Enhanced Due Diligence Process
Formalized User Account Closure Request Process
In addition to automated processes for closing accounts (e.g. automatic closure of duplicate users and automatic locking of users on watchlists), Synapse also has both automatic and manual enhanced due diligence (EDD) processes for flagging high-risk users for analysis, review, and closure. A user subject to EDD review will be flagged ("flag": "FLAGGED"
) with a user flag code (flag_code
) to indicate the reason the user was flagged.
Note on Platform Ability to Close and Lock Accounts
Closing Accounts: Platforms will continue to be able to close user accounts when a user requests the closure (
"permission": "CLOSED" and "permission_code": "USER_REQUEST"
) via the Update User Status API call, but this will be the only means by which Platforms will be able to directly close an account. The Swap Duplicate Users API call can also be used to indirectly close a duplicate user account (subject to the requirements of that call).Account closure steps would typically follow:
- User requests the platform to close the account
- Platform closes the user's account and user is unable to access the account
- Synapse will then send the remaining amount to the via check (e.g. about 8-10 business days).
- Please note that the platform should be communicating with the user on their options to remove any balance prior to account closure (e.g. to initiate an ACH transaction to bring the account to a zero balance before closure), or the user can prefer to receive a check automatically after the account has been closed, and no further action is needed.
Locking Accounts: Platforms cannot lock accounts directly (i.e. a Platform attempt to update user status by setting
"permission": "LOCKED"
will result in an error), and must instead follow the EDD request process.
Flagging Users
Platforms can, however, flag high-risk users and users who may be associated with blocked industries. This EDD process may, after review by our Compliance team, either result in immediate closure of a user account or in additional requests for the user to supply explanatory documentation for the activity that triggered the risk-based flag(s). Additionally, in an effort to ensure users are properly notified of any changes to the status of their accounts, and that required EDD documents are clearly defined, Synapse has automated many of the processes for transitioning user flags, restricting account activity while the user is under review, and automatically locking accounts based on clearly defined criteria (e.g. user failure to supply requested documentation within a specified timeframe).
The primary goals of these automations include:
- Providing streamlined processes for Platforms to bring high-risk end users to our attention (i.e. to flag these users).
- Providing timely and standardized notice to end users, including the following items, as applicable:
- Providing notification of changes to user account permissions (e.g.
SEND-AND-RECEIVE
toLOCKED
, etc.) - Providing users the opportunity to submit additional documents for EDD reviews conducted by Synapse, when appropriate
- Establishing clear timelines related to reviews
- Setting clear expectations regarding the outcome (or likely outcome) of reviews
- Providing notification of changes to user account permissions (e.g.
- Setting up review queues to largely eliminate human error (e.g. errors that may arise from need to have human agents follow-up on requests and manually track issues)
- Ensuring timely responses to users who engage with the EDD process by providing additional information for review (via automated alerts)
- Ensuring timely closure of users who fail to comply with our requests for additional information
EDD User Flags
The EDD process involves 3 key steps:
- Initial flagging of users by platforms.
- At this point, user permissions will remain unaffected.
- There are currently only 2 user flag codes (
flag_code
) that Platforms can use to submit users for EDD review:PENDING_REVIEW|ACCOUNT_CLOSURE|BLOCKED_INDUSTRY
PENDING_REVIEW|ACCOUNT_CLOSURE|HIGH_RISK
flag).
- Flagged users are placed in the EDD review queue for decisioning by Synapse's Compliance team within 1 business day (i.e. either mark the account for closure or transition the account to the document request stage of the queue).
- Applicable document requests as necessary.
- If Synapse's Compliance team determines that a flagged user must provide additional documents, user permissions will be restricted so that the user will be unable to transact until the EDD review process is complete.
- There are currently 3 document request user flags:
PENDING_UPLOAD|DOC_REQUEST|CIP
PENDING_UPLOAD|DOC_REQUEST|UAR
PENDING_UPLOAD|DOC_REQUEST|SECURITY
- Once a document request user flag is assigned to a user, the user will will have 14 days to respond with valid documents.
- Required EDD documents are on the User Base Documents in the required_edd_docs array. You will be notified from the USER|PATCH webhook or you may view the required documents by making a View User with Full Dehydrate API call.
- If the user provides a requested document, this 14-day timer will pause temporarily while under review, with a decision provided by the Compliance team within 2 business days.
- Similarly, there are 3 document review user flags:
PENDING_REVIEW|DOC_REQUEST|CIP
PENDING_REVIEW|DOC_REQUEST|UAR
PENDING_REVIEW|DOC_REQUEST|SECURITY
- User account closure or reinstatement (as applicable).
- If the Compliance team determines that the user was initially flagged in error, or the user provides sufficient documentation to resolve the initial flag provided by a platform, the user's permissions will be re-instated (e.g. to
SEND-AND-RECEIVE
). - If the Compliance team determines that the user account should be closed, if the user provided documentation insufficient to remove the flag after review, or if the user failed to supply documents within the allotted 14-day window the user account will be marked for closure.
- There are currently 2 final status user flags that Compliance can apply based on this process:
ACCOUNT_CLOSURE|BLOCKED_INDUSTRY
ACCOUNT_CLOSURE|HIGH_RISK
- Please note that if a user fails to supply required documents within the allotted 14-day window, the account will be locked (i.e. with "
permission_code": "DOCS_NOT_PROVIDED"
). - Accounts marked for closure through this EDD process will be provided a deadline before which they will be expected to withdraw funds, with any remaining funds sent via check to the address on file for the user.
Note on Fraudulent Documents
Please note that if submitted documents are found to be fraudulent, the user will be pulled from this EDD process and instead be immediately LOCKED by the Compliance team (with
"permission_code": "KYC_FRAUD|FRAUDULENT_DOCS"
).
More Information About EDD User Flags and Relevant User Notifications
For more details about EDD user flags and messages that users may receive when assigned these flags, please refer to this resource page.
Updated about 4 years ago