What is an “Out-of-Wallet” Verification Call And Why Risk Teams Still Need It

What is an “Out-of-Wallet” Verification Call And Why Risk Teams Still Need It

Merchant onboarding has come a long way. From paper forms and faxed utility bills to automated KYC, real-time KYB, and AI-powered risk scores, much of the process can now be completed without ever picking up the phone.

But every experienced risk analyst knows: sometimes you have to talk to a human.

When something doesn’t add up like a mismatched address, a flagged identity, or an application that just doesn’t feel right, one of the most reliable tools in the risk team’s arsenal is the “Out-of-Wallet” verification call.

What is an “Out-of-Wallet” Call?

An “Out-of-Wallet” (OOW) call is a phone interview where the risk or compliance analyst asks the applicant non-obvious questions that a fraudster is unlikely to answer correctly — even if they have access to stolen documents or data.

These questions are called “out-of-wallet” because they go beyond what’s found in someone’s physical wallet: things like name, address, or government ID numbers. Instead, the questions test for real knowledge, behavioral consistency, and contextual understanding.

When to Use an OOW Call

• Identity verification failed or returned suspicious results
• Discrepancies in business documents (e.g., mismatched addresses)
• Inconsistent IP geolocation, language, or phone number
• Multiple failed KYB/KYC attempts or recycled identities
• High-risk MCCs, verticals, or jurisdictions

‍

OOW calls are especially effective in catching synthetic identity fraud or preventing account takeover during onboarding.

‍

What to Ask in an OOW Call

Here are the three categories of questions every risk team should have ready:

Personal Identity Verification: Confirm the person’s identity based on data that’s not easy to guess or steal.

• What’s your full legal name and date of birth?
• What was your previous residential address?
• Can you confirm your personal phone number or email?
• Have you held any credit products in the last 3 years? With which bank?

‍

Business Information Validation: Ensure the caller knows and is authorized to speak for the business.

• What’s your role in the company?
• When was the business incorporated?
• What’s your expected average monthly volume and ticket size?
• What address do you operate from? Is it a home or commercial location?

‍

Behavioral and Risk Signals: Dig into inconsistencies and gauge legitimacy.

• We noticed your IP address shows a different country than your business. Can you explain that?
• Why is your business registered in one country, but your phone number is from another?
• Can you describe what your business does, and how you take payments?

‍

What Red Flags to Watch For: During the call, trained analysts listen for more than just answers. They’re watching for:

• Hesitation on basic information
• Inconsistent stories or answers that change mid-call
• Voice anomalies (like echo, coaching, or call center background noise)
• Evasive or defensive responses to normal business questions

‍
‍

When It Works Best: Out-of-wallet verification is one of the few tools that can:

• Disqualify fraudsters even with “clean” documents
• Surface synthetic or stolen IDs in real time
• Protect against insider fraud or impersonation attempts

‍

It’s not scalable — and that’s the point. It’s the manual fallback that protects your portfolio when automation alone isn’t enough.

‍