Demand Deposit Account (DDA) Change Policy.docx

Policy and Procedure

Document information and change log

Document Information

Header

Information

Next review

October 2, 2026

Status

Initial Release

Regional scope & language

Territory of USA in English

Applies to entities

Give Corporation Inc.

Overall responsibility

Loraine Stewart, CCO

Approved by

Joshua Rowley, CEO; Aaron Miller, CRTO

Change log

Date

Version

Reason for version

October 2, 2025

1.0

Initial Release


Gender And Entity Neutrality

The masculine form is used solely for the sake of better readability. It always refers to persons of any gender identity (m/f/diverse). This document uses the abbreviation “Give” for all legal entities and subsidiaries.

Table of Contents

1. Purpose        3

2. Scope        3

3. Definitions        3

4. DDA Change Policy        3

4.1 Access & Authentication        3

4.2 Merchant Initiation        4

4.3 Notification and Workflow        4

4.4 Risk and Underwriting Review        4

4.5 Approval/Decline        4

4.6 Screening & Monitoring Triggers        4

5. Logging & Audit Trail        5

6. Responsibilities        5

7. Record Retention        5

8. Enforcement        5

1. Purpose

This policy establishes the process for handling Demand Deposit Account (DDA) Change Requests to ensure that all updates to merchant settlement bank accounts are properly verified, reviewed, and documented. The objective is to protect against fraud, unauthorized account changes, and compliance risks.

2. Scope

This policy applies to:

  • All merchants registered on the platform who maintain one or more Demand Deposit Accounts (DDAs) for settlement.
  • All employees involved in reviewing, approving, or auditing DDA Change Requests, including members of the Risk/Underwriting team and Compliance team.
  • All bank account change activities, including:
  • Addition of a new bank account.
  • Modification of an existing bank account.
  • Removal of an inactive or invalid bank account.

3. Definitions

  • Demand Deposit Account (DDA): A bank account used by merchants to receive settlement of processed funds, commonly referred to as a checking account.
  • DDA Change Request: Any formal request submitted by a merchant to add, edit, or remove a settlement account.
  • Change Request Log: The system record maintained within the platform that documents all DDA change activities, including requester, reviewer, date/time, outcome, and supporting documentation.
  • Supporting Documentation: Valid evidence (e.g., recent bank statement, voided check, bank letter) confirming account ownership and accuracy.

4. DDA Change Policy

4.1 Access & Authentication

Only the merchant can make updates to the merchant’s profile. One signer may use their authenticated login credentials to make and authorize account changes. Account changes will be verified also with the ownership. Give’s platform monitors each account to detect unusual activity and changes. A log of who made the updates and the time the changes were made will be captured in Give’s platform and available for review. Changes to the merchant will trigger a notification to verify CIP, CDD/EDD, OFAC and MATCH. Significant changes such as name, address, additional locations, ownership will trigger a new merchant application.

4.2 Merchant Initiation

  • Merchants may request to add or modify their bank account(s) directly through the designated section of the platform.
  • Each request must be accompanied by valid supporting documentation.

4.3 Notification and Workflow

  • Upon submission, the platform generates an automatic alert to the Risk/Underwriting teams.
  • The request is locked until it is formally reviewed and approved.

4.4 Risk and Underwriting Review

The Risk/Underwriting team must review each request by performing the following checks:

  • Verification that the account number and attached bank statement match.
  • Statement recency check (dated within the past 1–2 months).
  • Validation of account ownership against merchant details.
  • Review of supporting documentation for authenticity.
  • Confirmation that account change is not frequent or suspicious.
  • Website monitoring to ensure no unusual changes to payment methods.
  • Based on findings, the team may approve, reject, or request additional documentation.

4.5 Approval/Decline

Approve: Update is applied to the merchant profile; decision is logged.

Decline: No changes are applied; reason is documented and merchant notified.

Escalation: Suspected fraud or material discrepancies escalate to Compliance and may result in suspension, enhanced due diligence, or regulatory reporting.

4.6 Screening & Monitoring Triggers

  • Any merchant profile change triggers notifications to verify CIP, CDD/EDD, OFAC, and MATCH.
  • Significant changes (e.g., legal name, address, ownership, additional locations) trigger a new merchant application and a refreshed underwriting review.
  • The platform continuously monitors for unusual activity and bank detail changes.

5. Logging & Audit Trail

All DDA Change Requests must be captured in the Change Request Log with, at minimum:

  • Merchant identity; request type (add/modify/remove).
  • Requester identity and datetime of submission.
  • Reviewer identity and datetime of decision.
  • Decision (approve/decline) and rationale/notes.
  • References to supporting documentation and verification steps performed.
    Logs must be immutable and available for audit.

6. Responsibilities

  • Merchants: Provide accurate information and supporting documentation; maintain secure control of credentials.
  • Risk/Underwriting: Perform verifications, record decisions, maintain logs, and escalate where appropriate.
  • Compliance: Periodically audit logs, review escalations, ensure adherence to regulatory and card brand requirements.

7. Record Retention

Maintain Change Request Logs, approvals/declines, and supporting documentation. Store securely with access controlled on a need-to-know basis.

8. Enforcement

Non-compliance may result in request rejection, employee disciplinary action, merchant account suspension/termination, and/or regulatory reporting.

The information contained herein is intended to provide a general overview of the Company’s policies and procedures relating to compliance with this Policy and does not constitute legal advice or a complete description of the laws and regulations relating to this Policy. The Company has made every effort to ensure the accuracy and completeness of this Policy.  This document is intended to provide guidance to employees of Company on how to comply with applicable laws and regulations related to this Policy. Employees should consult with the Legal or Compliance Department if they have any questions about the Policy or how to comply with it. Company reserves the right to modify or update this Policy at any time without notice. Employees are responsible for reviewing the Policy on a regular basis to ensure that they are aware of any changes. This Policy applies to all employees of Company, regardless of their position or location unless stated otherwise in the Policy. Employees are responsible for complying with the Policy and for reporting any suspected violations to their respective supervisor, the Legal Department, AMLCO or respective recipient of such violation as outlined in this Policy.

Copyright © GiveCorporation Inc. All Rights Reserved