How we verify campaigns
A complete walkthrough of what happens before a campaign reaches you, and what continues to happen after it's live. We publish this methodology so donors can decide for themselves whether our standards are good enough.
Three layers of review
Creator identity
Before any campaign can publish, the creator passes government-issued ID verification through Stripe Identity — a regulated KYC provider used by hundreds of platforms. Their bank account is verified through Stripe Connect onboarding. We never store the ID document or banking details on FundlyHub servers; that data lives with Stripe under their PCI-compliant infrastructure.
Campaign content
Every campaign — at submission and after every material edit — runs through structured trust checks across five categories (detailed below). The result is one of three outcomes: approved (publishes immediately), under review (publishes, accepts donations, but funds held until human reviewer clears), or not approved (does not publish; creator gets specific reasons and a remedy path).
Continuous monitoring
After publishing, campaigns remain monitored. Reports from donors trigger human review within 48 hours. Suspicious patterns — sudden donation spikes, repeat content, account anomalies — are flagged automatically. Held funds for a campaign whose creator goes inactive are protected and refunded if the creator doesn't reactivate.
What we evaluate
Five categories, evaluated in parallel for every campaign.
Beneficiary validation
Does the campaign clearly identify who the funds are for? If raising on behalf of someone else, is there a stated relationship and consent? Does the beneficiary's identity check out?
Financial viability
Does the goal amount align with the stated need? Is the breakdown of how funds will be used specific enough to verify against?
Content quality
Does the story include verifiable specifics — locations, dates, supporting media, beneficiary names where appropriate? Generic or templated stories trigger closer review.
Regulatory concerns
Does the campaign comply with country-specific rules (medical, political, religious, sports, charity)? Are required disclosures present? Is the campaign type appropriate for the platform?
Fraud signals
Pattern matching against known fraud indicators — duplicate stories, suspicious creator-account behavior, mismatched beneficiary information, unusual donation patterns post-publish.
What we don't look at
Race, gender, religion, country of origin
We don't use these as inputs to trust decisions — not as fairness theatre, but as a hard rule. A $1 million cancer-treatment campaign is as legitimate as a $500 emergency. A campaign for a small village in a country we've never heard of gets the same methodology as one in a major city.
Human in the loop
AI surfaces decisions; humans make the call on borderline cases. Specific rejection categories — fraud signals, regulatory concerns — require human approval before any automated outcome takes effect. Every appeal gets a different reviewer than the initial decision.
We log every decision and its reasoning. If a campaign is eventually proven wrongly rejected, that signal feeds back into the model — and we publish the false-positive rate in our annual transparency report.
What this protects against
Impersonation — creators raising in someone else's name without consent
Funds-not-as-described — campaigns that pivot from their stated purpose post-funding
Beneficiary fraud — fictional beneficiaries or stolen identities
Sanctions / regulatory violations — campaigns that can't legally operate in their stated region
Repeat fraud — accounts attempting the same scheme across multiple campaigns
Limits
No verification system is perfect. We catch most fraud at submission and the rest within days of going live, but a determined bad actor with a real ID can sometimes pass the initial check. That's why we have continuous monitoring, donor reporting, and a refund process — covered on our donor protection page.