We have updated our KYB questionnaire to allow your customers to specify the currency they use for their projections and reporting.
Effective:
This update introduces a new question in the KYB questionnaire, enabling customers to select a currency to ensure accurate responses for projection-related questions.
A sample of the question is provided below:
As mentioned in our previous update, we are implementing measures to combat Authorized Push Payment (APP) Fraud.
Effective:
To minimize risk, at this stage we will be limiting access to the product to only Enterprise Businesses. To differentiate between Enterprise and Micro Enterprise businesses, we are adding two additional steps to the current onboarding process:
Onboarding flows for Buyers will change to require an updated method of recording agreement to financial institution terms and conditions (FI T&Cs).
All Buyer Admin users will now be shown the following screen when onboarding:
This enables us to record the agreement of the End Customer to the FI T&Cs directly, as well as automatically update the version of T&Cs if they are revised in future. T&Cs updates will be communicated in advance in each case.
This FI T&Cs agreement screen will be added automatically to the KYB UI Component, prior to the Customer Due Diligence steps (e.g. identity verification and proof of address) in the rest of the process.
Documentation links:
As well as the above new T&Cs step for all onboarding flows, we will now require a clearer Micro-enterprise declaration, which we are adding into the KYB onboarding:
As shown, the Buyer's Admin User needs to answer the two additional questions and then agree to the declaration about whether the Buyer is or is not considered a Micro-enterprise.
If the business is a Micro-enterprise, the KYB UI Component will send you an error event with code MICRO_ENTERPRISE_NOT_SUPPORTED
We are strengthening the verification process for linking accounts by ensuring that the activation of a Linked Account requires the successful completion of two verification steps; a declaration of ownership via an SCA challenge and internal checks by Weavr:
When adding a Linked Account via the Account Information Service (AIS) UI Component it is critical to confirm that the registered linked account belongs to the Identity attempting to link it. As a result, the state of the linked account will initially transition to PENDING_CHALLENGE rather than LINKED, A user with the Controller role of the Identity must then complete an Strong Customer Authentication (SCA) challenge to confirm ownership of the Linked Account.
More information about our Linked Account Declaration UI Component can be found here.
If the SCA challenge fails, the Linked Account will remain in the PENDING_CHALLENGE state until a successful SCA challenge is completed.
More information about linked an account can be found in our documentation.
A name verification check will be automatically triggered by the Weavr platform and, when necessary, flagged for review by the Weavr Compliance team. This ensures that the name of the Linked Account holder matches the Identity registered with Weavr. The internal checks are required as another layer in the verification process to verify that the Linked Account belongs to the same person of the Identity.
During this process, we have introduced a new state, PENDING_VERIFICATION, which will remain until the Compliance checks are completed. These checks will result in either a REJECTED or LINKED status.
The Compliance will reach out to the Identity before rejecting the Linked Account.
We have updated the Linked Account update webhook event and both the Get linked accounts and a linked account with the new states: PENDING_CHALLENGE, PENDING_VERIFICATION and REJECTED.
The linked accounts in the embedder portal have been updated to display the new states: PENDING_CHALLENGE, PENDING_VERIFICATION and REJECTED.
Migrate your application to start handling the new updated states related to the Linked Account verification process:
PENDING_CHALLENGE: The Linked Account is pending challenge.PENDING_VERIFICATION: The Linked Account is pending the completion of the required verification steps.REJECTED: The Linked Account did not pass one or more verification steps and is not eligible for use.If no action is taken, your application will be unable to handle the updated responses when linking a new account, preventing your users from performing an SCA challenge. As a result, the linked account will remain in the PENDING_CHALLENGE state.
New Linked Account SCA Declaration Challenge UI Components
Affected Webhook Events
Affected API endpoints:
In the UK, APP (Authorized Push Payment) Fraud is a growing type of scam, where fraudsters trick individuals into authorizing payments to accounts controlled by criminals. Unlike traditional fraud, where unauthorized transactions are made without the victim’s consent, APP fraud involves convincing the victim to willingly transfer money under false pretenses.
Weavr is committed to mitigating this type of fraud. To that end, we have enhanced our security measures for when your users add a linked account and we have refined the onboarding process.
Effective:
To minimize risk, at this stage we will be limiting access to the product to only Enterprise Businesses. To differentiate between Enterprise and Micro Enterprise businesses, we are adding two additional steps to the current onboarding process:
Onboarding flows for Buyers will change to require an updated method of recording agreement to financial institution terms and conditions (FI T&Cs).
All Buyer Admin users will now be shown the following screen when onboarding:
This enables us to record the agreement of the End Customer to the FI T&Cs directly, as well as automatically update the version of T&Cs if they are revised in future. T&Cs updates will be communicated in advance in each case.
This FI T&Cs agreement screen will be added automatically to the KYB UI Component, prior to the Customer Due Diligence steps (e.g. identity verification and proof of address) in the rest of the process.
Documentation links:
As well as the above new T&Cs step for all onboarding flows, we will now require a clearer Micro-enterprise declaration, which we are adding into the KYB onboarding:
As shown, the Buyer's Admin User needs to answer the two additional questions and then agree to the declaration about whether the Buyer is or is not considered a Micro-enterprise.
If the business is a Micro-enterprise, the KYB UI Component will send you an error event with code MICRO_ENTERPRISE_NOT_SUPPORTED
We are strengthening the verification process for linking accounts by ensuring that the activation of a Linked Account requires the successful completion of two verification steps; a declaration of ownership via an SCA challenge and internal checks by Weavr:
When adding a Linked Account via the Account Information Service (AIS) UI Component it is critical to confirm that the registered linked account belongs to the Identity attempting to link it. As a result, the state of the linked account will initially transition to PENDING_CHALLENGE rather than LINKED, A user with the Controller role of the Identity must then complete an Strong Customer Authentication (SCA) challenge to confirm ownership of the Linked Account.
The ownership declaration is facilitated through an SCA challenge via a UI Component, which will be provided by Weavr.
If the SCA challenge fails, the Linked Account will remain in the PENDING_CHALLENGE state until a successful SCA challenge is completed.
More information about linked an account can be found in our documentation.
A name verification check will be automatically triggered by the Weavr platform and, when necessary, flagged for review by the Weavr Compliance team. This ensures that the name of the Linked Account holder matches the Identity registered with Weavr. The internal checks are required as another layer in the verification process to verify that the Linked Account belongs to the same person of the Identity.
During this process, we have introduced a new state, PENDING_VERIFICATION, which will remain until the Compliance checks are completed. These checks will result in either a REJECTED or LINKED status.
The Compliance will reach out to the Identity before rejecting the Linked Account.
We have updated the Linked Account update webhook event and both the Get linked accounts and a linked account with the new states: PENDING_CHALLENGE, PENDING_VERIFICATION and REJECTED.
Migrate your application to start handling the new updated states related to the Linked Account verification process:
PENDING_CHALLENGE: The Linked Account is pending challenge.PENDING_VERIFICATION: The Linked Account is pending the completion of the required verification steps.REJECTED: The Linked Account did not pass one or more verification steps and is not eligible for use.If no action is taken, your application will be unable to handle the updated responses when linking a new account, preventing your users from performing an SCA challenge. As a result, the linked account will remain in the PENDING_CHALLENGE state.
New Linked Account SCA Declaration Challenge UI Components
Affected Webhook Events
Affected API endpoints: