How to utilize Policies?


Even if Policies is enabled, the complete business response/identity report will still be returned through the API.

To streamline KYB decisions, the Policies feature enables your compliance and risk team to make more automated and accurate onboarding decisions directly from an identity report’s tasks.

If you enable the Policies feature, and a business meets all of your account’s KYB auto-approval criteria based on the data you provided Middesk, the business’ status will automatically move from the in_review to approved status. Conversely, based on the data provided, if a business does not meet the policies’ criteria you have set, the business will move to the needs_review status for your compliance team to review.

On the Middesk dashboard, you will be able to see a record of the policy decision by clicking on the "View Event Log" button on the businesses' identity report. You can additionally check when and whether the business was auto-approved using the policy_results API or in the returned status field of the Retrieve a Business call. For additional details about the API implementation of Policies, please refer to our API Reference. If you have any feedback about our policies feature, please feel free to follow up at [email protected]


Enabling Policies

Dashboard and API integration users can enable this feature through their dashboard settings. Admins can log in to their dashboard, navigate the Settings page, and click on the Policies tab to opt-in to this feature.


Permissions and User Roles

Only Admin dashboard users have permission to opt in and enable this feature. The other user roles and permissions will be able to see the Policies decisions, but they won’t have permission to edit the policies rulesets or turn them on/off.

Default Policies

Each Middesk account will be pre-set with a default policy, although it is important to note that this setting won’t be automatically enabled. Under the default policy, a business will be ‘auto-approved’ if the business’ tasks satisfy all of the below criteria:

  • Business name - “Verified” or “Similar Match”
  • Office Address - “Verified” or “Approximate Match” or “Similar Match”
  • Watchlist - “No hits”
  • TIN Match - “Found”

Custom Policies

Within the Policies settings, there is also the ability to configure multiple custom policies from any business attributes to match your compliance requirements. Updating the attributes and rulesets from the default policies settings will effectively transition the account from the default to your custom-defined policies. Policies can only currently be applied to the business attributes. For custom policies, if KYC is enabled, you can auto-approve and auto-reject a business with the business’ tasks and the KYC decision.