Skip to main content
Version: multi-v3

Onboard a Corporate

Register your corporate customers using the Weavr Multi API. Your customers need to complete due diligence before they can start using any financial services.

You can onboard corporates in 5 steps:

  1. Register a corporate identity
  2. Set the root user’s password
  3. Verify the root user’s email address
  4. Enrol the root user’s mobile device
  5. Enrol root user on alternative authentication factors (optional)
  6. Submit due diligence information/documents to verify the corporate

1. Register a Corporate Identity

A corporate represents a business entity that can be provided with financial services such as cards or IBANs. To start the onboarding process, create a corporate by providing the company and rootUser information.

The rootUser must be a legal representative of the corporate such as a director or a representative who has the power of attorney over the company. Once onboarded, the rootUser will always have full access to the identity and will be able to invite other users.

Your API Key

You can find your API key in the Multi Portal. Learn more about authentication and how to obtain your API key here.

Weavr returns the corporate object that contains the information you provided together with the id, which is used to identify this particular corporate in subsequent API calls.

2. Set the Root User’s Password

To set a password, you need to use a different API – not the one that you used to create the user. In this case, you need to set the root user’s password.

Non-PCI Compliant Innovators

If you are not PCI compliant, you cannot handle your customers’ plain-text passwords. Instead, you must tokenise passwords. Find more information on how to transmit data securely here.

3. Verify the Root User’s Email Address

The root user must verify their email address before the corporate can start using their account.

You can start the verification process using the API, the root user will receive an email sent to the email address that you provided when you created the corporate.

info

To send the verification email, the root user does not need to be authenticated.

Email Verification

After you start email verification, the root user will receive an email message that contains a URL. You must create a page in your application to which this URL will point to. On this page, you must allow the root user to input the verification code they received in the email.

Configure Your Application’s Base URL

For the email verification to work, you need to configure your application’s base URL. Find more information on where and how to configure it here.

Verify the email address of the root user by submitting the verification code that the root user received in the email and then submitted to your application.

4. Enrol the Root User’s Mobile Device

The root user must enrol their mobile device before the corporate can start using their account.

You can start the enrollment process using the API. The root user will receive a text message (SMS) on the mobile number that you provided when you created the corporate.

info

To send the enrollment text message, the root user must be authenticated.

Verify Mobile Device

You must build a page in your application where the user will be able to enter the verification code that they received in the text message. Then, you need to submit the verification code using the API.

info

To verify the verification code, the root user must be authenticated.

5. Enrol Root User on Alternative Authentication Factors (optional)

Weavr offers additional authentication methods other than sms. The enrolled authentication method will be used instead of sms once the enrolment is complete. Root users can be enrolled in alternative authentication methods using the below endpoint.

The root user should then accept the push notification received on the device.

info

We currently offer sms and Twilio authy as available authentication factors. More channels are coming soon.

danger

Twilio Authy must be activated in the corporate profile in order to enrol corporate users to use this authentication method.

6. Submit Due Diligence Information/Documents to Verify the Corporate

With Weavr, you can embed a UI component in your application, which will capture all of the information and documentation required for KYB. Your user will not need to leave your application.

The following information will be captured as part of the due diligence process:

  • Copy of the Certificate of Incorporation
  • Copy of the Articles of Association (last amendment)
  • Proof of business address such as a copy of a bank statement or lease agreement in the name of the business
  • Recent commercial registry extract clearly showing company structure including UBOs (ultimate beneficial owners)
  • UBO declaration form (downloadable here)
  • List of UBOs owning at least 25% of the company
  • KYC verification of at least one director or authorised representative (with Power of Attorney)

Trigger the KYB process by calling the API:

Weavr returns the reference parameter in the response body. Use this value to initialise the KYB UI component. You can find more information on the KYB UI component here.

You can get updates on the corporate’s KYB status by listening to the corporate KYB webhook. You can find more information on how to integrate with Weavr’s webhooks here.

Adding Additional Authorised Users

Apart from the root user, corporate identities can authorise other users to access their account. Find out more information on how to authorise additional users here.