Account Holders (Businesses/KYB)

Learn how to create an account holder object for businesses and run the business through KYB.

Account holders and accounts have a 1:1 relationship. When an account holder is successfully created, an associated account is also created.

To create a business account holder, a Know Your Business (KYB) process is run to verify the identity of the business. We support two types of workflows for KYB for program managed customers:

  • Basic KYB [beta] offers identity verification with an immediate pending decision, with a final accepted or rejected decision provided via webhook within 2 business days
  • BYO KYB [deprecated] allows an API user to bypass the Lithic KYB process and create an individual account (available only to users with KYB processes pre-approved by Lithic)

Customers enrolling businesses may also need to enroll those businesses' authorized users using our KYC-exempt workflow. All customers enrolling businesses and issuing physical cards to those businesses' authorized users should enroll those authorized users using the KYC-exempt workflow.

Create Business Account Holders

This endpoint runs the entered individual or business's information (i.e., account holder) through a Customer Identification Program (CIP), and creates an account holder object.

For program managed clients creating a new business account holder you’ll need to pass in KYB_BASIC for the workflow along with information for the business_entity, a description of the nature_of_business, the control_person, and the beneficial_owner_individuals if applicable. Lithic will run the information and if the account holder is successfully verified or requires further verification, an associated account_holder_token and account_token are returned in the response, which can then be used to issue cards once the workflow indicates an ACCEPTED status.

If further verification is required Lithic will return a status of PENDING_REVIEW in the response; you will then be required to upload front and/or back scans of the required documents for review. Lithic will review the documents and the application result will be provided in the account_holder.verification event. To be notified of events see Create Webhook for KYC/KYB Status.

🚧

As a reminder, while using this endpoint is an important part of ensuring your card program is compliant with relevant government and banking regulations, you are responsible for all financial activity on api.lithic.com associated with your API key. This endpoint is intended to be used for KYC/KYB compliance purposes, and not as a comprehensive fraud solution.

KYB Workflow Details

  1. Lithic client submits the required information with KYB_BASIC workflow via Create an Individual or Business Account Holder endpoint

  2. Lithic responds with ACCEPTED or PENDING_REVIEW status for the account holder.

    1. ACCEPTED - KYB is complete and cards may be issued
    2. PENDING_REVIEW - Either the Business Entity, Beneficial Owner, and/or Control Person needs additional information.
  3. For applications PENDING_REVIEW clients must submit the required documents. Use the Get Account Holder endpoint to return the required_documents for the account holder. Once the documents are ready for upload call the Initiate Account Holder Document Upload endpoint. Lithic will return URLs to be used to upload the documents.

  4. Lithic will review the documentation and return an APPROVE, REJECT, or PARTIAL_APPROVAL for the failure reasons. An account_holder_document.updated event will be sent with the updated status. To be notified of events see Create Webhook for KYC/KYB Status.

  5. If a document was rejected, you will be able to either upload the same type of document again (e.g. the document was blurry) or upload a new document that also satisfies the status_reason (e.g. the driver's license is expired so a passport could be used instead). Use the Initiate Account Holder Document Upload endpoint to upload a new document type otherwise use the Get Account Holder Document Upload endpoint to generate a new upload link for the specified document.

  6. Lithic will review the documentation and APPROVE or REJECT the document. An account_holder_document.updated event will be sent with the updated status. To be notified of events see Create Webhook for KYC/KYB Status.

    1. If further information is needed after the documentation is uploaded the Lithic compliance team will reach out via email or Slack with further details.


Expected Response Times:

  • Steps 1 + 2 - Customer makes call with required business data and PII, and receives a pending review status for the account holder: Up to 30 seconds
  • Steps 3 + 4 - Customer uploads documentation then subsequently receives a webhook containing final status for the account holder: Up to 48 business hours.
  • Steps 5 + 6 - Additional document upload and review will take addition time.

Document Review Process

Document Upload Statuses

After an account is created and is in a PENDING status you can call the Get Account Holder Document Uploads endpoint to return the status and URLs for all documents in review or the Get Account Holder Document Upload Status endpoint to return the status of a specific document.

An ACCEPTED document status means the evidence is satisfied and it will no longer be included in the list of required_documents, it does not mean the Business has been approved.

Note that the upload URLs expire after 7 days. If an upload URL expires, you can refresh the URLs by retrieving the document upload from the Get Account Holder Document Uploads endpoint.

Document Upload StatusesDefinition
PENDING_UPLOADAccount holder is in a PENDING status and needs additional documentation to proceed.
UPLOADEDLithic received documents by API and the account holder is in the review process.
ACCEPTEDLithic accepted the uploaded documents, cards can be ordered on the account.
REJECTEDLithic rejected the uploaded documents, cards cannot be ordered on the account.
PARTIAL_APPROVALLithic has reviewed the uploaded documents, and only a subset of status reasons are satisfied by the document upload.

Document review failure reasons

The following reasons can be returned in the account_holder.verification event and can be used to decide what action is needed for the additional document upload.

Failure ReasonDescription
DOCUMENT_MISSING_REQUIRED_DATAA document did not contain the relevant information to satisfy the failure
DOCUMENT_UPLOAD_TOO_BLURRYA document was too blurry
FILE_SIZE_TOO_LARGEThe document file size was larger than the maximum size of 15mb
INVALID_DOCUMENT_TYPEThe document upload did not match the expected document type. For instance, a TAX_RETURN was uploaded for a document of type EIN_LETTER.
INVALID_ENTITYThe document upload was uploaded for the wrong entity.
DOCUMENT_EXPIREDThe document upload was expired. For instance, if a DRIVERS_LICENSE uploaded is expired.
DOCUMENT_ISSUED_GREATER_THAN_30_DAYSThe document upload, initially expected to be issued less than 30 days, has exceeded the maximum allowable time of 30 days.
DOCUMENT_TYPE_NOT_SUPPORTEDThe document uploaded is not supported for verification of the entity status reasons.
UNKNOWN_FAILURE_REASONThe document uploaded was REJECTED for an unknown failure reason. A new document upload should be initiated.
INVALID_DOCUMENT_UPLOAD*Deprecated, the document upload was invalid
UNKNOWN_ERROR*Deprecated, the document uploaded was REJECTED for an unknown failure reason. A new document upload should be initiated.

KYB Failure and Required Documents

When a KYB evaluation fails, one or more of the following reasons will be returned in the response.

The following table provides the status_reasons for the failure along with the required_documents that can be used for validation. If an entity has failed for multiple reasons one document upload can satisfy multiple status_reasons as long as the document is listed for each reason i.e. you do not need to upload a document multiple times for different status_reasons.

If able, Lithic will merge required_documents into a subset of documents that satisfies all failures for a given entity. While the document subset is provided for ease of use, you are still able to upload documents that are not provided in the subset given the list below.

Failure Reason (status_reasons)Requires one of the following required_documents
(*Refers to the preferred document )
PRIMARY_BUSINESS_ENTITY_ ID_VERIFICATION_FAILUREEIN_LETTER*
TAX_RETURN
SS4_FORM
The government-issued identification of the primary business entity provided could not be verified.
PRIMARY_BUSINESS_ENTITY_ ADDRESS_VERIFICATION_FAILUREEIN_LETTER
TAX_RETURN
BANK_STATEMENT
CERTIFICATE_OF_GOOD_STANDING
ARTICLES_OF_INCORPORTATION
ARTICLES_OF_ORGANIZATION
CERTIFICATE_OF_FORMATION
OPERATING_AGREEMENT
BYLAWS
GOVERNMENT_BUSINESS_LICENSE
PARTNERSHIP_AGREEMENT
BANK_STATEMENT *
UTILITY_BILL_STATEMENT*
The address of the primary business entity provided could not be verified.
PRIMARY_BUSINESS_ENTITY_NAME_ VERIFICATION_FAILUREEIN_LETTER
TAX_RETURN
CERTIFICATE_OF_GOOD_STANDING*
ARTICLES_OF_INCORPORTATION*
ARTICLES_OF_ORGANIZATION*
CERTIFICATE_OF_FORMATION*
OPERATING_AGREEMENT
BYLAWS
GOVERNMENT_BUSINESS_LICENSE PARTNERSHIP_AGREEMENT
The name of the primary business entity provided could not be verified.
PRIMARY_BUSINESS_ENTITY_ SOS_FILING_INACTIVECERTIFICATE_OF_GOOD_STANDING*The business entity is not active with the Secretary of State.
PRIMARY_BUSINESS_ENTITY_ SOS_NOT_MATCHEDCERTIFICATE_OF_GOOD_STANDING*The name of the business entity provided could not be matched with the Secretary of State.
PRIMARY_BUSINESS_ENTITY_ BUSINESS_OFFICERS_NOT_MATCHEDCERTIFICATE_OF_GOOD_STANDING
ARTICLES_OF_INCORPORTATION
ARTICLES_OF_ORGANIZATION
CERTIFICATE_OF_FORMATION
OPERATING_AGREEMENT *
BYLAWS *
GOVERNMENT_BUSINESS_LICENSE
The names of the business officers provided do not align with the records available from official or regulatory sources such as the Secretary of State or other business databases.
PRIMARY_BUSINESS_ENTITY_ CMRA_FAILUREDocumentation cannot be provided to override a CMRA failure. The user will need to be resubmitted with a corrected address.The business address is listed at a Commercial Mail Receiving Agency.
PRIMARY_BUSINESS_ENTITY_ WATCHLIST_FAILURELithic will auto review any blocklist hits. If possible they will be cleared without further documentation. A direct response will continue to be blocked.The business was found on a government's watchlist.
PRIMARY_BUSINESS_ENTITY_ REGISTERED_AGENT_FAILUREDocumentation cannot be provided to override a registered agent failure. The business was found to be registered using a registered agent service.
CONTROL_PERSON_NAME_VERIFICATION_ FAILUREDRIVERS_LICENSE*
PASSPORT*
PASSPORT_CARD
The control person's name provided could not be verified.
BENEFICIAL_OWNER_INDIVIDUAL_NAME_ VERIFICATION_FAILUREDRIVERS_LICENSE*
PASSPORT*
PASSPORT_CARD
One or more of the business owner individual's name(s) provided could not be verified.
CONTROL_PERSON_DOB_VERIFICATION_ FAILUREDRIVERS_LICENSE*
PASSPORT*
PASSPORT_CARD
The control person's date of birth provided could not be verified.
BENEFICIAL_OWNER_INDIVIDUAL_DOB_ VERIFICATION_FAILUREDRIVERS_LICENSE*
PASSPORT*
PASSPORT_CARD
One or more of the beneficial owner individual's date of birth provided could not be verified.
CONTROL_PERSON_ID_VERIFICATION_ FAILURESSN_CARD
ITIN_LETTER*
The control person's government-issued identification number provided could not be matched.
BENEFICIAL_OWNER_INDIVIDUAL_ID_ VERIFICATION_FAILURESSN_CARD
ITIN_LETTER*
One or more of the business owner individual's government-issued identification number(s) provided could not be matched.
CONTROL_PERSON_BLOCKLIST_ALERT_ FAILURELithic will auto review any blocklist hits. If possible they will be cleared without further documentation. A direct response will continue to be blocked.The control person appeared on one or more government watch lists.
BENEFICIAL_OWNER_INDIVIDUAL_ BLOCKLIST_ALERT_FAILURELithic will auto review any blocklist hits. If possible they will be cleared without further documentation. A direct response will continue to be blocked.One or more of the beneficial owner individual's appear on one or more government watch lists.
OTHER_VERIFICATION_FAILURELithic will reach out directly with next steps. The business entity could not be verified for other reasons.

Required Documents List

The following provides a description of the allowed document types to satisfy the required_documents.

Valid DocumentRequired Image TypesDocument Description
DRIVERS_LICENSEFRONT BACKAn individuals driver’s license that can be used to verify the identity of an individual
PASSPORTFRONT BACKAn individual’s passport that can be used to verify the identity of an individual.
PASSPORT_CARDFRONT BACKAn individuals passport card that can be used to verify the identity of an individual.
EIN_LETTERFRONTDocument that displays the Employer Identification Number (EIN), given by the IRS, and business name. The submitted address must be present.
TAX_RETURNFRONTTax document that displays the EIN, business name, and address name. The submitted address must be present.
OPERATING_AGREEMENTFRONTDocument that displays a variety of business related information, most important of which are the business name and business address. The submitted address must be present.
CERTIFICATE_OF_FORMATIONFRONTDocument that a business files with the state to form the business entity. The submitted address must be present.
CERTIFICATE_OF_GOOD_STANDINGFRONTA certificate of good standing is a document issued by a state that verifies a business is legally permitted to operate in that state. It's also known as a certificate of existence or certificate of status, and may have a state-specific name. The submitted address must be present.
ARTICLES_OF_INCORPORATIONFRONTArticles of incorporation are a set of formal documents filed with a government body to legally document the creation of a corporation. The submitted address must be present.
ARTICLES_OF_ORGANIZATIONFRONTArticles of organization are part of a formal legal document used to establish a limited liability company (LLC) at the state level. The submitted address must be present.
BYLAWSFRONTThe rules that govern your corporation's operations and create an organizational structure for your company. The submitted address must be present.
GOVERNMENT_BUSINESS_LICENSEFRONTGovernment-issued business license.
PARTNERSHIP_AGREEMENTFRONTA partnership agreement is a legal document that dictates how a small for-profit business will operate under two or more people.
SS4_FORMFRONTIRS Application for Employer Identification Number form.
BANK_STATEMENTFRONTMost recent bank statement.
UTILITY_BILL_STATEMENTFRONTRecent utility bill dated within 30 days. The the submitted address must be present on the utility bill.
SSN_CARDFRONTA Social Security (SSN) card is a card that contains a person's Social Security number (SSN), which is a unique nine-digit number.
ITIN_LETTERFRONTAn Individual Taxpayer Identification Number (ITIN) is a tax processing number issued to nonresident Aliens (NRA)

Create Webhook for KYC/KYB Status

You can create a webhook to be notified of updates to the status of any in-process KYC or KYB evaluation. We send three types of events related to accountholders via our Events platform: account_holder.created, account_holder.updated, and account_holder.verification. You can also see examples of these three events in Sandbox using Send Example Event Types.

Events that will include status,status_reasons, and required_documents

  • account_holder.created
  • account_holder.verification

Simulating the KYB Flow

  1. See Simulating Account Holder Creation page for detail on creating an account.
  2. Then use the Simulate an account holder's enrollment review to pass in ACCEPTED or REJECTED
  3. To simulate a document review call the Simulate an account holder document upload's review API.