Skip to main content
Sign in

Doc Review Procedure: ID Theft Cure

Jackie
  • Updated

 

If an account is believed to have been potentially established without the account holder’s knowledge or authorization, the account will be locked for additional verification. We should take care in verifying the account user is truly the account holder by requesting and verifying documentation, as well as reviewing for any account activity that may require additional review.

 

Review For Uploaded Documents
Review The Proof of Liveness
Decision The Proof of Liveness
Review Account Activity
Review The Bank Statement
Decision The Bank Statement
Action The Account(s)

 

Review For Uploaded Documents

  1. From within the Zendesk ticket, click the account hyperlink on the internal note, or select “Find User” in the app sidebar
  2. Ensure the lock note from Fraud mentions “fraud_restrict:id_theft” before proceeding
    1. If the note mentions a different code, follow proper handling instructions
  3. Navigate to the “Document Uploads” view in Active Admin
  4. Review the completed Proof of Liveness request with instructions below
    1. If a Proof of Liveness request has not been initiated previously:
      1. Hit the “Request Documents” button in the top right corner
      2. Select “Proof of Liveness”
      3. Hit “Request Documents” to initiate the request
      4. Hit “OK” to submit the request
      5. Solve the ticket

Review The Proof of Liveness

*Remember: We call this document request "ID and Selfie" to customers and don't use the term "Proof Of Liveness"

A proof of Liveness verification will request proof of identity and a selfie from the customer. These photos should be taken at the time the customer is completing the document upload and they should not be able to upload existing images due to this.

 

Proof of Identity Review

  • ID must be legible with all details visible
    • Zoom in and review closely for alterations or pixelation differences
  • Name and DOB on ID must match the account holder information in Active Admin
    • Keep an eye out for typos (typically only one letter/digit off)
  • ID must be valid and not expired
  • Restrictions should match both in the front and the back 

Selfie Review

  • Selfie should appear as though the customer just took the photo of themselves
  • Pay attention to their surroundings; does it appear to be a true selfie?
  • Watch out for photos taken of existing images or screens; watch for glares or inconsistencies on the face
  • The selfie should be taken in a well-lit area to allow for comparison to the ID
  • Compare the selfie features to the ID; do the eyebrows, chin, eyes, etc. appear to have the same shape as the image from the ID?

Decision The Proof of Liveness

Approve

If the Proof of Liveness passes our review:

  1. Accept the documents as Proof of Liveness within Active Admin
  2. Proceed with reviewing account activity before unlocking

Re-Request

If the Proof of Liveness was not legible or incorrect documents were provided:

  1. Reject the document as Proof of Liveness within Active Admin
  2. This will create a new request for the same document
  3. Send the General::Possible Fraud::Cannot Unlock - Re-request Docs macro, adding personalization to advise why we could not accept what was provided (ex. ID is illegible)

Reject

If the Proof of Liveness does not pass our review:

  1. Reject the documents as Proof of Liveness within Active Admin
  2. Escalate the ticket for further review and possible Identity Theft closure using the macro Escalation::Level 2 - Fraud Escalation::Possible Altered Docs
  3. Complete the note on the ticket detailing why you rejected the Proof of Liveness

 

Review Account Activity

External Bank Review

  1. Navigate to the “External Accounts” view in Active Admin
  2. Check the method of link on the currently active or most recent bank link and confirm the following information:
    1. Plaid
      1. Account owners name should match the Stash account holder name
      2. Are there any Plaid link attempts present with mismatched names?
      3. If the bank links show any mismatched name concerns, escalate the ticket to Fraud Escalations for First Party Fraud review using the macro escalation::Level 2 - Fraud Escalation::First Party Review
      4. Otherwise, proceed with unlocking the account
    2. Micro Deposit
      1. Does the account have an incoming transfer for $500+ from this external account to Invest or Bank within the past 60 days?
      2. If no, proceed with unlocking the account
      3. If yes, we should validate bank account ownership
        1. Navigate to the “Document Uploads” view in Active Admin
        2. Hit the “Request Documents” button in the top right corner
        3. Select “Bank Statement”
        4. Hit “Request Documents” to initiate the request
        5. Hit “OK” to submit the request
        6. Solve the ticket

 

Review The Bank Statement

  • Navigate to the “Document Uploads” view in Active Admin
  • Review the completed Bank Statement request

Statement Review

  • Statement name must match the Stash account holder’s name
    • If not, ID for the 3rd party bank account owner should also be requested
      • Navigate to the “Document Uploads” view in Active Admin
      • Hit the “Request Documents” button in the top right corner
      • Select “Proof of Identity”
      • Hit “Request Documents” to initiate the request
      • Hit “OK” to submit the request
      • Send the General::Possible Fraud::3rd Party Bank Link - Additional Docs Needed Macro
        • Be sure to remove the point asking for a statement if we have already received one that meets our criteria
  • Account number on the statement should match the number displayed in Active Admin
  • Statement date should be within 30 days of receipt
    • In some situations, you may decide to accept statements outside of this timeframe based on your discretion and the reason for account restriction
  • Does the statement account balance or transaction activity lead you to believe they have malicious intent, or do they just appear to have money management issues?

 

Decision The Bank Statement

Approve

If the Bank Statement passes our review:

  1. Accept the document as Bank Statement within Active Admin
  2. Proceed with unlocking the account(s)

Re-Request

If the Bank Statement for an incorrect account or timeframe was provided:

  1. Reject the document as Bank Statement within Active Admin
  2. This will create a new request for the same document
  3. Send the General::Possible Fraud::Cannot Unlock - Re-request Docs macro, adding personalization to advise why we could not accept what was provided (Account information does not match the account we have on file, illegible, etc.)

Reject (Altered)

If the Bank Statement does not pass our review due to being altered or fictitious:

  1. Reject the document as Bank Statement within Active Admin
  2. Leave a note on the Zendesk ticket detailing why you rejected the Bank Statement
  3. Escalate the ticket for further review and possible closure using the macro Escalation::Level 2 - Fraud Escalation::Possible Altered Docs

Action The Account(s)

If all documents have been approved to resolve our Identity Theft concerns and verify the account holder’s identity, proceed with the following:

 

1. Unlock the account(s):

  • Navigate to the top of the profile in Active Admin
  • Click  the “Unlock and Resolve Fraud Reason” drop-down
  • Select the “fraud_restrict:cleared” reason that appears
  • Hit “OK” in the pop-up window that appears

 

Reply To The Customer

  1. Send the General::Possible Fraud::Account Unlock macro
  2. Submit the ticket as solved

Related articles

Powered by Zendesk