Legal & compliance screens

Introduction

As a bank, Solaris must perform certain legal and compliance checks on all prospective account holders. Therefore, as part of your customer onboarding process, you must build a series of screens in your sign-up flow to collect customers' consent to the necessary legal and compliance requirements described in this guide. Solaris recommends collecting these agreements through the use of checkboxes in your interface.

You must display these checkboxes in the order listed in this guide. Additionally, your customers must check all the boxes before the customer identification process begins.

Please note that you cannot modify the legal texts provided in this guide without the prior approval of Solaris. Contact your Partner Manager for any inquiries.

warning
  • It is strictly prohibited to store any personal data from customers until they have agreed to the Solaris Terms & Conditions.
  • Your customers must check the box next to each statement described in the following sections before moving on to the next screen.

Solaris Terms & Conditions

Your customer sign-up flow must begin by collecting the customer's agreement consent to our contractual requirements. Display the following statement with a checkbox:

I accept the General Terms & Conditions, the List of Prices and Services and all other conditions of Solarisbank AG.

Ich akzeptiere die Allgemeinen Geschäftsbedingungen, das Preis- und Leistungsverzeichnis, sowie die übrigen Bedingungen der Solarisbank AG.

Additionally, please note that you must send the Terms and Conditions document to the customer via email before you collect their consent.

When the customer ticks this box, record the timestamp (UTC format) and the UID of the specific document they signed (e.g., 41d817d6fcb3ee492ddcb8197e0edbf9tcdc). Your Onboarding Project Manager will provide this ID. Your solution should pass this information to the Terms & Conditions API, which is described in the next guide.

attention

Whenever Solaris updates its Terms & Conditions, Solaris will communicate this to partners and provide a link to the new Terms & Conditions document. You must send the new document to your customers via email. Afterward, your solution must then display another Terms & Conditions screen to your customers upon their next login and collect their consent to the new document by a deadline specified by Solaris. See the Terms & Conditions Consent Log guide for more information.

Customer information

Next, the customer must acknowledge a series of customer information documents. Display the text below with an accompanying checkbox, and record the tick of this box as a UTC timestamp.

Economic interest

note

You only need to implement this screen if you offer Lending products to retail customers.

Prompt your customers to declare that they are opening an account strictly on their behalf and not on behalf of a third party. Record the UTC timestamp of the tick of this box as the value of the own_economic_interest_signed_at property.

I act only in my own economic interest and not on the initiative of a third party.

Ich handele nur im eigenen wirtschaftlichen Interesse und nicht auf Veranlassung eines anderen.

Tax information

Solaris must collect the tax information from each account holder in compliance with the Common Reporting Standard (CRS).

You must collect the tax information from your customers in your sign-up flow while considering the following requirements.

Person tax information

Collect the personal tax information from the following customer segments:

  • Retail customers
  • Freelancers
  • Business' legal representatives
  • Business' beneficial owners
  • Business' authorized persons

Only for customers in Germany (DE branch), customers can either provide the tax information during the sign-up flow or within 90 days from account opening. If you choose to collect this information after signup, then you must provide the following checkbox during their onboarding to collect their agreement to provide this tax data within 90 days:

I agree to provide my tax residency and tax identification number within 90 days of opening my account.

Ich bestätige, dass ich meinen Steuerwohnsitz und meine Steueridentifikationsnummer innerhalb von 90 Tagen nach der Eröffnung meines Kontos angeben werde.

Business tax information

For businesses, you must collect the tax information of the business legal entity, in addition to the natural persons associated with the business, such as legal representatives, beneficial owners, and authorized persons.

Your UI should prompt the legal representative (i.e., the person opening the bank account) to accept and sign the tax declaration:

  • Display the tax declaration text in your frontend to the customer.
  • Add a checkbox that the customer can tick to confirm reading and understanding the tax declaration.
  • Record the timestamp of the customer's signature of the tax declaration and pass it to our API in the attribute fatca_crs_confirmed_at (A property in the create business resource).

You have to prompt one legal representative of the business to sign our Tax Declaration. Your interface must display the following sentence along with the Tax Declaration:

By ticking this box, I confirm that I have read and understood the information below, and I confirm that I am authorized to sign on behalf of the legal entity referred to under ‘Account Holder' in this form in respect of all accounts to which this form relates.

This self-disclosure replaces all previous self-disclosures of the account holder and/ or his controlling entities concerning the FATCA agreement and the CRS. The company hereby confirms that, for the duration of the contractual relationship with Solaris, it is obliged to notify the latter within 30 days, on its own initiative, should the information contained in this form have changed.

The company agrees to submit a new form and/or to provide the required forms and documents within 90 days, should the declarations contained in this form no longer be correct. It should be noted that Solaris uses this form to collect data according to the FATCA Agreement and the German Law on the Automatic Exchange of Financial Account Information in Tax Matters (Finanzkonten- Informationsaustauschgesetz – FKAustG), according to which German financial institutions are required to collect all relevant data from their account holders and verify their plausibility.

In case of reportable US citizens or companies, or organizations subject to the tax law of a CRS-participating state (except Germany), the following information must be reported annually to the German Federal Tax Office (Bundeszentralamt für Steuern - BZSt): (i) certain personal data such as name, address, date of birth, and the tax identification number (or their functional equivalent); (ii) account information and/ or participation information such as participation percentage, gross income, etc. If a passive NF(F)E comprises controlling entities who are US persons or are resident for tax purposes of a participating state (except Germany), the above data is also reported together with the data pertaining to controlling entities.

Following the notification of this information to the BZSt, it is forwarded to the U.S. Tax Authority (IRS) or to the competent tax authority (-ies) of other CRS-participating states. I confirm that all statements in this form are correct and complete to the best of my knowledge and belief.

Diese Selbstauskunft ersetzt alle vorausgegangenen Selbstauskünfte des Kontoinhabers bzw. dessen beherrschender Personen bezüglich des FATCA-Abkommens und des CRS. Die Gesellschaft bestätigt hiermit, dass sie sich für die Dauer der Vertragsbeziehung mit der Solaris verpflichtet, dieser innerhalb von 30 Tagen aus eigener Initiative mitzuteilen, wenn sich eine in diesem Formular eingegebene Angabe ändert.

Die Gesellschaft erklärt sich damit einverstanden, innerhalb von 90 Tagen ein neues Formular und/oder die erforderlichen Formulare und Dokumente einzureichen, wenn eine in diesem Formular enthaltene Bestätigung nicht mehr korrekt ist. Es wird darauf verwiesen, dass die solarisBank mit diesem Formular Daten gemäß dem FATCA-Abkommen und dem FKAustG er- hebt. Danach sind deutsche Finanzinstitute dazu verpflichtet, alle relevanten Daten von ihren Kontoinhabern zu erheben und auf Plausibilität zu prüfen.

Im Falle von meldepflichtigen U.S. Personen bzw. Gesellschaften oder in einem CRS- teilnehmenden Staat (außer Deutschland) steuerlich ansässigen Gesellschaften sind die folgenden Informationen jährlich an das Bundeszentralamt für Steuern (BZSt) zu melden: (i) bestimmte personenbezogene Daten wie Name, Adresse, Geburtsdatum und die Steueridentifikationsnummer (bzw. deren funktionale Entsprechung) sowie (ii) Konto- bzw. Beteiligungsinformationen wie Beteiligungshöhe, Bruttoerträge etc. Wenn ein Passiver NF(F)E beherrschende Personen hat, welche U.S. Personen sind oder in einem CRS-teilnehmenden Staat (außer Deutschland) steuerlich ansässig sind, so werden die obigen Daten zusammen mit den relevanten Daten der beherrschenden Personen ebenso gemeldet.

Im Anschluss an die Meldung der Informationen an das BZSt werden die Informationen an die U.S.- Steuerbehörde (IRS) oder an den/die zuständige(n) Steuerbehörde(n) anderer CRS-teilnehmender Staat(en) weitergeleitet. Ich bestätige, dass alle Erklärungen in diesem Formular nach bestem Wissen und Gewissen richtig und vollständig sind.

FATCA indication

You must now determine whether the customer wishing to open a bank account with Solaris is subject to US tax law. Solaris is required to perform this check to comply with the Foreign Account Tax Compliance Act (FATCA).

At this stage, you must ask for a self-declaration of FATCA relevance. You must ask the following question to the potential account holder and provide an accompanying yes/no input field.

  • If the customer answers "yes," set the value of fatca_relevant to true. In this case, the customer cannot be onboarded.
  • If the customer answers "no," set the value of fatca_relevant to false and store this in your solution.
warning

Only customers with a fatca_relevant value of false can proceed with onboarding.

Retail customers

Are you a U.S. citizen (incl. dual citizenship), do you have a residence or a permanent residence permit in the USA, or do you reside in the USA; for more than 180 days a year?

* Includes the US Minor Outlying Islands and the US Virgin Islands

Sind Sie US-Staatsbürger (auch doppelte Staatsbürgerschaft), haben Sie einen Wohnsitz bzw. eine ständige Aufenthaltsbewilligung in den USA* oder halten Sie sich in den USA* für mehr als 180 Tage im Jahr auf?

* einschließlich der kleineren abgelegenen Inseln der Vereinigten Staaten und der Amerikanischen Jungferninseln

Business customers

English text

Is the account holder and/or any of its beneficial owners established in the USA* or has it been established under the laws of the USA*, and does the account holder and/or any of its beneficial owners have a tax residency in the USA*?

* Includes the US Minor Outlying Islands and the US Virgin Islands

Compliance disclaimer screen

Before beginning the identification process, your solution must display Solaris' compliance disclaimer and collect the customer's agreement. Please note the UI requirements below that explain how to display this text to your customers.

note

Partners may not change the compliance disclaimer text without the prior approval of Solaris' Compliance department. You may adapt the highlighted portions of the text to your own particular case.

I am hereby opening a bank account in my own name and I confirm the following:

  • I am fully legally responsible for all account activity.
  • I will use the account exclusively for private/business purposes.
  • I do not act on behalf of, or instructed by, a third person.

Beware of tricksters that try to mislead persons into opening bank accounts under false premises (e.g., app testing, job offers, credit brokering, identification for apartment offers) and misuse your account for criminal purposes.

Hiermit eröffne ich ein Konto in eigenem Namen und bestätige folgendes:

  • Ich allein trage die rechtliche Verantwortung für alle Kontobewegungen.
  • Ich nutze das Konto ausschließlich für private/geschäftliche Zwecke.
  • Ich handele nicht im Auftrag oder auf Veranlassung eines Dritten.

Vorsicht vor Trickbetrügern, die zur Kontoeröffnung unter falschem Vorwand verleiten (z.B. App-Testing, Job-Angebote, Kreditvermittlung, Identifikation für Wohnungssuche) und Ihr Konto für kriminelle Zwecke missbrauchen.

Compliance screen UI requirements

  • It must use the exact text provided above.
  • It must draw the customer's undivided attention—i.e., it cannot be hidden in the fine print.
  • It must be displayed as the only content on the screen, i.e., not combined with other information or something else.
  • It must be easily readable in a large font that fills the screen.
  • It must be displayed immediately before the customer is forwarded to the identification SDK flow.
  • The customer must confirm their understanding of and consent to the content of the screen, ideally for each paragraph individually.
  • The giving of consent must be performed by the user independently of any other interactions—i.e., it cannot coincide with the closing of the screen or the "next button".
  • You must store the customer's consent in a way that allows auditors to prove that the consent was given. Relying on the argument that the customer cannot proceed without consent is not sufficient.

Solaris recommends the following best practices:

  • When the compliance screen is displayed, there should be a short delay (e.g., one to three seconds) before the customer can click the consent button and continue (thereby incentivizing the customer to actually read the content).
  • Use a switch or checkbox design to give the customer the impression of a conscious consent, as opposed to just "clicking away" another screen.