Guides

Policies

Suggest Edits

How to utilize Policies?

To streamline KYB decisions, the Policies feature enables your compliance and risk team to make more automated and accurate onboarding decisions directly from an identity report’s tasks.

If you enable the Policies feature, and a business meets all of your account’s KYB criteria based on the rules you apply in the Policy, you can perform a set of actions on the business such as ordering, assigning, or updating the status.

On the Middesk dashboard, you will be able to see a record of the policy decision by clicking on the "View Event Log" button on the businesses' identity report. You can additionally check when and whether the business had a policy triggered using the policy_results API or in the policy_results object to the Retrieve a Business endpoint/call. For additional details about the API implementation of Policies, please refer to our API Reference. If you have any feedback about our policies feature, please feel free to follow up at [email protected].

📘

Enabling Policies

Dashboard and API integration users can enable this feature through their dashboard settings. Admins can log in to their dashboard, navigate the Settings page, and click on the Policies tab to opt-in to this feature.

Even if Policies is enabled, the complete business response/identity report will still be returned through the API. Policies is also avaliable in our Sandbox environment.

🚧

Permissions and User Roles

Only Admin dashboard users have permission to opt in and enable this feature. The other user roles and permissions will be able to see the Policies decisions, but they won’t have permission to edit the policies rulesets or turn them on/off.

Default Policies

Each Middesk account will be pre-set with a default policy, although it is important to note that this setting won’t be automatically enabled. When the default policy is enabled, a business will be ‘auto-approved’ if the business’ tasks satisfy all of the below criteria:

  • Business name - “Verified” or “Similar Match”
  • Office Address - “Verified” or “Approximate Match” or “Similar Match”
  • Watchlist - “No hits”
  • TIN Match - “Found”

Custom Policies

Within the Policies settings, there is also the ability to configure multiple custom policies from any business attributes to match your compliance requirements. Updating the attributes and rulesets from the default policies settings will effectively transition the account from the default to your custom-defined policies. Policies can only currently be applied to the business attributes. If KYC is enabled for custom policies, you can set an action on the business with the business’ tasks and the KYC decision.

Policy Rules

The following business data can be used to create policy rules:

  • Business status, e.g., Business status is in_review
  • Task outcomes, e.g., SOS status is Active
  • Registration state, e.g., Registration state is CA
  • Formation date, e.g., Business formed less than 3 months ago

Actions

Policies can be used to trigger the following actions:

  • Assign a business to a user
  • Place a new order on a business
  • Change the business status on Middesk (approved or rejected)
  • Enable monitoring on a business (watchlist, bankruptcies, SOS filings or TIN discovery)

Default Actions

If none of your Policies are found to be a match against the Business, we will fallback to setting the status of that Business to "Needs Review". You can alter this default behavior by scrolling to the bottom of the Policies Settings page and selecting your desired default status from the dropdown menu.

Webhooks

When the Policies feature is enabled, Middesk will send a business.updated webhook once we have finished processing the attributes and the policy decision is ready to be evaluated. This webhook event will not only include the attributes, but it will also now include the Policy decision. For more information about the statuses emitted from the business.updated webhook, please refer to this documentation.


Signal Policies

It is also possible to configure Policies that execute within the Signal lifecycle. To take advantage of this functionality, please navigate to the Policies Settings page in the dashboard, click the "Add Policy" button in the top right corner of the screen, and select "Signal".

You can build a rule set based on the Signal's scoring model, the score, and the reason codes that are returned.

If a Verify Signal returns a score that is greater than 80 and either the V501 reason code is flagged or V502 reason code is flagged, then order a Verify package and a Business litigations package on a brand new Business.

If a Verify Signal returns a score that is greater than 80 and either the V501 reason code is flagged or V502 reason code is flagged, then order a Verify package and a Business litigations package on a brand new Business.

The only Action that is currently available for a Signal Policy is placing an order on a new Business. You can automatically order as many packages as you'd like.

📘

Please note: If you want a Signal Policy to automatically order the TIN package, you'll need to ensure that you pass the TIN parameter in the request. The TIN is not required for the Signal, but it is required for the full package. You can read about other Signal parameters here.

Updated 10 days ago