KYC / KYB

Customers represent your end users in the Inflow Connect ecosystem. As a developer/business, you register your customers (not yourself) with Inflow Connect to enable seamless transfers of stablecoins or fiat currencies from or to their wallets or bank accounts. All KYC and KYB checks are handled by Inflow Connect so you can safely move funds, knowing that Inflow Connect has properly vetted your users in compliance with legal requirements.

⚠️ Important: You are registering your customers, not yourself. If you need to transact as an entity yourself, you can register your own business as a separate customer.

This information enables Inflow Connect to verify customer identity ("they are who they say they are") and ensures you, as a developer, remain compliant with local laws and anti-money laundering (AML) regulations.

Status Progression

💡 Expected Time-to-Approval

Individual customers are typically approved within seconds to minutes through automated verification. In cases requiring manual review, approval may take 1-3 business days.

Business customers generally require 3-7 business days for approval, as they undergo enhanced due diligence. High-risk jurisdictions or complex business structures may extend this to 14 business days.

We recommend using authentic data, as verification providers will reject customers with improperly formatted information (e.g., incorrect tax ID format, invalid postal codes).

Once submitted, KYC/KYB statuses progress through the following states:

1. SUBMITTED → APPROVED

   • Optimal path for individual customers where information passes automated verification within seconds
   • Most common flow for straightforward individual onboarding

2. SUBMITTED → UNDER_REVIEW → APPROVED/REJECTED

   • Triggered when customer data requires manual compliance review
   • All business customers follow this path
   • Individual customers from high-risk jurisdictions or with data inconsistencies

3. SUBMITTED → REJECTED

   • Immediate rejection due to invalid information (incorrect tax IDs, sanctions list matches, etc.)
   • Customer can be updated and re-submitted

Handling UNDER_REVIEW and REJECTED

When customers require additional review or are rejected, the API returns detailed feedback through two fields:

• developerReason: Internal use only. Contains technical details for troubleshooting and may include sensitive information not suitable for end users
• reason: Customer-facing message that can be shared directly with your users

Re-submission Options

When a customer is rejected, you have two options to update their information:

• Use the KYC link: Direct the customer to complete verification again using the verification_url from the customer object

It triggers a new compliance review for the updated customer.

Compliance Requirements by Customer Type

Individual Customers

Individual customers require basic identity verification with government-issued documents.

Key Requirements:

• Government-issued photo ID (passport, driver's license, national ID)
• Proof of address (utility bill, bank statement, government correspondence)
• Tax identification number (SSN, NIN, etc.)
• Selfie verification for enhanced security

See Requirements for Individuals for complete documentation requirements and country-specific details.

Business Customers

Business customers undergo enhanced due diligence including entity verification and beneficial ownership identification.

Key Requirements:

• Business registration documents (certificate of incorporation, business license)
• Ultimate Beneficial Owner (UBO) identification for owners with 25%+ ownership
• Control person verification (directors, signatories, key executives)
• Business tax identification and registration numbers
• Financial statements or bank statements

See Requirements for Businesses for complete documentation requirements and beneficial ownership thresholds.

Geographic Coverage

Inflow Connect supports customer onboarding in most countries worldwide, with specific restrictions for:

• Prohibited Countries: OFAC-sanctioned jurisdictions where onboarding is not permitted
• High-Risk Countries: Enhanced due diligence required with case-by-case evaluation
• Restricted Industries: Certain business activities require additional compliance review

See Onboarding Regions for complete geographic restrictions and prohibited industries.

Document Standards

Accepted File Formats

• Images: PNG, JPG, JPEG
• Documents: PDF
• Maximum file size: 10MB per document

Quality Requirements

• Resolution: Minimum 300 DPI for optimal OCR processing
• Clarity: All text and security features must be clearly visible
• Completeness: Entire document must be visible within frame
• Authenticity: Original documents only - no photocopies or screenshots

Security Features

• Documents must display original security features (holograms, watermarks, etc.)
• No alterations, tampering, or digital modifications
• Expiration dates must be clearly visible and current

Best Practices

Data Collection

• Collect accurate information to minimize verification delays
• Validate data formats before submission (tax IDs, postal codes, etc.)
• Pre-screen for obvious issues (expired documents, poor image quality)

User Experience

• Set clear expectations for verification timelines
• Provide specific guidance for document requirements
• Offer multiple upload attempts for technical issues
• Maintain communication during review periods

Security

• Encrypt customer data in transit and at rest
• Implement proper access controls for sensitive information
• Maintain audit logs for compliance purposes
• Never store unencrypted identification documents

Error Handling

• Parse submissionIssues for specific remediation guidance
• Implement retry logic for temporary failures
• Provide fallback options for users who cannot complete verification
• Escalate complex cases to support channels