Home / Issuing / Onboard Accounts
In some cases, applications can be flagged for review because additional account holder verification information is needed. This review process confirms a person or business's identity and ensures compliance with Know-Your-Customer (KYC) or Know-Your-Business (KYB) regulations.
IN_REVIEW
statusThe application review process typically flows as follows:
IN_REVIEW
status.Depending on the type of account holder applying for a card product, documentation may be required from more than one applicant. For example, for business account holders, documents may be required for the primary authorized person and each beneficial owner.
When an application enters IN_REVIEW
status, the API returns the reason why it was flagged for review in verificationResultCodes
.
When there are multiple response codes, the account holder may need to provide multiple documents.
In the response payload for the startDocumentUploadSession
mutation, the following fields can be used to resolve a flagged application:
recommendedDocumentTypes
field provides the document(s) that are most likely to resolve the review status with the fewest documents needed.verificationResultCodeDocumentContext
to see all document types that may resolve each result code.Business entity documentation is only relevant to USBusinessAccountHolders
and includes documentation related to the business.
In cases where a business account holder is a sole proprietor, personal information can be used in place of business-related documentation. For example, a sole proprietor may not have an EIN but can have one of the following documents:
The application will be DENIED
if the documents appear forged, outdated, or invalid. Also, documents cannot be expired and must be dated within 60 days.
After the application is IN_REVIEW
status (and verification documents are required), you can collect documents with the Document Upload SDK; or you can use the Highnote GraphQL API to generate URLs for each required document.
One or more documents may be required based on the review response and the document type they provide.
If you use the Highnote API, the document upload process consists of the following steps:
Supported file formats are PDF, PNG, JPG. We recommend a file size of 10MB or less.
Note: For compliance reasons, if you are not using a server or do not have access to one, you must generate a client token to make requests directly from your client. For more information, see Client Tokens.
Start a document upload session by generating a URL to send the account holder that allows them to upload their documents. We recommend using the application status event notification to send a notification to account holders to alert them of the application review status and provide a URL to your document upload session.
Note the following when starting a document upload session:
DENIED
.Use the following mutation to start a document upload session:
Note: Document upload links expire five minutes after creation.
Once a document upload session has started, you must create a secure upload link for each document. For example, if the applicant must provide a driver’s license and utility bill, each document would need its own unique upload link.
Note the following when creating upload links:
PENDING
.uploadURL
field in the mutation's response.Use the following mutation to create a document upload link. Use the DOCUMENT_UPLOAD_SESSION_ID
from the startDocumentUploadSession
response for this mutation’s variable field:
After an account holder has confirmed they have uploaded all required documents, you can end the document upload session.
Note the following when ending a document upload session:
SUBMITTED
.SUBMITTED
, no other actions can be taken for it. If more documentation is required, a new session must be started to upload the additional documents.Use the following mutation to end a document upload session:
Note: Highnote will not return a public link to access the content of the documents to protect the account holder's privacy.
You can monitor the status of account holder documents while the Highnote team reviews them by querying for the status using the Highnote API or the dashboard. For a full list of application status codes, see the AccountHolderApplicationStatusCode enum.
Note the following about monitoring application review statuses:
Use the following query to fetch the review status of an account holder application:
Once you've closed the document upload session, you can simulate the review status of each document by assigning a new status of APPROVED
or DENIED
. Use the following mutation to simulate the review status for each document uploaded in the upload session:
Highnote's application review simulation allows you to test the following:
For more information, see Simulate Application Review.