GuidesAPI RefFAQsBlog
Guides
StatusSupport

KYC and User Overview

Suggest Edits

User Creation and KYC Submission

The user creation process allows you to create a user and add KYC ("Know Your Customer". The required KYC is based on the requirements listed in your spec sheet. Please see below for details on the user creation process.

Recommended Flow

1. Create a User (with KYC)

This call allows you create a user with the required KYC, as listed in your spec sheet. Please note that because KYC is processed asynchronously, we recommend that you submit all KYC in the same call as you create the user. However, if the user has already been created you have the option to Add Base Documents or Add Sub-Documents. If you choose the latter, review our KYC Best Practices to avoid a race condition.

Upon submitting KYC, the user will be granted User Permissions and each of the sub-documents will be granted Sub-Document Statuses. Please note that statuses and permissions may change over time.

2. Subscribe to Webhooks

If you haven't done so already, subscribe to webhooks to inform you when a user has been created, or permissions/statuses have changed.

3. Issue OAuth Key

After creating a user successfully, issue an OAuth key to perform actions for that user.

4. View User

  • If the user has SEND-AND-RECEIVE permissions, all documents were processed successfully.
  • If the user does not have SEND-AND-RECEIVE permissions, all documents may not have processed successfully or the user may be a potential match in a sanctions list.
    • To check for the former, look at the status of each submitted document and re-submit relevant documents
    • For the latter, check the user's watchlists flag to determine if the user was flagged as a possible match by Synapse's KYC verification system.
      • If the flag's value is SOFT_MATCH|PENDING_UPLOAD, you will need to upload a government ID (GOVT_ID) to allow either for our KYC verification system or for our compliance team to recheck the user.
      • If the flag's value is SOFT_MATCH you will need to wait for the results of a compliance check.
      • For more details about this process, please refer to Sanctions Tiers and Watchlists Explained.

We recommend this process as the preferred method for submitting KYC because it provides the platform with the greatest insight into whether all KYC was submitted successfully or not. Remember to re-submit or provide any additional KYC in one Add KYC API call.

We typically process and verify KYC within a couple of seconds. However, this can vary, depending on traffic, number and size of documents submitted. If all documentation was successfully processed we will give the user SEND-AND-RECEIVE permissions (i.e. the ability to create nodes, and originate and receive transactions).

Please note that in instances where a Physical Document requires manual verification, the document will stay in SUBMITTED|REVIEWING for up-to 1 full business day. These instances can be reduced by following physical document submission best practices as outlined in each document type (eg. Photo ID Requirements). Since the documents are flagged for manual review when our system is unable to detect existence of a few crucial security features that it's looking for on the document. So ensuring a clean submission reduces the likelihood of that occurring.

5. Final Steps

  • Success

    • If user creation and KYC submission were a success, you can now inform the user that on-boarding is complete.

  • Failure

    • However, if there was an issue with KYC submission (e.g. we can’t process a document) we provide notification via a webhook (if subscribed), and the platform will need to submit the KYC again.
    • If (Assumed Valid) Documents Cannot Be Processed
      • If a document still cannot be processed, and you have reason to believe the document is valid and the picture follows our Photo ID Requirements, submit a ticket to Synapse and our Customer Success team will either resolve the issue or escalate to our Compliance team.

Further SSN Verification Lag

Because we verify SSNs by making an immediate initial verification followed by a more in-depth verification with the IRS up to 24 hours later (learn more here), standard SSN verification timeframes can be from 24-48 hours.

  • It could also be the case that we will require submission of a Social Security card up to 24 hours after the user’s SSN was approved by our initial verification. If this occurs the user would not be able to transact until the Social Security card is submitted and verified. Users will have two resubmission opportunities.

Updating KYC

Use our Add/Update KYC API to update the KYC of the user. Except for addresses, all types of KYC will update to the submitted KYC. If the new KYC cannot be verified or the user is a match in a sanctions list it will not be able to transact until valid KYC is re-submitted.

Address, on the other hand, will not update if invalid. Consequently, please use our Verify Address API to check if the new address is valid before submission. Addresses do not update if the submitted address is invalid because we will always need a valid address to send a check to, in case an account has a positive balance at account closure.

The Importance of KYC

The collection of KYC documentation from end users and platforms is an important step in the on-boarding process. This not only helps facilitate compliance with the Bank Secrecy Act, but also helps prevent account takeovers and fraudulent user activity. The identifying documents collected for both platforms and individuals helps us understand who our customers are, the nature of their relationship with us, and their expected activity. Different products and limits will have different KYC requirements because the underlying risks can vary greatly. We encourage platforms to collect more KYC than our minimum requirements.

This page (and its related sub-pages) are not intended to outline a Customer Identification Program (CIP), or set forth minimal KYC requirements (which will be detailed in your spec sheet), but rather to explain what we do with the information we collect.

Please note, although we continually strive to prevent fraud at any level, we do not and cannot guarantee a fraud-free product. We actively encourage our platforms to take the necessary steps to mitigate fraud, as the platforms will still be liable for user fraud and negative balances incurred as a result of fraudulent activity.

Updated almost 4 years ago