Business credit cards

Introduction

Solaris credit cards for businesses allow you to offer credit cards to your business customers and their employees in an easy and automated onboarding flow. To onboard a business on our credit card solution, the business must go through the standard onboarding flow, including business identification (BKYC) and other steps related to the credit card setup.

In this guide, you will find all the onboarding requirements you need to integrate into your solution to offer this product to your business customers.

Available branches

This product is currently only offered to businesses in Germany.

How does it work?

Using Solaris credit cards, your business customers can offer their employees credit cards. The business will be the account's owner, whereas the employees, who will be issued a credit card, will be cardholders who only have access to the funds on their credit cards as allocated to them by the business.

Therefore, the business and its associated legal representatives and/or authorized persons will be the main contractual party and the one subject to customer identification and vetting. However, six persons (including legal representatives) must be identified to fulfill the legal onboarding requirements. Other employees must be identified if the number of legal representatives is less than six.

Businesses can apply for a credit card through your solution by doing the following:

• Fulfill all legal and compliance requirements.
• Submit the required business data points and documents.
• Submit the required data points about legal representatives, beneficial owners, and authorized persons.
• Pass the credit scoring process.
• Complete the business identification flow (BKYC).
• Onboard their employees who will be issued a credit card.

Additionally, you can offer the business the option to choose between charge and revolving credit cards. Read more about the difference between charge and revolving cards here.

System prerequisites

Before starting the onboarding process, implement the following requirements:

1. Technical setup:

Set up your environment and get your authentication keys. For step-by-step instructions, check the Technical setup guide.

2. Legal and compliance screens:

Build the necessary legal and compliance screens in your sign-up flow to collect your customers' consent to the necessary legal and compliance requirements. The Legal and compliance screens guide contains step-by-step instructions on how to create these screens and what they must contain.

The following screens are required to onboard B2C and freelancer customers for Digital Banking & Cards:

1. Terms and Conditions
2. Customer information
3. Economic interest
4. Person tax information (Only for customers in Germany)
5. FATCA indication
6. Self-declaration as a politically exposed person (PEP). (Only for customers in France, Italy, and Spain)
7. Compliance screen

Record the customer's consent on each screen as a UTC timestamp (e.g., 2019-01-01T00:00:00Z). Afterward, you must pass each timestamp in its respective field to Solaris.

• Collect the customer's consent to Solaris's Terms and Conditions and store the timestamp in the terms_conditions_signed_at field.
• Collect the customer's consent to data processing and store the timestamp in the data_terms_signed_at field.
• Collect the customer's economic interest declaration and store the timestamp in the own_economic_interest_signed_at field.
• Collect the customer's FATCA indication and store it in the fatca_relevant field. Store the timestamp in the fatca_crs_confirmed_at field.

B2B SDD mandate

You need to create an B2B SDD mandate and collect the customer's signature on it to allow Solaris to charge the business's reference account for credit card repayments each month.

The SEPA Direct Debit (SDD) mandate is the customer's authorization for Solaris to collect funds from their account in the future.

During your sign-up, you need to collect the IBAN of the reference account from the the customer, and create a B2B SDD mandate and collect the customer's signature on it.

How to create the SDD mandate?

You must generate a unique SDD mandate number. The mandate_number must contain 35 characters and the first 6 must be a partner-specific string agreed upon by you and Solaris during the implementation phase. The remaining 29 may only contain the following: [A-Z], [a-z], [0-9].

Additionally, make sure to display the following information to the customer before they sign the mandate:

• Full name (First_name + last_name)
• IBAN
• Generated mandate reference
• Name of Payee: Solaris SE
• Legal text containing authorization for the mandate

Integration overview

The following diagram gives a high-level overview of the integration process for business credit cards. Click on each step to go to its dedicated section for full instructions:

You can integrate Solaris' business credit card product by completing the 12 steps explained in the following sections. Here's an overview of these steps:

Sequence diagram

The following sequence diagram gives an overview of the integration flow:

In the following sections, you can find descriptions of these steps and their related endpoints.

Webhooks

Solaris recommends subscribing to the following webhook events to better automate your processes. For detailed instructions on implementing Solaris webhooks, check the webhooks documentation.

• ACCOUNT_BLOCK
• ACCOUNT_CLOSURE_REQUEST
• ACCOUNT_CLOSURE
• BENEFICIAL_OWNER
• BOOKING
• BUSINESS_CHANGED
• BUSINESS_DELETED
• BUSINESS_SEIZURE_CREATED
• BUSINESS_SEIZURE_DELETED
• BUSINESS_SEIZURE_FULFILLED
• BUSINESS_SEIZURE_UPDATED
• BUSINESS_IDENTIFICATION
• BUSINESS_TAX_IDENTIFICATION_CHANGED
• CARD_LIFECYCLE_EVENT
• CARD_AUTHORIZATION
• CARD_AUTHORIZATION_DECLINE_V2
• CARD_AUTHORIZATION_RESOLUTION
• CARD_FRAUD_CASE_PENDING
• CARD_FRAUD_CASE_TIMEOUT
• IDENTIFICATION
• LEGAL_REPRESENTATIVE
• PERSON_CHANGED
• PERSON_DELETED
• PERSON_SEIZURE_CREATED
• PERSON_SEIZURE_DELETED
• PERSON_SEIZURE_FULFILLED
• PERSON_SEIZURE_UPDATED
• PERSON_MOBILE_NUMBER_CREATED
• PERSON_MOBILE_NUMBER_DELETED
• PERSON_TAX_IDENTIFICATION_CHANGED
• POSTBOX_ITEM_CREATED
• SCA_CHALLENGE

• CREDIT_CARD_APPLICATION

Mandatory features

You must integrate all the mandatory features for Digital Banking & Cards highlighted in the Onboarding requirements guide before going live with your solution except for Account Closure. Credit cards have their own termination process, which is described below.

Step 1: Collect business data and create business resource

Collect the mandatory data points from the customer in your sign-up flow, including all the timestamps of the business's consent to the legal and compliance screens.

Afterward, pass all the data points to Solaris by creating a business resource to represent your customer.

API reference

For a complete list of endpoints, properties, and examples related to the business resource, visit the following links:

• Business resource API reference:

  • POST Create business
  • GET Retrieve business
  • PATCH Update business

Related webhook events

• BUSINESS_CHANGED
• BUSINESS_DELETED

POST Create business

This endpoint creates a business resource for your customer. You must collect the following mandatory data points from the customer in your sign-up flow and pass it to Solaris in the request body of this endpoint:

• name

• address

  • line_1
  • line_2
  • postal_code
  • city
  • country
• sector
• legal_form
• nace_code
• foundation_date
• crs_company_type or registration_type
• business_purpose

• tax_information

  • tax_country
  • tax_confirmation
  • registration_issuer: For Germany, it must be preceded by AMTSGERICHT (e.g., AMTSGERICHT Berlin).
  • registration_number
• registration_district
• terms_conditions_signed_at
• data_terms_signed_at
• fatca_relevant
• fatca_crs_confirmed_at

Request URL:

POST /v1/businesses

Click here to view the full API reference.

Automatic data collection (Optional)

Simplify your customers' onboarding process by opting for the automatic data collection feature. With our external service provider, Business Registry, customers can enter the country and company name, and the remaining business data fields will be automatically filled out.

GET Search for business commercial registration

The customer enters the company's name and country on your frontend and you pass this information using the following endpoint to automatically fetch the business' registration_issuer and registration_number:

Request URL:

GET /v1/commercial_registrations/search_by_name?country={{}}&name={{}}

Example response

{
  "name": "FLOOR 13 GmbH",
  "registration_number": "HRB 198673",
  "registration_issuer": "AMTSGERICHT MÜNCHEN"
}

Click here to view the full API reference.

GET Automatic business data collection

Use the following endpoint to automatically retrieve the remaining business details after obtaining the registration_issuer and registration_number from the response of the previous endpoint:

Request URL:

GET /v1/commercial_registrations/find?registration_number={{}}&registration_issuer={{}}

Example response

{
  "name": "FLOOR 13 GmbH",
  "address": {
    "country": "DE",
    "postal_code": "86919",
    "city": "Utting a.Ammersee",
    "line_1": "Seestraße 9",
    "line_2": ""
  },
  "legal_form": "GMBH",
  "tax_country": "DE",
  "registration_number": "HRB 198673",
  "registration_issuer": "AMTSGERICHT MÜNCHEN",
  "registration_date": "2012-05-09",
  "registry_updated_at": "2015-11-17",
  "legal_representatives": [
    {
      "first_name": "Stefan",
      "last_name": "Schneider"
    }
  ]
  "commercial_registry_industry_key": [
      "66190 - Sonstige mit Finanzdienstleistungen verbundene Tätigkeiten",
      "70109 - Sonstige Verwaltung und Führung von Unternehmen und Betrieben",
      "70220 - Unternehmensberatung",
      "73110 - Werbeagenturen"
  ]  
}

Click here to view the full API reference.

Foreign companies examples

If the company is not registered in Germany, you can still use this service for companies in other countries. The following examples describe how to find the business registration details for a French company.

GET Search for business commercial registration (France)

Request

GET v1/commercial_registrations/search_by_name?name=PARISOL&country=FR

Response

{
  "name": "PARISOL",
  "registration_number": "513 937359",
  "registration_issuer": null
}

GET Automatic business data collection (France)

Request

GET  /v1/commercial_registrations/find?registration_number=513937359&country=FR

Response

{
  "name": "PARISOL",
  "address": {
    "country": "FR",
    "postal_code": null,
    "city": "NANTERRE",
    "line_1": "RUE D ARRAS 18",
    "line_2": ""
  },
  "legal_form": null,
  "tax_country": "FR",
  "registration_number": "513 937359",
  "registration_issuer": null,
  "registration_date": "2009-07-27",
  "registry_updated_at": null,
  "legal_representatives": [
    {
      "first_name": "Stefan",
      "last_name": "Schneider"
    }
  ]
}

Step 2: Upload business documents

2.1 Upload BKYC required documents

The business must submit the required documents for the business identification process (BKYC) in your sign-up flow. The required documents depend on different factors, such as the business's legal form, sector, etc. Check the appendix for a list of required documents per legal form.

Create document resources for all the required documents you've collected from the business and attach them to the business using the following endpoints.

API reference

For a complete list of endpoints, properties, and examples related to the business document resource, visit the following links:

• Business Documents API Reference Documentation:

  • POST Create a business document
  • GET Retrieve a business document
  • GET Download business document
  • PATCH Update a business document
  • DELETE Delete a business document

POST Upload a document

This endpoint uploads a document and links it to the business with the business_id specified in the request URL.

You have to add the following properties to the request body:

• document_type: The document type. For a list of possible values, check the API reference.
• file: The file to be uploaded.

Request URL

POST /v1/businesses/{business_id}/documents

Click here to view the full API reference..

2.2 Upload the B2B SDD mandate

For B2B mandates, you also have to upload the SDD mandate signed by the business in your sign-up flow to Solaris. Call the POST Create a business document endpoint to upload the signed mandate and attach it to the business, and set the document_type property to B2B_MANDATE.

After creating a business resource, create the natural person(s) associated with the business and assign them to their respective roles. The natural person(s) are represented in our system by a person resource that contains their data, and then you have to assign each person a dedicated role. The mandatory roles are Legal Representative and Ultimate Beneficial Owner.

Step 3: Create Legal Representative(s)

In this step, collect the mandatory data points from the business' legal representative(s) and create a person object for each representative. Then create a legal_representative resource and link it to the corresponding person object.

What is a legal representative?

Legal representatives can be natural persons (individuals) or legal entities (businesses) appointed by a company to act on its behalf. The legal representative(s) of a company may be, for instance, its general manager(s) or its managing director(s). The names of a business' legal representatives (Gesellschafter) are usually recorded in the company's commercial register.

Legal representatives as legal entities

A business' legal representative could be a legal entity instead of a natural person. For example, the legal representative of a GbR company could be another GmbH or AG company.

In this case, you must do the following:

• Collect the business data of the legal entity acting as the legal representative and create a business resource for it.
• The natural persons who are the legal representatives of this legal entity are then the ones who will go through the KYC flow.

3.1 Create person resource(s) for each legal representative

For each of the business' legal representatives, collect the following mandatory information and pass them to Solaris by creating a person resource.

API reference

For a complete list of endpoints, properties, and examples related to the person resource, visit the following links:

• Person resource API reference:

  • POST Create person
  • GET Retrieve a person
  • PATCH Update person

Related webhook events

• PERSON_CHANGED
• PERSON_DELETED

POST Create person (Legal representative)

Call this endpoint to create a person resource for the business' legal representative. You must collect the following mandatory data points in your sign-up flow and pass it to Solaris in the request body of this endpoint:

• salutation
• first_name
• last_name

• address

  • line_1
  • line_2
  • postal_code
  • city
  • state
  • country
• birth_date
• birth_city
• birth_country
• nationality
• mobile_number
• terms_and_conditions_signed_at
• data_terms_signed_at
• fatca_relevant
• fatca_crs_confirmed_at

Request URL:

POST /v1/persons

Click here to view the full API reference

3.2 Create legal representative resource(s)

For each person resource you created in the previous step, create a legal_representative resource, and set the value of the legal_representative attribute to its associated person_id.

POST Create legal representative

API reference

For a complete list of endpoints, properties, and examples related to the legal_representative resource, visit the following links:

• Business Legal Representative resource API reference:

  • POST Create a business legal representative
  • GET Index a business legal representatives
  • PATCH Update a business legal representative

Related webhook events

• LEGAL_REPRESENTATIVE

POST Create legal representative

Call this method to create a legal_representative resource on the business and link a person to the business as a legal representative.

Attributes

• type_of_representation: A legal_representative could have a type_of_representation, which indicates whether this legal representative can make decisions alone or jointly with other legal representatives. This attribute is optional. Possible values are ALONE, JOINT, or OTHER.
• power_of_attorney_confirmed_at: In case of JOINT representation, legal representatives need to confirm the power of attorney's timestamp in the power_of_attorney_confirmed_at attribute.

Request URL:

POST /v1/businesses/{business_id}/legal_representatives

Click here to view the full API reference.

Step 4: Create Beneficial Owner(s)

In this step, you must do the following:

• Collect the mandatory data points from the business' beneficial owner(s) and create a person object for each beneficial owner.
• Create a beneficial_owner resource and assign it to its corresponding person object.
• Include the definition of the beneficial owner in your UI.

What is a Beneficial Owner?

The Beneficial Owners (BO) are natural persons who, directly or indirectly, own more than 25% of a company's shares.

According to the German Money Laundering Act (Geldwäschegesetz - GwG), a Beneficial Owner is a natural person who:

• Ultimately owns or controls the business.
• On whose behalf a transaction is ultimately carried out.
• On whose behalf a business relationship is ultimately established.

Beneficial owner legal definition

Please ensure that the beneficial owner's full definitions and the checkbox are available to your customers in your sign-up flow.

Full definition in English

The ultimate beneficial owner in the sense of the German Money Laundering Act (Geldwäschegesetz - GwG) is the natural person who ultimately owns or controls the contracting party, or on whose behalf a transaction is ultimately carried out or a business relationship is ultimately established. This particularly includes: 1. In case of legal persons, foundations without legal capacity and, in the case of other companies, any natural person who directly or indirectly holds more than a 25% share of the capital, controls more than 25% of the voting rights or exercises control in any comparable manner (+). Establishing the identity of the beneficial owner can be waived, though, for companies that are listed in an organised market in the EU with in accordance with Sec on 2 para. 5 of the Securities Trading Act or, in case of listed companies from a third country, if they are subject to EU-equivalent transparency requirements regarding voting rights or equivalent international standards; 2. In case of foundations or other legal arrangements with legal capacity (or similar) used to manage or distribute assets or property as trustee (trust management), or through which third parties are instructed with the management or distribution of assets or property, the ultimate beneficial owner is:

• any natural person who is a trustor/settlor, trustee or protector, if applicable
• any natural person who is a member of the board of the foundation,
• any natural person designated as a beneficiary,
• the group of natural persons in whose favour the assets are mainly to be administered or distributed, provided that the natural person who is to be the ultimate beneficial owner of the assets or property has not yet been determined
• any natural person who, by any other means, directly or indirectly exercises control over the asset management or property or the distribution of income.

3. In the event of acting on behalf of another party, the ultimate beneficial owner includes the party upon whose initiative the transaction is performed. If the contracting party acts as a trustee, he also acts on behalf of another party. (+) Indirect control exists particularly if corresponding shares are held by one or more associations pursuant to Sec on 20 para. 1 GwG which are controlled by a natural person. Control exists particularly if the natural person can directly or indirectly exert a controlling influence on the association pursuant to Sec on 20 para. 1 GwG. Sec on 290 para. 2 to 4 German Commercial Code (Handelsgesetzbuch - HGB) applies mutatis mutandis to the existence of a controlling influence. If, after extensive audits have been performed and without the facts according to Sec on 43 para. 1 GwG applying, no natural person has been identified or if there is any doubt that the identified person is the ultimate beneficial owner, the ultimate beneficial owner shall be the legal representative, managing partner or partner of the contracting party.

Full definition in German

Wirtschaftlich Berechtigter im Sinne des Geldwäschegesetzes, ist die natürliche Person, in deren Eigentum oder unter deren Kontrolle der Vertragspartner letztlich steht, oder auf deren Veranlassung eine Transaktion letztlich durchgeführt oder eine Geschäftsbeziehung letztlich begründet wird. Hierzu zählen insbesondere: 1. Bei juristischen Personen, außerrechtsfähigen Stiftungen und bei sonstigen Gesellschaften jede natürliche Person, welche unmittelbar oder mittelbar mehr als 25 Prozent der Kapitalanteile hält, mehr als 25 Prozent der Stimmrechte kontrolliert oder auf vergleichbare Weise Kontrolle ausübt(2). Auf die Abklärung des wirtschaftlich Berechtigten kann aber verzichtet werden bei Gesellschaften, die innerhalb der EU an einem organisierten Markt im Sinne des § 2 Abs. 5 des Wertpapierhandelsgesetzes notiert sind, oder bei börsennotierten Unternehmen aus einem Drittstaat, wenn sie dem Gemeinschaftsrecht entsprechenden Transparenzanforderungen im Hinblick auf Stimmrechtsanteile oder gleichwertigen internationalen Standards unterliegen; 2. Bei rechtsfähigen Stiftungen und Rechtsgestaltungen, mit denen treuhänderisch Vermögen verwaltet oder verteilt oder die Verwaltung oder Verteilung durch Dritte beauftragt wird, oder diesen vergleichbaren Rechtsformen zählt zu den wirtschaftlich Berechtigten:

• jede natürliche Person, die als Treugeber, Verwalter von Trusts (Trustee) oder Protektor, sofern vorhanden,
• jede natürliche Person, die Mitglied des Vorstands der Stiftung ist,
• jede natürliche Person, die als Begünstigte bestimmt worden ist,
• die Gruppe von natürlichen Personen, zu deren Gunsten das Vermögen hauptsächlich verwaltet oder verteilt werden soll, sofern die natürliche Person, die Begünstigte des verwalteten Vermögens werden soll, noch nicht bestimmt ist,
• jede natürliche Person, die auf sonstige Weise unmittelbar oder mittelbar beherrschenden Einfluss auf die Vermögensverwaltung oder Ertragsverteilung ausübt.

3. Bei Handeln auf Veranlassung zählt zu den wirtschaftlich Berechtigten derjenige, auf dessen Veranlassung die Transaktion durchgeführt wird. Soweit der Vertragspartner als Treuhänder handelt, handelt er ebenfalls auf Veranlassung.

4.1 Create person resource(s) for each beneficial owner

For each of the business' beneficial owners, collect the following mandatory information and pass them to Solaris by creating a person resource.

POST Create person (Beneficial owner)

Call this endpoint to create a person resource for the business' beneficial owner. You must collect the following mandatory data points in your sign-up flow and pass it to Solaris in the request body of this endpoint:

• salutation
• first_name
• last_name

• address

  • line_1
  • line_2
  • postal_code
  • city
  • state
  • country
• birth_date
• nationality
• fatca_relevant
• fatca_crs_confirmed_at

Request URL:

POST /v1/persons

Click here to view the full API reference

4.2 Create beneficial owner resource(s)

For each person resource you created in the previous step, create a beneficial_owner resource, and set the value of the person_id attribute to the id of the associated person resource.

POST Create beneficial owner

API reference

For a complete list of endpoints, properties, and examples related to the beneficial_owner resource, visit the following links:

• Business Beneficial Owner resource API reference:

  • POST Create a business beneficial owner
  • GET Retrieve a business beneficial owner
  • PATCH Update a business beneficial owner

Related webhook events

• BENEFICIAL_OWNER

POST Create beneficial owner

Call this method to create a beneficial_owner resource on the business and link a person to the business as a beneficial owner. You must add the following properties in the request body of this endpoint:

• person_id: The ID of the person resource you created for the beneficial owner.
• voting_share: The beneficial owner's voting share in the business.

Request URL:

POST /v1/businesses/{business_id}/beneficial_owners

Click here to view the full API reference.

Step 5: Create tax identifications

In this step, you must do the following:

• Collect the mandatory tax information of the business' legal entity and create a business tax identification resource.
• Collect the mandatory tax information of the natural person(s) associated with the business and create person tax identification resource(s).

5.1 Business tax identification

First, you must collect the tax information about the business' legal entity and pass it to Solaris by creating a business tax identification resource.

API reference

For a complete list of endpoints, properties, and examples related to the business tax identification resource, visit the following links:

• Business tax identifications API reference:

  • POST Create business tax identification
  • GET Retrieve business tax identification
  • PATCH Update business tax identification

Related webhook events

• BUSINESS_TAX_IDENTIFICATION_CHANGED

POST Create business tax identification

Call this endpoint to create a business tax identification for the business with the business_id specified in the request URL. Collect the following tax information from the business and pass them to Solaris in the request body:

• number
• country
• primary

If the business has not submitted their TIN to your solution yet (i.e., the value of number is null), then include the following properties in the request:

• reason_no_tin: Possible values are NOT_ASSIGNED_YET, NOT_ASSIGNED_BY_COUNTRY, OTHER.
• reason_description: Applies only if the reason_no_tin is OTHER.
• tax_id_type: (Only for Spain) Possible values are NIE and NIF.

Request URL

POST /v1/businesses/{business_id}/tax_identifications

Click here to view the full API reference.

Business tax declaration

Please note the UI requirements and tax declaration text for collecting the tax information from business customers as explained in the Legal and compliance screens guide.

5.2 Person tax identification(s)

In this step, you must collect additional tax information from the natural person(s) linked to the business and create a person tax identification for each.

API reference

For a complete list of endpoints, properties, and examples related to the person tax identification resource, visit the following links:

• Person tax identifications API reference:

  • POST Create person tax identification
  • GET Retrieve person tax identification
  • PATCH Update person tax identification

Related webhook events

• PERSON_TAX_IDENTIFICATION_CHANGED

POST Create person tax identification

Call this endpoint to create a person tax identification for the customer with the person_id specified in the request URL. Collect the following tax information from your customers and pass them to Solaris in the request body:

• number
• country
• primary

If the customer has not submitted their TIN to your solution yet (i.e., the value of number is null), then include the following properties in the request:

• reason_no_tin: Possible values are NOT_ASSIGNED_YET, NOT_ASSIGNED_BY_COUNTRY, OTHER.
• reason_description: Applies only if the reason_no_tin is OTHER.
• tax_id_type: (Only for Spain) Possible values are NIE and NIF.

Request example:

POST /v1/persons/{person_id}/tax_identifications

Click here to view the full API reference.

Step 6: Create credit card application

In this step, collect additional information from the business related to the credit card application and pass it to Solaris using the following endpoint.

POST Create credit card application for a business

This endpoint creates a credit card application and assigns it to the business with the business_id specified in the request URL. The application includes all the required information about the business, such as financial information, credit card type, and requested limit, which Solaris' credit scorer uses to initiate a series of credit checks.

Mandatory fields

Add the following mandatory properties in the request body:

• product_type: Credit card type. For businesses, choose BUSINESS_CREDIT_CARD.

• repayment_options: An object containing the repayment options of the credit card.

  • upcoming_type: The type of credit card (e.g., revolving or charge card). Options are FULL or PARTIAL.
  • minimum_amount: Minimum amount of the used limit to be repaid at the end of each billing cycle. Only relevant in case upcoming_type is set to PARTIAL.
  • minimum_percentage: Minimum percentage of the used limit to be repaid at the end of each billing cycle. Only relevant in case upcoming_type is set to PARTIAL.

• scoring_options: An object containing different fields relevant for the credit scoring process:

  • customer_desired_limit: The credit card limit requested by the customer, subject to the scorer's decision.
  • other_credit_credit_limit: If the customer has existing credit cards, include the granted limit in this field.
  • total_assets: The business' total assets.
  • total_equity: The business' total equities.
  • annual_turnover: The business' annual turnover amount.
  • partner_recommended_limit: Your recommended limit for the business applying for credit cards.
  • partner_pd_rate: The business' probability of default (PD) rate as calculated by your internal scoring system.
  • partner_score: The business' credit score as calculated by your internal scoring system.

Request example

// POST /v1/businesses/{business_id}/credit_card_applications
{
  "product_type": "BUSINESS_CREDIT_CARD",
  "repayment_options": {
    "upcoming_type": "PARTIAL",
    "upcoming_billing_cycle": "MONTHLY",
    "minimum_amount": {
      "value": 1000,
      "unit": "cents",
      "currency": "EUR"
    },
    "minimum_percentage": 3
  },
  "scoring_options": {
    "customer_desired_limit": {
      "value": 10000,
      "unit": "cents",
      "currency": "EUR"
    },
    "other_credit_card_limit": {
      "value": 1000,
      "unit": "cents",
      "currency": "EUR"
    },
    "total_assets": {
      "value": 10000,
      "unit": "cents",
      "currency": "EUR"
    },
    "total_equity": {
      "value": 10000,
      "unit": "cents",
      "currency": "EUR"
    },
    "annual_turnover": {
      "value": 10000,
      "unit": "cents",
      "currency": "EUR"
    },
    "partner_recommended_limit": {
      "value": 10000,
      "unit": "cents",
      "currency": "EUR"
    },
    "partner_pd_rate": 0,
    "partner_score": 0
  }
}

The API call returns an object with a unique id (the application_id), including the application status (initially set to PENDING) and the remaining attributes, which will be populated during the application lifecycle.

Additionally, the call automatically triggers Solaris' credit scoring system, which scores the application and provides its decision on the credit card application, including the limit.

Click here to view the full API reference.

GET Retrieve credit card application

This endpoint returns the current status and details of an existing credit card application. For a list of possible values of the application status and their descriptions, check the appendix.

Additionally, subscribe to the webhook event CREDIT_CARD_APPLICATION to receive status updates on the application.

Request URL

GET /v1/credit_card_applications/{id}

Click here to view the full API reference.

Application status flow

The following diagram shows the different statuses and transitions for a credit card application:

Step 7: Complete the business identification (BKYC) and due diligence process

In this step, you must do the following:

• 7.1. Trigger the business identification process to identify the business legal entity and all legal representative(s), and make sure all legal representative(s) are successfully identified via IDnow.
• 7.2. Implement the manual video identification endpoints.
• 7.3. Implement the endpoints related to compliance questions, forward any questions (if any) to the business' legal representatives, and send the answers back to Solaris
• 7.4. Make sure all natural persons linked to the business successfully passed the customer due diligence checks.
• 7.5. Complete the FATCA-related checks to ensure that all natural persons linked to the business are NOT FATCA-relevant.

7.1 Business identification

What is BKYC?

Solaris' BKYC solution uses RESTful APIs to perform a series of identification and compliance checks for business customers.

How does BKYC work?

The business identification consists of two asynchronous processes:

• Legal identification: Solaris' Banking Operations team verifies the completeness and accuracy of the data submitted by the business customer and ensures that all legal representatives and ultimate beneficial owners are disclosed and linked to the business.
• Video identification(s): All of the business' legal representatives and authorized persons must undergo a video identification session with IDnow to validate their data against their identification documents.

API reference

For a complete list of endpoints, properties, and examples related to business identification (BKYC), visit the following links:

• Business identification API reference:

  • POST Create business identification
  • GET Retrieve business identification

Related webhook events

• BUSINESS_IDENTIFICATION
• IDENTIFICATION

POST Initiate business identification

Call this endpoint to initiate the business identification process, which automatically triggers both the legal identification of the business and the video identification of applicable natural person(s). You have to specify the identification method in the request body. The default method is idnow.

Request URL

POST /v1/businesses/{business_id}/identifications

Response

The API response returns an identification object with a unique id representing the business identification resource and its overall status. Additionally, the payload contains individual identification objects for the video identification sessions of legal representatives, including their respective resource id, IDnow status, reference, and url for completing the process.

The payload also provides information on the legal identification process, including its dedicated legal_identification_status. You must call the API to monitor the progress of this process, particularly the legal_identification_missing_information field, where Solaris will highlight compliance questions requiring answers from the business.

Click here to view the full API reference.

7.2 Manual video identification

Your solution might need to trigger video identification manually in the following cases:

1. New legal representatives are found during the legal identification process. In this case, you'll receive a webhook notification from the event legal_representative, which includes the legal_representative_id of the discovered legal representative. Afterward, initiate a video identification with IDnow and trigger the identification session by redirecting the legal representative to the provided URL.
2. If any of the initially triggered video identifications fail, manually trigger a new identification.

API reference

For a complete list of endpoints, properties, and examples related to customer identification (KYC), visit the following link:

• Customer identification (KYC) API reference

Related webhook events

• IDENTIFICATION

POST Create identification

Call this endpoint to create an identification resource for the person specified in the request URL, and add the following properties to the request body:

• method: The identification method to use. In this case, set the value to idnow.
• language: The customer's preferred language for the identification process. Possible values are EN and DE.
• proof_of_address_type: The type of document submitted by the customer as a proof of address. This field is mandatory if the customer's identification document does not include their address.
• proof_of_address_issued_at: The date when the proof of address document was issued. This field is mandatory if the customer's identification document does not include their address. It may not be older than 6 months.

Request example

POST /v1/persons/{person_id}/identifications
{
  "method": "idnow",
  "language": "DE",
  "proof_of_address_type": "GAS_BILL",
  "proof_of_address_issued_at": "2022-09-21"
}

Response example

The API call will return an identification object with a unique id (i.e., identification_id) and an initial status of created.

{
    "id": "6dc54352d6793a892e0702850d07b831cidt",
    "reference": null,
    "url": null,
    "status": "created",
    "completed_at": null,
    "method": "idnow",
    "proof_of_address_type": "GAS_BILL",
    "proof_of_address_issued_at": "2022-09-21",
    "language": "DE",
    "iban": null,
    "terms_and_conditions_signed_at": null,
    "authorization_expires_at": null,
    "confirmation_expires_at": null
}

Click here to view the full API reference.

GET List supported documents for a person identification

The purpose of this endpoint is to provide you with a list of supported identification documents per issuing country. You can use this endpoint to inform your customers of the required documents before starting the identification process.

The API call returns an array of document types with the corresponding issuing countries listed as ISO country codes (ISO-3166-1 alpha 2). If a customer provides a document type that is not supported, their identification process will fail.

Request URL

GET /v1/persons/{person_id}/identifications/{id}/supported_documents

Click here to view the full API reference

PATCH Request person identification

Call this endpoint to trigger the identification flow with IDnow for the specific customer.

Request URL

PATCH /v1/persons/{person_id}/identifications/{id}/request

Response example

The API call returns the identification object with the status pending. The status will remain pending until the customer completes the identification. Additionally, the payload includes the following key properties:

• url The URL to which you must redirect the customer to complete the identification. Valid for 14 days.
• reference: An internal IDnow identification token for the session (format: ABCDEFGH). Do not share this with the customer under any circumstances.

{
    "id": "6dc54352d6793a892e0702850d07b831cidt",
    "reference": "TST-KCCEY",
    "url": "https://go.test.idnow.de/solarisbankvideoidentsandbox/identifications/6dc54352d6793a892e0702850d07b831cidt",
    "status": "pending",
    "completed_at": null,
    "method": "idnow",
    "proof_of_address_type": "GAS_BILL",
    "proof_of_address_issued_at": "2022-09-21",
    "language": "DE",
    "iban": null,
    "terms_and_conditions_signed_at": null,
    "authorization_expires_at": null,
    "confirmation_expires_at": null,
    "estimated_waiting_time": 60
}

Click here to view the full API reference.

IDnow video identification session

Your customer will now be redirected to an IDnow-branded landing page, where they consent to IDnow's Terms & Conditions and confirm that they have a valid ID document for the video identification. They must also provide a valid mobile number, which the IDnow agent will verify during the call using an SMS OTP.

Customers may choose to conduct the call with a German- or English-speaking IDnow agent. When the video identification call begins, the agent will greet the customer on behalf of either you or Solaris (depending on your agreement with Solaris). The agent will then verify the customer's mobile number, first name, and last name. If there are any missing data properties, the agent will provide these as well, and they will be added to the customer's person resource.

GET Retrieve person identification

Once the identification completes successfully, call this endpoint to retrieve the finalized person identification. If you use the include_documents filter, the API will also return the documents submitted by the customer during the process. To download any of these documents, use the document's unique id to call the document download endpoints.

Request URL

GET /v1/persons/{person_id}/identifications/{id}

Click here to view the full API reference.

Other identification endpoints

• GET Index identifications for a person
• POST Upload documents for a person identification
• GET List the IDnow attempts of a person identification
• GET List IDnow legitimation data.

7.3 Compliance questions

During the legal identification process, Solaris' legal and compliance team may require additional information from your customers, including answers to certain compliance questions and/or additional documents to be uploaded.

How to identify compliance questions and documents?

1. If Solaris needs further clarification during the business identification, you will receive a notification on the BUSINESS_IDENTIFICATION webhook.
2. Call the GET Retrieve a business identification endpoint to retrieve the required details.

Only compliance questions

If Solaris has compliance questions for the business, the field legal_identification_missing_information will contain only COMPLIANCE_QUESTIONS as a value. In this case, customers can simply provide answers to the questions on your frontend. Additionally, we recommend to have document upload set as optional to enable the customer to add supporting documents.

Example payload

{
  "legal_identification_status": "information_required",
  "legal_identification_status_missing_information": "COMPLIANCE_QUESTIONS"
}

Both compliance questions & documents

If Solaris requires both answers to compliance questions and documents from the business, the field legal_identification_missing_information will contain COMPLIANCE_QUESTIONS and a document_type enum, e.g., FOUNDATION_DOCUMENT or any other document_type. In this case, customers need to provide answers to the questions on your frontend. Additionally, they need to upload the required document type specified in the payload. You should have document upload set as mandatory on your frontend and submit the document to Solaris using the POST Create a Business Document endpoint.

Example payload

{
  "legal_identification_status": "information_required",
  "legal_identification_status_missing_information": 
  [
    "COMPLIANCE_QUESTIONS",
    "FOUNDATION_DOCUMENT"
  ]
}

How to retrieve compliance questions and provide answers?

In case your customer must answer compliance questions, you need to call the following endpoints to retrieve the questions and allow to the customer to answer them on your frontend:

GET Retrieve compliance questions

To get the compliance questions, call the following endpoint:

Request URL

GET /v1/businesses/{business_id}/identifications/{business_identification_id}/legal_identification/questions

Response example

The API call returns an object that includes the question(s) with a unique ID and the corresponding text. You must redirect these questions to your customers and retrieve their answers as part of your workflow. You should also provide a dedicated page for answering all questions separately.

{
  "question_id": "ebb463137becc09788dfe21fc066e670qstn",
  "question_text": "Please provide the license for security / guarding services (Bewachungsgewerbe): § 34a GewO",
  "legal_identification_id": "14eb210435e09ab7f6a06c8b9b86ce27lid",
  "business_identification_id": "4c74c804eaea5d2a2d64ef400a27a4d3bid",
  "business_id": "880bbac68a34add190786b9c74f4c82fcbiz",
  "answer_id": null,
  "answer_text": "string",
  "asked_at": "2021-07-16T13:38:06.000Z",
  "answered_at": null
}

Click here to view the full API reference.

Create answers for compliance questions

After receiving the compliance question answers from the customer, call the following endpoint to share them with Solaris. Note that you must make a separate API call for each answer.

Request URL

You have to provide the question's answer in the request body of this endpoint.

POST /v1/businesses/{business_id}/identifications/{business_identification_id}/legal_identification/questions/{question_id}/answers

Click here to view the full API reference.

PATCH Update business legal identification

Call this method to update the legal identification and mark it as ready to resume the identification process after adding all answers to the compliance questions. This endpoint changes the legal_identification_status from information_required to pending when called.

Request URL

PATCH /v1/businesses/{business_id}/identifications/{id}/legal_identification/mark_as_ready

Click here to view the full API reference.

7.4 Customer due diligence

Solaris conducts risk screening and customer vetting checks, known as the Customer Due Diligence process, on the business legal entity, all legal representatives, all beneficial owners, and any other authorized persons on the business account. Results for each entity are returned in the GET person or GET business resources.

All entities must have a green status in their risk screening fields for the business to be onboarded. For more information, check the Customer Due Diligence guide.

7.5 Screening for FATCA indicia

To comply with the Foreign Account Tax Compliance Act (FATCA), Solaris is required to perform checks to determine whether the customer is subject to US tax law. These checks are in addition to the self-declaration during the Legal and Compliance screen.

To perform the FATCA checks, parse the person and identification resources using the following endpoints:

• GET Retrieve person
• GET Retrieve person identification

Hard criteria

To determine the customer's FATCA relevance, you must screen for the following hard criteria:

• Has the customer provided a US passport as their identification document? Check the legitimation_country attribute on the identification resource.
• Is the customer a citizen of the US? Check the nationality attribute.
• Has the customer provided a residential address in the US, the US Minor Outlying Islands, or the US Virgin Islands? Check the country attribute.
• Was the customer born in the US, the US Minor Outlying Islands, or the US Virgin Islands? Check the birth_country attribute.

When to reject the customer

If any of these hard criteria attributes have the value of US or USA, you must deny banking services to the customer and stop the onboarding process. Failure to screen for these hard FATCA criteria may cause ongoing operational burdens for Solaris customer support.

Soft criteria

To further determine the customer's FATCA relevance, screen for the following soft criteria:

• Has the customer provided a US mobile number? Check the mobile_number attribute. US mobile numbers have a country code of +1.
• Is the customer's only address a PO box or a c/o address? Check the address_line_1 and address_line_2 attributes.

When to reject the customer

• If the answer is "Yes" to any of the soft criteria, ask the customer to clarify their phone number and/or address.

  • If the customer provides a non-US phone number and a physical address, you may onboard them.
• If the customer does not provide a non-US phone number and a physical address, you may not onboard them.

Failure to screen for soft FATCA criteria may cause ongoing operational burdens for Solaris customer support.

You can only proceed to the next steps when:

• The identification status reaches successful.
• All screening and risk checks in the CDD process have a green status.
• The FATCA screening is completed to confirm the customer is not liable for taxes in the United States.

Step 8: Finalize credit card application

After successful customer identification process, finalize the credit card application by calling the following endpoint:

POST Finalize credit card application

Call this endpoint to finalize the credit card application. This API call triggers the creation of the credit card account by Solaris. The API response will return the account ID and IBAN and the application status changes to FINALIZED. Additionally, the billing cycle start and end date will be automatically calculated.

Request URL

POST /v1/credit_card_applications/{id}/finalize

Click here to view the full API reference.

Credit card account

The account ID and IBAN returned in the payload of the previous call is the account associated with the credit card to which the credit card limit will be attached.

Check the account management guide to find details about how to manage and service accounts.

Add legal representatives as authorized persons on the account

After the credit card account is created by Solaris, you must explicitely add the legal representatives as authorized persons on the account.

An authorized person is a natural person who can act on the account and receive authorization challenges on their verified mobile number. Legal representatives are by default authorized to act on the business's account. However, they must be explicitly set as authorized_person on our system. Other persons can also be authorized by a legal representative, provided their type_of_representation is set to ALONE or null.

API reference

For a complete list of endpoints, properties, and examples related to the business authorized person resource, visit the following link:

• Business Authorized Persons API reference

POST Create authorized person

Request example:

You must add the person_id of the the legal representative(s) who will act as an authorized person on the account in the request body.

// POST /v1/businesses/{business_id}/accounts/{account_id}/authorized_persons
{
  "authorized_person_id": "3b8cfd40fb4dce5a231251ea06a014cper"
}

Example response:

{
  "id": "568b5241afd0ce435c56ea0efef2bd0dcpea",
  "authorized_person_id": "3b8cfd40fb4dce5a231251ea06a014cper"
}

Click here to view the full API reference.

Step 9: Create reference account and set credit card limit

In this step, you must a reference account for the business and afterward set the credit card limit on the business' account.

9.1 Create reference account for the business

API reference

Visit the following link to find all the endpoints related to the reference account resource, including related properties and examples.

• Reference accounts resource API reference:

  • POST Create a reference account for a business
  • GET Index reference accounts for a business

POST Create business reference account

After creating the SDD mandate, you must create a reference account resource for the business and link it to the internal account. You must add the customer's business_id and account_id in the request URL. You must add the external account details and the signed mandate information in the request body.

You must include the following properties in the request body:

• name: The customer's name on their external bank account.
• iban: The IBAN of the external bank account from which the SDD will be debited.
• mandate_number: The number of the SDD mandate the customer signed.
• mandate_signature_date: The date when the customer signed the SDD mandate.
• mandate_type: Select B2B.

Request URL

// POST /v1/businesses/{business_id}/accounts/{account_id}/reference_accounts
{
 	"name": "Account holder name",
  "iban": "DE32110101001000000029",
 	"mandate_number": "SAMPAY7D226d32882d11Eb8DcD0242Ae2F4",
 	"mandate_signature_date": "2022-04-20",
  "mandate_type": "B2B"
}

The API call returns an object with a unique ID, which is the reference account ID. The status field refers to the reference account's status. Possible values are ACTIVE and INACTIVE.

Click here to view the full API reference.

9.2 Attach the credit limit to the business's credit card account

After creating the reference account, you must attach the credit limit approved by Solaris to the credit card's account using the following endpoint.

PATCH Attach credit limit to credit card account

Request example

// PATCH /v1/credit_card_applications/{id}/limit
{
  "limit": {
    "value": 1000,
    "unit": "cents",
    "currency": "EUR"
  }
}

The API call returns the details of the application and sets the current_limit to the limit defined by you. The limit will also be attached to the associated credit card account.

Click here to view the full API reference.

Step 10: Onboard employees

In this step, you need to collect the information of the business' employees who will be issued a credit card.

10.1 Create person resources for all cardholders

For each employee (e.g., cardholder) that will be issued a credit card, collect the required data points and create a person resource using the following endpoint.

Required data points for a cardholder with full KYC

This person will be identified using video identification.

• salutation
• first_name (Including all middle names as printed on the ID document)
• last_name (Including all middle names as printed on the ID document)
• address
• birth_date
• birth_city
• nationality
• email
• mobile_number
• fatca_relevant
• fatca_crs_confirmed_at

Required data points for a cardholder with light KYC

This person will be identified using Autoident.

• salutation
• first_name (Including all middle names as printed on the ID document)
• last_name (Including all middle names as printed on the ID document)
• address
• birth_date
• birth_city
• nationality
• email
• mobile_number

Request URL

POST /v1/persons

Click here to view the full API reference

10.2 Create and verify mobile numbers of all cardholders

All employees who will be issued a credit card must have a verified mobile number. You must collect the customer's mobile number in your sign-up flow and then create a mobile number resource and verify it by sending an SMS OTP to the customer's mobile number. Then, the customer enters the OTP in your frontend to verify their number.

Mobile number resource

Creating and verifying a mobile number for your customer is a crucial step in the customer onboarding process. With a verified mobile number, customers can use SMS OTPs to complete two-factor authentication (2FA) challenges, which is a requirement for Strong Customer Authentication (SCA).

API reference

Visit the following link to find all the endpoints related to the mobile number resource, including related properties and examples.

• Mobile number resource API reference

Related webhook events

• PERSON_MOBILE_NUMBER_CREATED
• PERSON_MOBILE_NUMBER_DELETED

POST Create mobile number

Collect the customer's mobile number and pass it to Solaris using the following API call, and include the customer's person_id in the request URL.

Request example:

POST /v1/persons/{person_id}/mobile_number
{
  "number": "+15550101"
}

Response example:

The API returns a mobile_number resource with a unique id and attaches it to the person resource.

{
    "id": "91e4d939d781b8eb30d1ee86809761c2cmno",
    "number": "+15550101",
    "verified": false
}

Click here to view the full API reference.

POST Authorize mobile number

Use the following endpoint to verify the ownership of the provided mobile phone number. The endpoint initiates a one-time-password (OTP) flow: Solaris sends a six-digit OTP to the customer's number, and then they must enter it in your UI.

Request example:

POST /v1/persons/{person_id}/mobile_number/authorize
{
  "number": "+15550101"
}

Response example:

{
    "id": "91e4d939d781b8eb30d1ee86809761c2cmno",
    "number": "+15550101",
    "verified": false
}

Click here to view the full API reference..

POST Confirm mobile number

Use this endpoint to submit the SMS OTP the customer received on their mobile number to finalize the mobile number authorization process. You must add the customer's number and token (i.e., the SMS OTP) in the request body. Afterward, the mobile number will be verified and can be used in the context of Strong Customer Authentication (SCA).

Request example:

POST /v1/persons/{person_id}/mobile_number/confirm
{
  "number": "+15550101",
  "token": "212212"
}

Response example:

{
    "id": "91e4d939d781b8eb30d1ee86809761c2cmno",
    "number": "+15550101",
    "verified": true
}

Click here to view the full API reference.

Mobile number management

For more information about how to manage mobile numbers, check the related guide.

10.3 Identify employees

If the number of legal representatives identified within the context of the BKYC is less than 6, you have to identify other employees using video identification by following the instructions in the manual video identification section.

All other cardholders will be identified using a light KYC method, such as IDnow AutoIdent. For each person you've created, you must create and trigger an identification using the following endpoint:

POST Create an identification for a cardholder via AutoIdent

Call this endpoint to create an identification for the cardholder via IDnow's AutoIdent:

// POST /v1/persons/:person_id/identifications
{
  "idnow_autoident"
}

Click here to view the full API reference.

PATCH Request an identification for a cardholder via AutoIdent

Call this endpoint to trigger the KYC flow.

// POST /v1/persons/:person_id/identifications
{
  "idnow_autoident"
}

Click here to view the full API reference.

Step 11: Create and activate credit card

In this step, create and activate the credit cards for each of the business' employees who have been onboarded. Cardholders can choose between different card types, such as a physical or a virtual card, with the option to tokenize the card to be used in any e-wallet, such as Google Pay or Apple Pay.

API reference

Visit the following link to find all the endpoints related to cards, including related properties and examples.

• Cards API reference

POST Create a card

This endpoint initiates the card creation process for the customer. Include the account_id along with the person_id in the request URL. Additionally, include the following properties in the request body:

• line_1: The cardholder's name which will be printed on the card. Pay attention to the special rules governing card names mentioned here.
• type: The card type. View here a list of possible card types for each customer segment.

Request URL:

POST /v1/persons/{person_id}/accounts/{account_id}/cards

Response example:

A card will be created in the system, and Solaris will issue a card creation request with SIA. The API will respond with the ID of the card and the status of PROCESSING.

{
  "id": "8febdba4912a747808ccc6f95f82aaa4",
  "status": "PROCESSING"
}

Click here to view the full API reference.

GET Retrieve card details

Before you can activate the card, make the following API call to retrieve the details of the card. The status must have the value of INACTIVE. The status change may take a few seconds after the initial POST Create card request, as Solaris submits card creation requests asynchronously to SIA.

The API will respond with the card details when the status changes to INACTIVE. Until then, the response will look the same as the one from the previous call.

Request URL:

GET /v1/cards/{card_id}

Click here to view the full API reference.

POST Activate a card

Once the card is INACTIVE and you have retrieved the details using the previous API call, you can activate the card using the following endpoint:

Request URL:

POST /v1/cards/{card_id}/activate

Click here to view the full API reference.

Cards servicing

For more information about cards servicing, check the Card creation and servicing guide.

Card push provisioning

If your customer wants to use their card in a digital wallet, such as Google Pay, Apple Pay, or Samsung Pay wallet, implement the relevant endpoints in the Card Push Provisioning guide.

Card spending controls

After creating all the required credit cards for the business' employees, the business can set control lists and spending limits on each card as they see fit. Note that all issued credit cards must not exceed the limit attached to the business' account.

For instructions on how to implement spending limits, check the Card spending controls guide.

Step 12: Servicing credit cards

In this section, you can find endpoints related to servicing credit cards.

PATCH Update repayment option

Your customer can change the repayment option after initial onboarding (e.g., switching from charge to revolving and vice versa).

You can update the repayment option by calling the following endpoint:

Request example

// PATCH /v1/credit_card_applications/{id}
{
  "repayment_options": {
    "upcoming_type": "PARTIAL",
    "minimum_amount": {
      "value": 100,
      "unit": "cents",
      "currency": "EUR"
    },
    "minimum_percentage": 3
  },
  "statement_with_details": true
}

Click here to view the full API reference.

GET Index a credit card bill

Call this endpoint to retrieve a credit card bill.

Request URL

GET /v1/credit_card_bills/{bill_id}

Click here to view the full API reference.

Step 13: Terminating credit cards

This section describes how credit card termination works and how to use the related API endpoints.

Credit card termination process

Here is a summary of the termination process:

1. Either you, the customer (via your frontend), or Solaris initiates the termination.

   • If Solaris initiated the termination, then you will receive a notification on the CREDIT_CARD_APPLICATION_TERMINATION webhook event and you must immediately notify the customer about the termination.
   • If the customer initiated the termination, then your application must call the POST Terminate a credit card application endpoint. This will create a credit card application termination resource.

2. Solaris' system will trigger a termination and calculate a legal closure date for the credit card.

   • If the credit card has a negative balance, then Solaris will generate a final bill and trigger a SEPA Direct Debit (SDD) from the customer's reference account.
   • If the credit card has a positive balance, then Solaris will initiate a payout to the attached reference account.
3. You will receive notifications on the CREDIT_CARD_APPLICATION_TERMINATION webhook event when the status of the credit card application termination changes. If the termination succeeds, the credit card will be closed. If it fails, then Solaris Customer Support will provide assistance.

Pre-termination checks

Solaris will check for the following criteria before terminating a credit card:

• The credit card is in dunning.
• The credit card has CARD_TRANSACTION or CARD_DIRECT_DEBIT bookings from the past 45 days.
• The credit card has reservations with the status OPEN.
• The credit card has bookings with a valuta date in the future.
• The last SDD was triggered less than 56 days ago.

If any of these criteria are met, then the technical closure of the credit card may be delayed.

POST Terminate a credit card application

This endpoint initiates a termination request for an existing credit card.

Termination requests can be revoked within 5 business days of their initiation. After that, the termination can not be reversed. See the endpoint below for instructions on how to revoke a termination request.

Request URL:

POST /v1/credit_card_applications/{application_id}/terminate

Required properties:

• reason: The reason for terminating the credit card.

Click here to view the full documentation.

POST Revoke a termination request

This endpoint revokes a request to terminate a credit card.

Request URL:

POST /v1/credit_card_terminations/{id}/revoke

Click here to view the full documentation.

What's next?

Congratulations! You've successfully integrated Solaris' Credit Cards product.

Check the following appendices section for additional information on enums and testing data.

Useful resources

Check the following links for additional related guides and API reference documentation:

• Credit cards API reference documentation
• Reference accounts API reference documentation
• Video Identification
• Account management guide
• Card creation & servicing guide
• SEPA Transfers Overview
• SEPA Direct Debit Transfers

Appendix I: Enums

Credit card application status

The following table includes the enums for the field status and their descriptions in the credit card application resource. For example, it's available when you call the GET Retrieve credit card application.

CRS company type

The field crs_company_type is required to collect the mandatory tax information and create the business tax_identification resource. The following table includes the possible values for this field and their descriptions:

Document types

The following table includes the possible values for the field document_type and their descriptions.

Idnow status

The following table includes the possible values for the field status for the video identification process carried out by IDnow and the related description of each status.

IDnow provides a reason whenever the identification has a canceled or aborted status. No reason can be disclosed for the final failed status.

Tax country

The following tables includes the possible values for the field tax_country:

Sector

The following are the possible values for the field sector.

• ECONOMICALLY_SELF_EMPLOYED
• ECONOMIC_DEPENDENT
• FOREIGN_COMPANIES
• FOREIGN_ECONOMIC_DEPENDENT
• FOREIGN_PRIVATE_INDIVIDUAL
• FOREIGN_SELF_EMPLOYED_PRIVATE_PERSON
• GERMAN_BANKS
• MUNICIPALITY_AND_MUNICIPALITY_ASSOCIATION
• OTHER_COMPANIES_WORKMAN
• OTHER_COMPANIES
• OTHER_PRIVATE_INDIVIDUAL

Legal form

The selected value for the field tax_country influences the accepted values for the field legal_form. The following are the possible values for the field legal_form per each tax_country.

Austria (AT)

• AT_SE
• AT_OHG
• AT_KG
• AT_AG
• AT_GESMBH
• AT_EG
• AT_GBR
• AT_EV
• AT_SOLE_PROPRIETORSHIP
• AT_SELF_EMPLOYED
• AT_AMT
• AT_KOR
• AT_STIFTUNGEN
• AT_GMBH
• AT_GMBH_CO_KG

Belgium (BE)

• BE_SNC
• BE_SCS
• BE_SA
• BE_SPRL
• BE_SE
• BE_SCA
• BE_SC
• BE_SCRI
• BE_SEP
• BE_SF
• BE_SPRLU
• BE_SOLE_PROPRIETORSHIP
• BE_SELF_EMPLOYED

Bulgaria (BG)

• BG_AD
• BG_OOD
• BG_KDA
• BG_KD
• BG_SD
• BG_SELF_EMPLOYED
• BG_SOLE_PROPRIETORSHIP

Croatia (HR)

• HR_DD
• HR_DOO
• HR_JDOO
• HR_KD
• HR_JTD
• HR_SELF_EMPLOYED
• HR_SOLE_PROPRIETORSHIP
• HR_ORTA

Czech Republic (CZ)

• CZ_AS
• CZ_SRO
• CZ_KS
• CZ_VOS
• CZ_DRUZSTVO
• CZ_FYZICKA_OSOBA
• CZ_SOLE_PROPRIETORSHIP
• CZ_SELF_EMPLOYED

France (FR)

• FR_AE
• FR_EI
• FR_SNC
• FR_SCS
• FR_SA
• FR_SAS
• FR_SARL
• FR_SE
• FR_SCA
• FR_EURL
• FR_SC
• FR_SCOP
• FR_SELARL
• FR_SOLE_PROPRIETORSHIP
• FR_SELF_EMPLOYED

Germany & others

Solaris accepts the following legal forms for companies in Germany and other countries that are not specified in our system:

• AG
• EG
• EK
• EV
• NEV
• GBR
• GMBH
• GMBH_CO_KG
• GMBH_I_GR
• KG
• KGAA
• LTD
• MUNICIPALITY
• MUNICIPAL_COMPANY
• NONE
• OHG
• PARTG
• PRIVATE_PERSON
• SAVINGS_BANK
• SE
• SELF_EMPLOYED
• SOLE_PROPRIETORSHIP
• UG
• UG_I_GR
• FOREIGN_CORPORATION
• ADOR
• AMT
• KDOR
• STIFTUNGEN
• SECOKG
• AGCOKG

Hungary (HU)

• HU_NYRT
• HU_KFT
• HU_BT
• HU_KKT
• HU_SOLE_PROPRIETORSHIP
• HU_SELF_EMPLOYED
• HU_ORTA

Italy (IT)

• IT_SE
• IT_SNC
• IT_SAS
• IT_SPA
• IT_SRL
• IT_SAPA
• IT_SCPA
• IT_SCARL
• IT_SCOP
• IT_SS
• IT_SOLE_PROPRIETORSHIP
• IT_SELF_EMPLOYED

Luxembourg (LU)

• LU_SNC
• LU_SCS
• LU_SA
• LU_SARL
• LU_SE
• LU_SCA
• LU_SCSP
• LU_SARLS
• LU_SC
• LU_SCOP
• LU_SOLE_PROPRIETORSHIP
• LU_SELF_EMPLOYED
• LU_SECA
• LU_ASBL
• LU_FON
• LU_SP

Poland (PL)

• PL_SA
• PL_SPZOO
• PL_SE
• PL_SKA
• PL_SPK
• PL_SPJ
• PL_SELF_EMPLOYED
• PL_OTHER

Portugal (PT)

• PT_SNC
• PT_SC
• PT_SA
• PT_LDA
• PT_SE
• PT_SUNI
• PT_EIRL
• PT_SCIV
• PT_COP
• PT_SOLE_PROPRIETORSHIP
• PT_SELF_EMPLOYED

Romania (RO)

• RO_SA
• RO_SRL
• RO_SCA
• RO_SCS
• RO_SNC
• RO_SELF_EMPLOYED
• RO_SOLE_PROPRIETORSHIP

Serbia (RS)

• RS_AD
• RS_DOO
• RS_KD
• RS_OD
• RS_SELF_EMPLOYED
• RS_SOLE_PROPRIETORSHIP

Slovenia (SI)

• SI_DD
• SI_DOO
• SI_KDD
• SI_KD
• SI_DNO
• SI_SELF_EMPLOYED
• SI_SOLE_PROPRIETORSHIP

Spain (ES)

• ES_SRC
• ES_SC
• ES_SA
• ES_SAS
• ES_SRL
• ES_SE
• ES_SCA
• ES_SLNE
• ES_SAU
• ES_SLU
• ES_SPRO
• ES_SCOP
• ES_SOLE_PROPRIETORSHIP
• ES_SELF_EMPLOYED

Switzerland (CH)

• CH_DE_AG
• CH_FR_SA
• CH_IT_SA
• CH_DE_GMBH
• CH_FR_SARL
• CH_IT_SAGL
• CH_SE
• CH_DE_KOMAG
• CH_FR_SCA
• CH_IT_SACA
• CH_DE_KG
• CH_FR_SCM
• CH_IT_SAC
• CH_DE_KIG
• CH_FR_SNC
• CH_IT_SNC
• CH_DE_EG
• CH_FR_SS
• CH_IT_SS
• CH_SELF_EMPLOYED
• CH_SOLE_PROPRIETORSHIP
• CH_DE_KMG

The Netherlands (NL)

• NL_VOF
• NL_CV
• NL_NV
• NL_BV
• NL_SE
• NL_CVOA
• NL_COPV
• NL_MTS
• NL_SOLE_PROPRIETORSHIP
• NL_SELF_EMPLOYED
• NL_VERENIGING
• NL_STICHT

Turkey (TR)

• TR_ADI_SIR
• TR_AS
• TR_LS
• TR_KOM_STI
• TR_KOLL_STI
• TR_SELF_EMPLOYED
• TR_SOLE_PROPRIETORSHIP

United Kingdom

• GB_SE
• GB_PARTNERSHIP
• GB_LP
• GB_PLC
• GB_LTD
• GB_COPS
• GB_UAS
• GB_PRCU
• GB_PUCU
• GB_SOLE_PROPRIETORSHIP
• GB_SELF_EMPLOYED

Sector, tax country, and legal form mapping

Please note that there are certain dependencies between the fields tax_country, sector, and legal_form. For example, based on the value selected for the field tax_country, certain values will be accepted for the field sector, and based on the value selected for the field sector, certain values will be accepted for the field legal_form.

The following sections give an overview of the mapping between these fields.

Tax country and sector mapping

The selected value for the field tax_country influences the accepted values for the field sector. The following table gives an overview about the mapping of values between the field tax_country and sector.

Sector and legal form mapping

The selected value for the field sector influences the accepted values for the field legal_form. The following table gives an overview about the mapping of values between the field sector and legal_form.

Legal identification status

The following table includes the possible values for the field legal_identification_status for the legal identification process of the business legal entity carried out by Solaris and the related description of each status.

Solarisident status

The following table includes the possible values for the field status, which refers to the overall status of the business identification process (BKYC), including the legal identification of the business legal entity carried out by Solaris and the video identification of the business's natural persons.

Appendix II: BKYC required documents

The following table includes the required documents for identification for each legal form:

Appendix III: Testing samples for GET Search for business commercial registration

The following table includes testing samples for the GET Search for business commercial registration endpoint, including values for the fields country, registration_number, registration_issuer, and name.

Appendix IV: FAQs

Legal Representative FAQs

The company I am about to register is a „Gesellschaft mit beschränkter Haftung“ (GmbH) – who is my legal representative?

The easiest and surest way to figure that out is to check your current register excerpt (Handelsregisterauszug). In there you'll find all the official legal representatives which you would need to tell us. As a further indication, these people also need to be listed in the Imprint of your website (Impressum).

The Legal Representative has sole representations rights – do I need to add the other legal representatives as well?

Yes. Even though this legal representative could conclude the process on behalf of the company alone in the following steps, Solaris would need the complete set of information for regulatory purposes. Therefore, please enter the information about all legal representatives associated with the business.

One of our legal representatives is currently unavailable – do we need to reach them to complete the process?

Yes. All legal representative(s) must be identified in a video identification session to complete the business identification process(BKYC).

Our legal representatives are about to change soon – shall I include the new ones already?

No; please submit the information as it is currently written in the official register. If you already know that these individuals will change, then please inform your Onboarding manager accordingly, and they will help sort things out.

Why do I have to submit all legal representatives here?

As a bank, Solaris is obliged to keep a record about the companies it works with and check whether the provided information is correct. Solaris makes every effort to keep the flow as smooth as possible. Nevertheless, the law stipulates that Solaris must collect this information for all legal representatives.

Beneficial Owner FAQs

What is a “Beneficial Owner”?

A so-called “Beneficial Owner” is a natural person (a human) who owns directly or indirectly more than 25% of the voting shares of a legal entity today. Ultimately it is the person who benefits from the entered agreement and has the eventual decision power. It can never be another company, as Solaris would need to look up the owner of that company. There is a more detailed (legally-worded) definition here as well. It may significantly help cases with beneficial owners incorporated as trusts or other non-commercial entity types.

The company has no beneficial owners – how should I proceed?

It might be the case after a thorough investigation that nobody has directly or indirectly enough voting shares of the business. In that case, Solaris is required to take the legal representatives instead. Please enter their information accordingly.

I don't know the ownership structure of the company – how shall I proceed?

Ultimately, the ownership structure of a company is determined in the shareholder agreement (Gesellschaftervertrag), which has been signed at least when founding the entity. In the meantime, this may have changed but would need to be noted in an amendment or update of this contract.

Another company owns the company – what shall I do now?

Please submit the information of the natural person (human) owning your shareholders. If this is also another company (holding- or corporate-structure), you would need to follow the trail of indirect ownership until you either find an individual or the ownership is diluted under 25% ownership (through indirect ownership).

What do you mean by direct or indirectly & how do I calculate that?

Direct ownership refers to a natural person (individual) owning him-/herself voting shares in the business. Indirect ownership refers to somebody owning one entity that then owns a specific part of the business. It also qualifies if the entities are stacked into each other (several companies in between). Also, if one individual holds voting shares via different entities in the business, you would need to add up his/ her total indirect ownership to see whether the total engagement reaches more than 25%. When the shareholding structure is stacked over several hierarchies, you multiply the ownership-quotas of each entity to get the ultimate quota for the respective person.

Example:

Adello GmbH needs to provide its beneficial owners. Adello's shareholders are Peter 30% of shares, Susi 10% of shares, Anne 10% of shares, and Toscana GmbH 50% of shares. Toscana's shareholders: Hugo 75% of shares and Marie 25% of shares Direct beneficial owners of Adello: Peter Indirect beneficial owners of Adello: Hugo with 37,5% of shares (Toscana's share in Adello 50% x Hugo's ownership quota in Toscana 75%). Please note that Marie is not a beneficial owner as she has indirectly only 12,5% in Adello.

We have different kinds of shares – which shares are the decisive ones?

Please refer to the shares with decisive voting power as the beneficial owner is ultimately the person deciding the significant strokes of the company.

Does the UBO need to do something, for instance, sign something or perform a video identification?

No, please only submit the information of that person as stated in his/her official documents (ID card or passport). There is no further double-checking of that information. Therefore, the beneficial owner does not need to do anything during this identification process.