How to utilize Policies?

To streamline KYB decisions, the Policies feature enables your compliance and risk team to make more automated and accurate onboarding decisions directly from an identity report’s tasks.

If you enable the Policies feature, and a business meets all of your account’s KYB criteria based on the rules you apply in the Policy, you can perform a set of actions on the business such as ordering, assigning, or updating the status.

On the Middesk dashboard, you will be able to see a record of the policy decision by clicking on the "View Event Log" button on the businesses' identity report. You can additionally check when and whether the business had a policy triggered using the policy_results API or in the policy_results object to the Retrieve a Business endpoint/call. For additional details about the API implementation of Policies, please refer to our API Reference. If you have any feedback about our policies feature, please feel free to follow up at [email protected].


Enabling Policies

Dashboard and API integration users can enable this feature through their dashboard settings. Admins can log in to their dashboard, navigate the Settings page, and click on the Policies tab to opt-in to this feature.

Even if Policies is enabled, the complete business response/identity report will still be returned through the API. Policies is also avaliable in our Sandbox environment.


Permissions and User Roles

Only Admin dashboard users have permission to opt in and enable this feature. The other user roles and permissions will be able to see the Policies decisions, but they won’t have permission to edit the policies rulesets or turn them on/off.

Default Policies

Each Middesk account will be pre-set with a default policy, although it is important to note that this setting won’t be automatically enabled. When the default policy is enabled, a business will be ‘auto-approved’ if the business’ tasks satisfy all of the below criteria:

  • Business name - “Verified” or “Similar Match”
  • Office Address - “Verified” or “Approximate Match” or “Similar Match”
  • Watchlist - “No hits”
  • TIN Match - “Found”

Custom Policies

Within the Policies settings, there is also the ability to configure multiple custom policies from any business attributes to match your compliance requirements. Updating the attributes and rulesets from the default policies settings will effectively transition the account from the default to your custom-defined policies. Policies can only currently be applied to the business attributes. If KYC is enabled for custom policies, you can set an action on the business with the business’ tasks and the KYC decision.


Policies can be used to trigger new orders, assign identities to review, or change the business status on Middesk based on the policies and events that happen.


When the Policies feature is enabled, Middesk will send a business.updated webhook once we have finished processing the attributes and the policy decision is ready to be evaluated. This webhook event will not only include the attributes, but it will also now include the Policy decision. For more information about the statuses emitted from the business.updated webhook, please refer to this documentation.