Ongoing due diligence for personal customers

Ongoing due diligence (further – ODD) refers to the continuous process of monitoring and evaluating a customer’s profile and activities after the initial onboarding. This is crucial to ensure compliance with Anti-Money Laundering (AML) laws, Counter-Terrorism Financing (CTF) regulations, and Know Your Customer (KYC) requirements. Goals of ongoing due diligence are :

  1. To mitigate risks: Continuously monitor customer transactions for signs of suspicious activity, fraud, or illegal behavior, ensuring that any potential threats are identified and addressed early.
  2. Compliance Assurance: Ensure that we stay in compliance with evolving regulatory frameworks and legal requirements, including AML, KYC, and CTF regulations.
  3. Maintain Customer Profile Accuracy: Update customer data and profiles as necessary, based on new information or changes in their business or financial activity, to ensure ongoing risk assessment is based on the most current and accurate information.
  4. Implement Enhanced Due Diligence (EDD): For higher-risk customers or transactions, perform more in-depth scrutiny and reporting to ensure compliance with the financial institution’s risk management protocols.
  5. Maintain a Trustworthy Relationship: Build and sustain trust with customers and regulators by demonstrating proactive efforts to prevent financial crimes and ensure transparency in financial activities.

By leveraging APIs to manage this ongoing due diligence process, BaaS partners help streamline compliance and risk management activities, providing robust and scalable solutions for their customers.

Prerequisites

ID status for such customer should be approved. There is no need to re-do IDV if it’s still valid, but if a document is expired, then this will be requested during ODD process as well.

Monitoring

In order to receive information about incoming ODD date, at phase 1 ConnectPay will share a list of customers that ODD time is coming this year.

At phase 2, there will be separate webhook event to subscribe and track.

Data collection

Based on separate risk scores, ConnectPay maintains 3 different timelines for customers:

  • Each 1 year for higher risk customers;
  • Each 2 years for medium risk customers;
  • Each 3 years for low risk customers.

There are cases when ODD can be triggered by risk-related events as well.

Notification about ODD is prepared 60 days until ODD date – to properly prepare communication for customers and start data collection.

Data is collected via new endpoint POST /baas/onboarding/applications/odd/personal

In the table below we provide API header and descriptions:

NameDescriptionValue/Example
AuthorizationAccess token with required scopeBearer 8e36ce9d-6f51-479d-8ade-dff2952b4acb
Accept application/json;version=1
Content-Type application/json
x-connectpay-requestidID of the request, unique to the call.4d662590-731f-42f9-926f-aae0cec66a06

In a table below we provide parameter descriptions and constraints:

Parameter NameIs mandatory?DescriptionTypeConstraintAdditional comment
baasClientIdYesClient ID mapped to BaaS contractString <UUID>[1…36 characters] 
person.isUboYesConfirmation that the client is the beneficial owner of the funds in the bank accountBooleanTrue
False
 
person.pep.isPepYesDeclaration regarding whether the person is PEPBooleanYesNo 
person.pep.positionNoPEP position name is a client is a PEPStringMin length 1
Max length 100
Not null
Not digits
Not characters:~!@#$%^*()_+={}[]\|:;",<>/?
Conditional Mandatory when isPep is true
person.address.countryCodeYesAddress country of the clientStringMin length 2
Max length 2
Not null
Not digits
Not characters:~!@#$%^*()_+={}[]\|:;",<>/?
Country Codes Alpha-2
person.address.addressLine1YesFreeform Address of a client, line 1StringMin length 3
Max length 100
Not null
 
person.address.addressLine2NoFreeform Address of a client, line 2StringMin length 3
Max length 100
 
person.address.cityYesAddress city of a clientStringMin length 3
Max length 100
Not null
 
person.address.postcodeYesAddress postal code of a clientStringMin length 3
Max length 15
Not null
 
person.taxIdentification.taxCountry.countryCodeYesCountry where customer is a taxpayerStringNot null 
person.taxIdentification.taxCountry.tinYesTaxpayer identification number of a clientStringNot nullConditional Mandatory Parameter, optional when residenceCountry.countryCode is LT
person.taxIdentification.additionalCountries[countryCode]NoCountry where customer is a taxpayer (additional)StringNot null 
person.taxIdentification.additionalCountries[tin]NoTaxpayer identification number of a client (additional)StringNot null 
account.connectionToLithuaniaYesDefines connection to LithuaniaArray of stringsWorkOwnRealEstateHaveCompanyInLt
StudyingInLt
ResidencePermitSpouseIsLtCitizen
TaxRefundsStateBenefits
HaveCounterpartiesLocatedInLt
EuroAccount
values changed to PascalCase
account.purposesOfAccount.[]YesDefines the purposes of the accountMultiselectStringSalary
IndividualOrSoleTraderIncome
PersonalOrHouseholdExpenses
ForeignTransactions
VirtualCurrencyOrGamblingRelatedTransactions
InvestmentTransactionsOrLoanPayments
Other
if value is not from the defined list, it should be added as Other
values changed to PascalCase
account.purposesOfAccountAdditionalInformation.businessActivityRegistrationNoNoTextString Conditional Mandatory when purposesOfAccount has IndividualOrSoleTraderIncome
account.purposesOfAccountAdditionalInformation.businessActivityIndustryNoTextString Conditional Mandatory when purposesOfAccount has IndividualOrSoleTraderIncome
account.purposesOfAccountOtherNoTextString[ 1 .. 30 ] charactersWhen purposesOfAccount has Other
account.sourceOfIncomeYesSelectStringEmploymentOrIndividualBusinessIncome
Pension
Savings
Alimony
SocialBenefits
Scholarship
Other
if value is not from the defined list, it should be added as Other
values changed to PascalCase
account.sourceOfIncomeOtherNoTextString[ 1 .. 30 ] charactersWhen sourceOfIncome has Other
account.requestedProducts[]NoList of defined CP productsStringRailsSwiftvalues changed to PascalCase
account.monthlyGrossTurnoverYesExpected account turnover of a client String 0_1000
1001_3000
3001_15000
15001_50000
50001_OrMore
values changed to PascalCase
account.intendedCountriesToTransactWithYesCountry list from where and to where funds will be sentArray of stringMin length 2
Max length 2
Not null
Not digits
Not characters:~!@#$%^*()_+={}[]\|:;",<>/?
Enum: "LT" "AF" "AL" "DZ" "AS" "AD" "AO" "AI" "AQ" "AG" "AR" "AM" "AW" "AU" "AT" "AZ" "BS" "BH" "BD" "BB" "BY" "BE" "BZ" "BJ" "BM" "BT" "BO" "BA" "BW" "BV" "BR" "IO" "BN" "BG" "BF" "BI" "KH" "CM" "CA" "CV" "KY" "CF" "TD" "CL" "CN" "CX" "CC" "CO" "KM" "CK" "CR" "CI" "HR" "CU" "CY" "CZ" "DK" "DJ" "DM" "DO" "TL" "EC" "EG" "SV" "GQ" "ER" "EE" "ET" "FK" "FO" "FJ" "FI" "FR" "GF" "PF" "TF" "GA" "GM" "GE" "DE" "GH" "GI" "GR" "GL" "GD" "GP" "GU" "GT" "GN" "GW" "GY" "HT" "HM" "HN" "HK" "HU" "IS" "IN" "ID" "IR" "IQ" "IE" "IL" "IT" "JM" "JP" "JO" "KZ" "KE" "KI" "KW" "KG" "LA" "LV" "LB" "LS" "LR" "LY" "LI" "LU" "MO" "MG" "MW" "MY" "MV" "ML" "MT" "MH" "MQ" "MR" "MU" "YT" "MX" "MC" "MN" "MS" "MA" "MZ" "MM" "NA" "NR" "NP" "NL" "AN" "NC" "NZ" "NI" "NE" "NG" "NU" "NF" "MP" "NO" "OM" "PK" "PW" "PA" "PG" "PY" "PE" "PH" "PN" "PL" "PT" "PR" "QA" "RE" "RO" "RU" "RW" "KN" "LC" "VC" "WS" "SM" "ST" "SA" "SN" "SC" "SL" "SG" "SK" "SI" "SB" "SO" "ZA" "GS" "ES" "LK" "SH" "PM" "SD" "SR" "SJ" "SZ" "SE" "CH" "SY" "TW" "TJ" "TH" "TG" "TK" "TO" "TT" "TN" "TR" "TM" "TC" "TV" "UG" "UA" "AE" "GB" "US" "UM" "UY" "UZ" "VU" "VA" "VE" "VN" "VG" "VI" "WF" "EH" "YE" "YU" "ZM" "ZW" "AX" "BQ" "CG" "CD" "CW" "GG" "IM" "KP" "KR" "MK" "FM" "MD" "ME" "PS" "BL" "MF" "RS" "SX" "SS" "TZ" "KS" "JE" "FX"
account.occupationYesJob or profession, referring to the work they do to receive funds for a livingstringEmployee
IndividualActivity
Retired
Student
Unemployed
Other
if value is not from the defined list, it should be added as Other
account.occupationAdditionalDetails.companyNoCustomer’s workplace namestringMin length 3
Max length 100
Not null
Conditional mandatory if Employee selected in account.occupation
account.occupationAdditionalDetails.positionNoCustomer’s position at their workplacestringMin length 3
Max length 100
Not null
Conditional mandatory if Employee selected in account.occupation
account.occupation.AdditionalDetails.OtherNoCustomer’s occupationstringMin length 3
Max length 100
Not null
Conditional mandatory if Other selected in account.occupation
merchant.paymentMethodNoHow the payments are made:CardPISarray of StringCard
Pis
values changed to PascalCase
merchant.targets.countriesNoCountries where the payments will come fromarray of StringMin length 2
Max length 2
Not null
Not digits
Not characters:~!@#$%^*()_+={}[]\|:;",<>/?
Country Codes Alpha-2
merchant.targets.monthlyGrossTurnover.amount & .currencyNoPlanned monthly payment volume in EurStringNot null
numeric entry
Currently supported – EUR only
 

Request sample:

{
  "baasClientId":"6e0ab99b-f0f7-4ca9-b6d9-35670f5e4bf5",
  "person": {
    "isUbo": true,
    "pep": {
      "isPep": true,
      "position": "string"
    },
    "address": {
      "addressLine1": "string",
      "addressLine2": "string",
      "postcode": "string",
      "city": "string",
      "countryCode": "LT"
    },
    "taxIdentification": {
      "taxCountry": {
        "countryCode": "LT",
        "tin": 123123
      },
      "additionalTaxCountries": [
        {
          "countryCode": "LT",
          "tin": 1231232
        }
      ]
    }
  },
  "account": {
    "connectionToLithuania": [
      "WorkOwnRealEstateHaveCompanyInLt"
    ],
    "requestedProducts": [
      "RailsSwift"
    ],
    "purposesOfAccount": [
      "Salary"
    ],
    "purposesOfAccountAdditionalInformation": {
      "businessActivityRegistrationNo": 123123,
      "businessActivityIndustry": "Test Industry"
    },
    "purposesOfAccountOther": "string",
    "sourceOfIncome": "Other",
    "sourceOfIncomeOther": "Alternate source of income",
    "monthlyGrossTurnover": "1001_3000",
    "intendedCountriesToTransactWith": "LT",
    "occupation": "Employee",
    "occupationAdditionalDetails":{
      "company": "UAB Test123",
      "position": "Midle management"
    }
  },
  "merchant": {
    "paymentMethod": [
      "Card"
    ],
    "targets": {
      "countries": [
        "LT"
      ],
      "monthlyGrossTurnover": {
        "amount": 0,
        "currency": "EUR"
      }
    }
  }
}

Response structure is same as with Onboarding application:

json body with http response code 201

{
  "application": {
    "applicationId": "1bafb8d2-cc0e-4b94-9225-ac9d001a7837",
    "status": "APPLICATION_CAPTURED"
  }
}

Note! Same as personal application v2, ODD application will have x-connectpay-requestid as Response header instead of X-Request-ID.

Possible personal application statuses

StatusDescription
APPLICATION_CAPTUREDThis message informs you that your application is in compliance review and that additional checks are required. Not all applications receive this status, and it stays in this status until a live person evaluates it.
COMPLIANCE_REVIEWInforms that the application is in manual check.
APPLICATION_APPROVEDInforms that the application was approved and next ODD date calculated.
APPLICATION_DECLINEDInforms that application was declined. This status is always initiated manually from ConnectPay side. Before declining an application, a live person evaluates it, contacts partner if any additional supporting documents are required and only if further services cannot be provided, such case leads to customer termination.

ID verification renewal

Open account for private customer

Onboarding

Notifications

Scroll to Top