Skip to content
Get started
/
/
1. Legal & compliance scr...
Last updated

Legal and compliance screens

Introduction

Perform legal and compliance checks on all prospective account holders during onboarding. Build a series of screens in your sign-up flow to collect customer consent for the requirements described in this guide.

Display the checkboxes in the order listed below. Customers must agree to all statements before proceeding to identification.

Important

Do not modify the legal texts without prior approval from Solaris. Contact your Partner Manager for any inquiries.

Strictly prohibited: Storing any personal data before the customer agrees to the Solaris Terms & Conditions.

Terms and Conditions

Collect the customer's consent to our contractual requirements at the start of the sign-up flow.

Mandatory for:

  • All products and customer types.
  • Italy & France: Customers must additionally sign with a Qualified Electronic Signature (QES) during KYC.

Action: Display the following statement with a checkbox:

I accept the General Terms & Conditions, the List of Prices and Services and all other conditions of Solaris SE.

Implementation requirements:

  1. Hyperlinks: Link "all other conditions of Solaris SE" to a page listing all applicable documents. Get these permalinks from your Partner Manager.
  2. Email: Send the Terms and Conditions document to the customer via email before collecting consent.
  3. Timestamp: Record the UTC timestamp of the consent. Pass this value in the terms_and_conditions_signed_at field when creating a person or business.

Updates: When Solaris updates Terms & Conditions, you must email the new document to customers and collect their consent again upon their next login. See the Terms & Conditions Consent Log guide.

Customer information

Provide links to the mandatory customer information documents.

Mandatory for: All products and customer types.

Action: Display a checkbox with the following text:

Please check Solaris' Customer Information on Data Processing, Depositor Information Sheet, and other customer information.

Economic interest

Confirm that the customer is acting on their own behalf.

Mandatory for: B2C customers only.

Action: Display a checkbox with the following text. Record the UTC timestamp in the own_economic_interest_signed_at property when creating the person.

I act only in my own economic interest and not on the initiative of a third party.

Tax information

Collect tax information to comply with the Common Reporting Standard (CRS).

Mandatory for:

  • Digital Banking & Cards: All customer types.
  • Lending: B2B customers (legal representatives and beneficial owners only).

Personal tax information

Collect tax data from:

  • Retail customers (B2C)
  • Freelancers
  • Business legal representatives, beneficial owners, and authorized persons

German (DE) Branch Exception: Customers can provide tax info during sign-up or within 90 days. If collected later, display this checkbox during onboarding:

I agree to provide my tax residency and tax identification number within 90 days of opening my account.

Business tax information

Collect tax information for the legal entity and its associated natural persons.

Action: Prompt the legal representative to accept the tax declaration:

  1. Display the declaration text.
  2. Add a checkbox for confirmation.
  3. Record the timestamp in fatca_crs_confirmed_at when creating the business.

Required confirmation text:

By ticking this box, I confirm that I have read and understood the information below, and I confirm that I am authorized to sign on behalf of the legal entity referred to under 'Account Holder' in this form in respect of all accounts to which this form relates.

Tax declaration text:

This self-disclosure replaces all previous self-disclosures of the account holder and/ or his controlling entities concerning the FATCA agreement and the CRS. The company hereby confirms that, for the duration of the contractual relationship with Solaris, it is obliged to notify the latter within 30 days, on its own initiative, should the information contained in this form have changed. The company agrees to submit a new form and/or to provide the required forms and documents within 90 days, should the declarations contained in this form no longer be correct. I confirm that all statements in this form are correct and complete to the best of my knowledge and belief.

Example screen for business tax declaration

The following screen is an example of how you can build the business tax declaration screen in your sign-up flow:

Screen: Business tax declaration example screen

FATCA indication

note

This screen is mandatory for:

  • Digital Banking & Cards products for all customer types (B2C, B2B, and Freelancers) in all countries.

You must now determine whether the customer wishing to open a bank account with Solaris is subject to US tax law. Solaris is required to perform this check to comply with the Foreign Account Tax Compliance Act (FATCA). At this stage, you must ask for a self-declaration of FATCA relevance. You must ask the following question to the potential account holder and provide an accompanying yes/no input field.

  • If the customer answers "yes," set the value of fatca_relevant to true. In this case, the customer cannot be onboarded. - If the customer answers "no," set the value of fatca_relevant to false and store this in your solution.
  • Record the timestamp of the customer's confirmation of the FATCA relevance and pass it to our API in the attribute fatca_crs_confirmed_at (A property in the create person resource).
Important
  • Only customers with a fatca_relevant value of false can proceed with onboarding.
  • For business customers, you must also collect the FATCA self-declaration from all natural persons associated with the business, such as legal representatives, beneficial owners, and any authorized person on the business account.

Retail customers

Are you a U.S. citizen (incl. dual citizenship), do you have a residence or a permanent residence permit in the USA, or do you reside in the USA; for more than 180 days a year?

* Includes the US Minor Outlying Islands and the US Virgin Islands

Business customers

Display the following legal text to collect the FATCA indication for the business itself (i.e., the legal entity).

note

In the context of a B2B bank account, the account holder is the business itself, the legal entity.

Is the business established in the USA* or has it been established under the laws of the USA*, and does the business have a tax residency in the USA*?

* Includes the US Minor Outlying Islands and the US Virgin Islands

Display the following legal text to collect the FATCA indication for all legal representatives linked to the business:

Is any of the business's legal representatives a U.S. citizen (incl. dual citizenship), do they hold a residence or a permanent residence permit in the USA*, or do they reside in the USA*; for more than 180 days a year?

* Includes the US Minor Outlying Islands and the US Virgin Islands

The business' beneficial owners

Display the following legal text to collect the FATCA indication for all beneficial owners linked to the business:

Is any of the business's beneficial owners a U.S. citizen (incl. dual citizenship), do they hold a residence or a permanent residence permit in the USA*, or do they reside in the USA*; for more than 180 days a year?

* Includes the US Minor Outlying Islands and the US Virgin Islands

FATCA screening checks

To comply with the Foreign Account Tax Compliance Act (FATCA), Solaris is required to perform checks to determine whether the customer is subject to US tax law. These checks are in addition to the self-declaration during the Legal and Compliance screen.

To perform the FATCA checks, parse the person and identification resources using the following endpoints:

Hard criteria

To determine the customer's FATCA relevance, you must screen for the following hard criteria:

  • Has the customer provided a US passport as their identification document? Check the legitimation_country attribute on the identification resource.
  • Is the customer a citizen of the US? Check the nationality attribute.
  • Has the customer provided a residential address in the US, the US Minor Outlying Islands, or the US Virgin Islands? Check the country attribute.
  • Was the customer born in the US, the US Minor Outlying Islands, or the US Virgin Islands? Check the birth_country attribute.

When to reject the customer

If any of these hard criteria attributes have the value of US or USA, you must deny banking services to the customer and stop the onboarding process. Failure to screen for these hard FATCA criteria may cause ongoing operational burdens for Solaris customer support.

Soft criteria

To further determine the customer's FATCA relevance, screen for the following soft criteria:

  • Has the customer provided a US mobile number? Check the mobile_number attribute. US mobile numbers have a country code of +1.
  • Is the customer's only address a PO box or a c/o address? Check the address_line_1 and address_line_2 attributes.

When to reject the customer

  • If the answer is "Yes" to any of the soft criteria, ask the customer to clarify their phone number and/or address.
    • If the customer provides a non-US phone number and a physical address, you may onboard them.
  • If the customer does not provide a non-US phone number and a physical address, you may not onboard them.

Failure to screen for soft FATCA criteria may cause ongoing operational burdens for Solaris customer support.

Important

Note that Solaris periodically checks FATCA relevance for existing customers. If a customer's FATCA relevance changes to true, Solaris's Customer Support team will provide further instructions.

PEP declaration

Check if the customer is a Politically Exposed Person (PEP).

Mandatory for: Digital Banking & Cards in France, Italy, and Spain.

Action: Implement a yes/no checkbox with the following text. Link the "PEP definition" to a pop-up.

"Are you, a member of your family or a close associate, in charge or assigned with, or have been in the last year, a prominent public or political office, including:

  • national or local political representation,
  • public management or auditing (including State owned companies),
  • public health management,
  • High judicial courts,
  • International organizations management or auditing"

PEP definition

Politically exposed persons (PEPs) are natural persons who hold, or have held for less than one year, important public office, as well as members of their families and those known to have close links with such persons.

  1. natural persons who hold or have held important public office are those who hold or have held the office of:
    • President of the Republic, President of the Council, Minister, Vice-Minister and Undersecretary, President of the Region, Regional Councillor, Mayor of a provincial capital or metropolitan city, Mayor of a municipality with a population of not less than 15,000 inhabitants, as well as similar offices in foreign States;
    • member of parliament, senator, member of the European Parliament, regional councillor, and similar offices in foreign states;
    • member of the central governing bodies of political parties;
    • judge of the Constitutional Court, magistrate of the Court of Cassation or of the Court of Auditors, State councillor and other members of the Council of Administrative Justice for the Region of Sicily, as well as similar offices in foreign States;
    • member of the governing bodies of central banks and independent authorities;
    • ambassador, chargé d'affaires or equivalent posts in foreign States, senior officer of the armed forces or similar posts in foreign States;
    • member of the administrative, management or control bodies of companies controlled, even indirectly, by the Italian State or a foreign State, or companies in which the Regions, provincial capitals, metropolitan cities and municipalities with a total population of at least 15,000 inhabitants hold a majority or total interest;
    • general manager of ASLs and hospital companies, university hospital companies and other bodies of the national health service;
    • director, deputy director and member of the management body or person performing equivalent functions in international organizations;
  2. family members of politically exposed persons are: the parents, the spouse or the person bound in a civil union or de facto cohabitation or similar institutions to the politically exposed person, the children and their spouses as well as the persons bound to the children in a civil union or de facto cohabitation or similar institutions;
  3. persons with whom the politically exposed person is known to have close ties:
    • natural persons who, within the meaning of this decree, jointly hold beneficial ownership of legal entities, trusts and similar legal arrangements with the politically exposed person, or who have close business relations with the politically exposed person;
    • natural persons who only formally hold 100% control of an entity known to have been set up, in fact, in the interest of and for the benefit of a politically exposed person.

Compliance disclaimer

Display the compliance disclaimer immediately before the identification process.

Mandatory for: Digital Banking & Cards (all customer types).

Action: Collect the customer's agreement to the following text. You may only adapt the highlighted portions.

Retail customers

I am hereby opening a bank account in my own name and I confirm the following:

  • I am fully legally responsible for all account activity.
  • I will use the account exclusively for private/business purposes.
  • I do not act on behalf of, or instructed by, a third person.

Beware of tricksters that try to mislead persons into opening bank accounts under false premises (e.g., app testing, job offers, credit brokering, identification for apartment offers) and misuse your account for criminal purposes.

Business customers

The bank account is opened on behalf of the indicated company. The following is confirmed:

  • The company is responsible for all account activity and the persons accessing the account have relevant rights of access and disposal.
  • The account is exclusively used for business purposes.
  • The account is not opened on behalf of, or by instruction of, a third person.

Beware of tricksters that try to mislead persons into opening bank accounts under false premises (e.g., app testing, job offers, credit brokering, identification for apartment offers) and misuse your account for criminal purposes.

UI requirements

To ensure valid consent:

  • Exclusivity: Display this text on its own screen. Do not combine it with other information.
  • Visibility: Use a large, readable font. Do not hide it in fine print.
  • Timing: Show this screen immediately before the identification SDK flow.
  • Interaction: The customer must actively confirm understanding (e.g., via a switch or checkbox).
  • Separation: The consent action must be independent of the "Next" button.
  • Auditability: Store the consent in a way that is auditable.

Best practices:

  • Implement a short delay (1-3 seconds) before enabling the consent button to encourage reading.
  • Use distinct UI elements (switches) to signal conscious consent.

Example screen for compliance screen

The following screen is an example of how you can build the compliance screen in your sign-up flow:

Screen: Compliance example screen

Previous page
Next page