Scoutinternal

Wallet Policy Change, Modification, and Removal Requests

Wallet Policy Change, Modification, and Removal Requests

Problem

Customers request changes to wallet-level or enterprise-level policies on BitGo, including modifying policy actions (e.g., changing from "automatically reject" to "require approval from wallet admins"), updating spending limits, changing the final approver on a policy, removing individual wallet policies, or unlocking locked policies so edits can be made. These requests require identity verification via video call before BitGo Support can action them. Customers may also have questions about the interaction between workspace (umbrella) policies and individual wallet policies.

Diagnostics

  • Identify the request type: Determine whether the customer wants to add, modify, remove, or unlock a policy. Confirm whether it applies at the wallet level or enterprise level.
  • Collect required identifiers: Ask for the wallet ID(s), enterprise ID, and/or policy ID. If the customer wants changes across multiple wallets, request an Excel sheet listing all wallet IDs.
  • Check initial verification status: Confirm whether the customer (and any other participants who will join the verification call) have completed their initial video verification with BitGo. If not, both the initial verification and the policy unlock must be completed on the same call.
  • Check VIDEO ID approval status: In the internal agent notes, look for a "VIDEO ID USERS" section listing which users are approved. Only approved/verified users can authorize policy changes.
  • Determine if the policy is locked: If the customer is unable to modify the policy themselves in the UI, the policy is likely locked and requires a BitGo-initiated unlock via the video verification process.
  • Check for workspace vs. wallet policy conflicts: If the customer is asking about the relationship between workspace-level (umbrella) policies and wallet-level policies, determine what policies are currently in place at both levels and whether they may conflict.

Resolution

Scenario: policy-change-policies-wallet#unlock-and-modify-locked-policy

Trigger: Customer requests a change to a specific wallet or enterprise policy (e.g., modifying the action, changing the approver, updating spending limits) but cannot make the change themselves because the policy is locked.

Signals: policy change, modify policy, policy locked, unlock policy, change action, change approver, final approval, spending limit, require approval from wallet admins, automatically reject

Steps:

  1. Confirm the customer's request details: wallet name, wallet ID, enterprise ID, policy ID, and the specific change requested.
  2. Inform the customer that for security purposes, a video verification call is required before the policy can be unlocked.
  3. Send the customer the Calendly scheduling link: https://calendly.com/bitgo-client-delivery/videoid
  4. Instruct the customer to bring a government-issued photo ID to the call. Include the note: "If you are not initially verified by BitGo, please bring the person on the call who has already verified and can authorise your identity."
  5. Ask the customer to reference their ticket number when scheduling the call.
  6. Check internally whether the customer has completed initial verification. If not, note that both initial verification and the enterprise policy unlock will need to be completed on the same call.
  7. During the video call, verify the customer's identity against their government-issued photo ID.
  8. After successful verification, unlock the policy. Policies are unlocked for a limited window (24 hours based on ticket evidence) during which the customer can make their modifications.
  9. Confirm the unlock to the customer and advise them to complete their changes within the unlock window.

Notes: The 24-hour unlock window is time-limited. If the customer misses the window, they will need to schedule another verification call. If the customer misses the scheduled call, send the rescheduling link: https://calendly.com/bitgo-client-delivery/kyc

"We have received your request to unlock your wallet policy. For security purposes, we will need to schedule a video conference to verify your Identification. Please use the following link to schedule a time to meet with us and verify the request: https://calendly.com/bitgo-client-delivery/videoid" (ticket #58)

"We have unlocked the policies for the next 24 hours from now as requested." (ticket #92)

"We are unable to modify the policy from our end. Please use the link below to schedule a call with us. Once the verification is completed, we will assist you in unlocking the policy. After it is unlocked, you will be able to modify the policy accordingly. ... Additionally, your initial verification is not yet complete. During the same call, we will assist you with completing the initial verification as well as the policy unlock process." (ticket #321767)

Scenario: policy-change-policies-wallet#enterprise-and-wallet-level-permission-changes

Trigger: Customer requests enterprise-level changes such as adding or modifying user permissions across wallets, not just a single policy parameter change.

Signals: enterprise level changes, wallet level changes, permissions, user roles, admin permissions

Steps:

  1. Confirm the scope of the request: which enterprise, which users, and what permission changes are needed.
  2. Determine whether video verification is required by checking with the Client Delivery team internally.
  3. If video verification is required, send the customer the Calendly scheduling link: https://calendly.com/bitgo-client-delivery/videoid
  4. If the customer misses the scheduled call, send the rescheduling link: https://calendly.com/bitgo-client-delivery/kyc
  5. After successful verification on the video call, action the requested permission changes.
  6. Confirm completion to the customer, specifying which users now have the requested permissions.

Notes: These requests may involve both enterprise-level and wallet-level changes simultaneously. Ensure all changes are documented and confirmed in a single resolution message.

"This request has been completed. Jesse and Li should now have the permissions you requested." (ticket #317081)

Scenario: policy-change-policies-wallet#bulk-policy-change-multiple-wallets

Trigger: Customer requests a policy change across all wallets in an enterprise or across a large number of wallets.

Signals: all wallets, multiple wallets, enterprise wallets, bulk policy change, excel sheet, wallet IDs

Steps:

  1. Ask the customer to provide a list of all wallet IDs that require the policy change. Request this as an Excel sheet if the number is large.
  2. Confirm the specific policy change requested for each wallet (or confirm the change applies uniformly).
  3. Schedule a video verification call via the Calendly link: https://calendly.com/bitgo-client-delivery/videoid
  4. After verification, proceed with unlocking and/or modifying the policies across the listed wallets.
  5. Confirm completion to the customer.

Notes: If the customer has not yet provided wallet IDs, the request cannot proceed. The wallet ID list is a prerequisite.

"It would be great if you could share an excel sheet containing all the wallet ids that you would like to unlock. We will need to do a video verification before we perform the unlock for it." (ticket #358351)

Scenario: policy-change-policies-wallet#workspace-vs-wallet-policy-overlap

Trigger: Customer asks whether individual wallet policies need to be removed when a workspace (umbrella) policy covering the same wallets is put in place.

Signals: workspace policy, umbrella policy, individual wallet policy, duplicate policy, conflict, group of wallets, delete policy

Steps:

  1. Advise the customer that the answer depends on the specific policies in place. There is a possibility of conflict between workspace-level and wallet-level policies.
  2. Ask the customer to provide details on both the existing wallet-level policies and the new workspace-level policy they intend to create.
  3. Review the policies for potential conflicts in enforcement behavior.
  4. If the workspace (umbrella) policy is a duplicate of the individual wallet policies, confirm that the customer can delete the individual wallet policies once the umbrella policy is active.
  5. If there are non-obvious conflicts, offer thought partnership to help the customer determine the correct configuration.

Notes: This scenario does not require video verification — it is an informational/advisory request. However, actually deleting or modifying the policies may trigger the standard unlock and verification flow described in other scenarios.

"The answer to this is maybe. It depends on the policies that are in place. There is a chance there may be a conflict in how these are enforced. Happy to offer some thought partnership if you can provide details regarding what you already have in place versus what you are looking to add." (ticket #265136)

Related

  • policy-structure — Describes the four parameters (Scope, Touchpoint, Condition, Action) that define every policy; useful for understanding what can be changed.
  • policies-faqs — Covers who can create policies, approval requirements for policy changes, and the rule that BitGo only allows one in-progress policy change at a time.
  • keycards-and-private-keys — Includes warm wallet vs. hot wallet distinction and whitelist policy context relevant to policy configuration.