Incidents

Pleo’s brand promise is clarity, control, and confidence — and incident comms are the ultimate test of those values.

Our goals

• Inform quickly and clearly: Prioritise facts over filler.
• Stay human and calm: Avoid panic-inducing phrasing.
• Be accessible: Simple language, short sentences, scannable structure.
• Stay consistent: Use the same tone, structure, and terminology across channels.
• Empower and reassure Always tell them what to do next, and what Pleo is doing for them.

Voice reminders

• Confident, not defensive
• Clear, not corporate
• Empathetic, not emotional
• Human, not chatty

In-app banner template + Status page banner (all users)

Purpose: Immediate visibility for all users — short, actionable, trustworthy.

Format

[One-sentence explanation (what’s happening, who’s affected, what to do)]
[Optional link: Check details → {status page / help article}]

Example

Example (phishing)

Tone checklist

• Lead with the issue, not apology.
• Stay factual, avoid speculation.
• End with reassurance or clear next step.
• Do not use emojis.

SMS template (affected users only)

Purpose: Fast, direct communication when users are personally impacted.

Format

[Intro – who’s writing]
[Brief summary of what happened]
[How it affects them]
[Next steps / action needed]
[Pleo reassurance + link to more info]

Example (security case)

Pleo: We’ve spotted suspicious activity linked to your account.

Please reset your passcode immediately via the Pleo app.

Your funds remain safe. Details here: pleo.io/security-update

Tips

• Always identify the sender as Pleo in the first line.
• Make sure the message is sent from Pleo.
• Stay under 480 characters.
• Link only to pleo.io or trusted Pleo domains.
• Avoid using emojis or links (these could be mistaken for phishing).

Email template (affected users)

Subject line

Keep it short, neutral, and factual.

• Do: “Update on your Pleo account security”
• Don’t: “We’re sorry about what happened” or “Important notice!!!”

Structure

Hi [First name],

We want to make you aware of [brief description of the issue].
[Explain impact: who’s affected, what we know, what we’re doing.]

If this affects you, here’s what to do:
1. [Step/action 1]
2. [Step/action 2]

We’re monitoring the situation closely and will share updates here: [status link].

Thank you for your patience and understanding,
The Pleo Team

If you have questions, please respond to this email.

Example (phishing attempt)

Hi Alex,

We’ve seen fraudulent SMS messages pretending to be from Pleo. Some direct users to fake login pages and ask for passcodes or forwarded emails.

Please:

1. Ignore and delete any messages that look suspicious.
2. Never forward Pleo login emails or share your passcode.

We’re working with our partners to block these messages. Updates here: [help.pleo.io/security]

We’re doing our best to keep you safe,

The Pleo Team

If you have questions, please respond to this email.

General tips and best practices

Writing

• Follow a rough “what happened / what it means / what to do” structure.
• Use plain language and short paragraphs.
• Avoid technical jargon — e.g., “temporary issue” instead of “latency in authentication layer.”
• Limit adjectives; avoid words like critical, urgent, or severe unless truly warranted.
• Avoid emojis.

Accessibility

• Use clear headings and logical order (helps screen readers).
• Avoid abbreviations without context (e.g., write “Two-factor authentication (2FA)”).
• Never rely on color or icons alone to convey meaning.
• Keep messages within their proposed character limits.

Tone under pressure

• Default to calm confidence (”We’re on it”)
• Acknowledge impact without over-apologizing. (“We know this is frustrating” is better than “We deeply regret…”).
• Always balance transparency + reassurance.

Resources

• Pleo Content Design Helper GPT – Can be used for drafting and refining incident messages.
• Pleo Content Design Glossary – Standard terms.
• Status Page: status.pleo.io
• Help Center: help.pleo.io/security