The KYC process is determined by the Program settings and its configured Verification Mode. The following section is applicable only to programs configured for Person KYC (SDD or CDD verification mode).

KYC (Know Your Customer) verification is initiated as soon as a Person is onboarded onto the platform. The process follows the Verification Mode configured for the Program. Below are the key APIs used in the KYC verification process:

Create Person / Create Card API

When a Person is onboarded, Qolo performs a verification check based on the Program’s verification mode. The KYC process is triggered when using either:

Create Person API (when the Person is created separately)
Create Card API (if the Person’s data is passed during card creation)

Required Data for Standard KYC (U.S. Residents)

To perform standard verification for an individual residing in the United States, clients must provide the following details:

Full Name (First Name and Last Name)
Complete Residential Address (PO Box addresses are not allowed)
Date of Birth (DOB)
Social Security Number (SSN) -- Required only for CDD programs

Note: The required data fields may vary based on the Program's verification mode or the Sponsor Bank’s requirements.

Verification Process

Qolo attempts to verify the Person electronically via a KYC service provider (e.g., Idology).
If verification is successful, the Person (and/or Card) is created.
If verification fails, the API returns the Person GUID along with a failure reason.

Retrieve Person KYC API

Clients can retrieve the KYC status and the KYC history of a Person using the Retrieve Person KYC API.

API Behavior:

If the Person is already verified, the API only returns the KYC history (default behavior).
If the Person is not yet verified, the API may return:
- Out-of-Wallet (OOW) questions, if applicable. (Only available when configured via the verification provider, e.g., Idology).
- Failure reasons, if the Person failed KYC.[block:html]

If OOW challenge questions are not configured or not available, the API only returns the Person’s KYC history and failure reasons.

Clients can update the Person’s details and retry verification using the Perform KYC API.

Perform KYC API

The Perform KYC API allows clients to explicitly re-attempt verification for a Person who failed KYC. This API can be used in the following cases:

Use Cases for Perform KYC API:

Answer Challenge Questions
- If the Person applicant is presented with Out-of-Wallet (OOW) questions, the client can submit answers using this API.
Update Person Data & Retry Verification
- If incorrect or missing information caused KYC failure, the client can update the Person’s details and retry the verification process.
Upload Documents for Manual or Electronic Verification
- If document verification is required, the client can upload scanned ID documents for manual review or automated electronic verification.
Override KYC Verification Level (For Client-Managed KYC Programs Only)
- Some clients perform their own KYC verification instead of using Qolo’s default verification provider.
- In such cases, clients must submit a Client Verification Object, which:
  - Captures the KYC verification details on the Qolo platform.
  - Updates the KYC status of the Person.

If a Person fails KYC, the client must take corrective action (e.g., update information, submit documents, answer questions) before reattempting verification.

Interpreting KYC and Verification values/results

In general Verification results must be interpreted from the following three values:

KYC Verification Mode
Person Status
Verification Level

KYC Verification Mode

The KYC Verification Mode determines what kind of verification must be performed on Person being onboarded on the program for account or card creation.

Details on KYC Verification Mode can be found here.

Person Status

The Person Status provides the OFAC and sanctions check status and can be one of the following values:

Person Status	Description
CLEARED	Person has cleared sanctions check or No check was performed as per program requirements.
POTENTIALMATCH	The name of the person may be a potential match with a sanctioned person.
SANCTIONED	The name of the person is a confirmed match with a sanctioned person.

Verification Level

Verification Level of a person provides the status of person verification with regards to the program configured verification method. This does not include checks against a separate OFAC service provider (eg. Comply Advantage). If OFAC checks are performed through a different service provider from the ID verification service provider, then Person Status must be used to determine OFAC check results.

Verification Level	Description
KYC_NEW	New Person setup on platform. No verification done yet.
KYC_NA	For NDD programs only, where KYC is not required
KYC_PASS_LVL1	KYC Passed based on the Verification mode of the program. If verification conducted by the client, A reference ID (and the provider) must be provided.
KYC_REFER	Thin file or Insufficient data. Can be manually overridden to KYC Pass.
KYC_SOFT_FAIL	KYC soft fail. OOW questions available. Can be manually overridden to KYC Pass.
KYC_HARD_FAIL	KYC hard fail. Applicable for OFAC or sanctions list match or as defined by the Program KYC rules.
KYC_PASS_LVL2	(For future use) Enhanced verification was performed for the person.

Understanding KYC results

Verification Mode	Person Status	Verification Level	Interpretation
NDD	CLEARED	KYC_NA	No KYC or OFAC check was performed. However as per NDD program rules, person is CLEAR to have a card created in their name.
SDD	CLEARED	KYC_PASS_LVL1	Person has cleared sanctions check and can be issued a card/account.
SDD	POTENTIALMATCH or SANCTIONED	KYC_PASS_LVL1	Person has failed sanctions check. However if POTENTIALMATCH, person may be cleared manually as per the Sanctions check clearing process.
CDD	CLEARED	KYC_PASS_LVL1	Person has cleared the sanctions check and has also passed the verification method configured for the program (or manually verified). Card may be issued.
CDD	POTENTIALMATCH or SANCTIONED	Any	Person has failed sanctions check. However if POTENTIALMATCH, person may be cleared manually as per the sanctions check clearing process.
CDD	Any	Other than KYC_PASS_LVL1	Person has failed verification method and must be verified as per the program configuration.
EDD	CLEARED	KYC_PASS_LVL2	Person has cleared the sanctions check and has also passed the verification method configured for the program (or manually verified). Card may be issued.
EDD	POTENTIALMATCH or SANCTIONED	Any	Person has failed sanctions check. However if POTENTIALMATCH, person may be cleared manually as per the sanctions check clearing process.
EDD	Any	KYC_PASS_LVL1	Person has failed enhanced verification method for the program.
EDD	Any	Other than KYC_PASS_LVL1 or KYC_PASS_LVL2	Person has failed verification method and must be verified as per the program configuration.

As a best practice, when different service providers are configured for Sanctions Check and KYC Verification, the Person Status and Verification Level must be evaluated separately:

Sanctions Check Status → Look at the Person Status

This indicates whether the Person has cleared the sanctions screening.
A Person is cleared if their Person Status is CLEARED.

Verification Status → Look at the Verification Level

This indicates whether the Person has passed identity verification through electronic or manual methods.
A Person is verified if their Verification Level is KYC_PASS_LVL1.

Criteria for Fully Verified Status

A Person is deemed fully verified, and a Card or Account may be issued, only if:
✅ Person Status = CLEARED (Passed Sanctions Check)
✅ Verification Level = KYC_PASS_LVL1 or KYC_PASS_LVL2 (Passed KYC Verification via electronic or manual verification)

By ensuring that both Sanctions Screening and KYC Verification are successfully completed, clients can comply with regulatory requirements while securely onboarding individuals.