchange to tag the recipient wallet addresses as fraud and share to AMLC if they are a Philippine-registered VASP or if they can coordinate through BSP/AMLC channels.
  • Keep expectations realistic: a freeze is not automatic; AMLC needs basis linking the assets to unlawful activity.

6) Where else to report (often helpful in parallel)

  • SEC Enforcement & Investor Protection—when the “investment” aspect is prominent (unregistered offers, profit-sharing pools, “staking” returns).
  • PAGCOR—if the operator claims to be licensed or uses casino branding; PAGCOR can verify licensure and investigate compliance breaches.
  • PNP–Anti-Cybercrime Group (ACG)—parallel criminal complaint, especially outside NCR.
  • BSP Consumer Assistance—if a supervised financial institution mishandled your dispute; IC if an “insurance-ish” product is pitched.
  • Platform reporting—Facebook/Telegram/TikTok/WhatsApp, domain registrars/hosts, app stores (to trigger takedowns).

7) Building the money trail (bank, e-wallet, crypto)

Banks/E-wallets

  • Ask for full transaction details (internal trace IDs) and any chargeback or good-faith hold possibilities.
  • Provide the police/NBI blotter or control number once available; it often speeds up compliance handling.

Crypto

  • Compile TXIDs, wallet addresses, and networks.
  • If you used a Philippine-registered exchange, immediately open a support ticket and request fraud tagging and address blacklisting.
  • For on-chain hops to foreign exchanges, AMLC can coordinate via Egmont Group channels; still send every hop you know.

8) Jurisdiction, venue, and timelines

  • Venue: Under RA 10175, cybercrimes may be filed where any element occurred, including where the complainant resides, where the device was used, or where the funds were sent/received. Estafa may be filed where deceit or damage occurred.
  • Timelines: Investigation and cross-institution coordination can take weeks to months. Freezing is time-sensitive; the earlier the report, the better the odds.
  • Prescription: Estafa generally prescribes in 10 years (depending on penalty); cybercrime follows the predicate offense, but don’t delay.

9) Data privacy & safety

  • You may redact account numbers in copies shared with third parties, but submit full unredacted copies to authorities.
  • Avoid sharing live credentials with anyone except law enforcement; if asked, require a formal request/subpoena.

10) Common pitfalls (and how to avoid them)

  • Paying “unlock/withholding tax/anti-money laundering clearance” fees—this is part of the scam.
  • Deleting chats or resetting phones—destroys metadata; let investigators do imaging if needed.
  • Sending only cropped screenshots—submit full exports and original files.
  • Not involving AMLC—you lose early opportunities to freeze.
  • Assuming PAGCOR branding = legit—verify licensure; scammers counterfeit seals.

11) Concise step-by-step playbook

  1. Preserve evidence (complete exports, txids, receipts, URLs).
  2. Notify bank/e-wallet/exchange and request AML escalation/STR.
  3. File NBI complaint (Cybercrime or Anti-Fraud): notarized affidavit + annexes; get receiving copy.
  4. Inform AMLC: submit your narrative and payment trail; reference your bank ticket and NBI filing.
  5. File with SEC/PAGCOR if investment or licensing claims are involved.
  6. Follow up with your bank/e-wallet and exchange; provide any freeze order details you receive.
  7. Prepare for prosecutor proceedings (if NBI files a case): attend hearings, bring originals.
  8. Consider civil action for damages/collection if defendants are identified.

12) Victim-friendly affidavit skeleton (use and adapt)

Complaint-Affidavit I, [Name], Filipino, of legal age, [address], state under oath:

  1. On [dates], respondents using the names/aliases [list] contacted me via [platforms], inviting me to invest in an online gambling “VIP pool” promising [x%] returns.
  2. Relying on these representations, I transferred funds as follows:   • [Date/Time] – [Bank/E-wallet/Exchange], Ref. No. [ ], Amount [ ], Recipient [name/account no./wallet].   • (repeat per transaction; attach Annex “A” table)
  3. When I attempted to withdraw, I was told to pay “taxes/unlock fees.” After refusing/paying, my access was blocked.
  4. I later confirmed [not licensed by PAGCOR / unregistered with SEC / prior advisories].
  5. Respondents committed Estafa (Art. 315 RPC), Cybercrime (RA 10175), and violations of the SRC; funds are proceeds of unlawful activity under the AMLA. Prayer: Investigate; issue subpoenas; coordinate with AMLC, BSP, SEC, PAGCOR; apply for preservation measures; and file appropriate charges. Annexes: A–Transactions Table; B–Chat/Email Exports; C–Receipts/Screenshots; D–IDs; E–Website/App Captures; F–Any advisory printouts.

13) Special notes for compliance officers (banks/e-wallets/VASPs/casinos)

  • Verify if behavior matches red flags under AMLA/CFT and casino/VASP guidelines (structuring, third-party deposits, mule patterns, rapid on-off-ramp).
  • File STRs via goAML promptly; consider targeted account freezes/holds as permitted by policy and law.
  • For VASPs: implement address-screening and travel rule measures; share typology intel with AMLC and peer institutions where allowed.

14) Expected outcomes and recovery reality

  • Criminal case: possible indictments for estafa/cybercrime/SRC offenses; arrests if suspects are located.
  • Financial tracing: possible freezing of local accounts/e-wallets; recovery depends on balances remaining and speed of action.
  • Crypto: recoveries are harder but not impossible if funds pass through KYC’d exchanges or if addresses become sanctioned/flagged and exchanges cooperate.
  • Civil claims: can supplement criminal action, especially if defendants or assets are identifiable.

15) One-page quick list (clip and follow)

  • Stop payments; secure accounts; enable MFA.
  • Compile IDs, timeline, chats, emails, txids, receipts, URLs.
  • Alert bank/e-wallet/exchange; cite fraud & AML; get ticket/acknowledgment.
  • File NBI complaint (affidavit + annexes; get receiving copy).
  • Submit AMLC information (narrative + payment trail; quote bank ticket & NBI details).
  • Consider SEC (investment) and PAGCOR (licensing) reports.
  • Keep originals; provide only copies unless imaging is requested.
  • Do not pay “unlock/tax/AML” fees demanded by scammers.
  • Track follow-ups and respond promptly to subpoenas/requests.

Final note

Act quickly, document everything, and report to both the NBI (for the crime) and the AMLC (for the money). That dual track gives you the best shot at stopping further losses and, where possible, getting funds frozen before they vanish.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login