Handle verification updates
Help your connected accounts maintain compliance with changing verification requirements.
Before your connected accounts can accept payments and send payouts, you must fulfil what are typically called Know Your Customer (KYC) requirements. To do so, you must collect certain information about your connected accounts and send it to Stripe for verification.
Stripe frequently updates KYC requirements, often due to changes implemented by financial regulators, card networks, and other financial institutions.
Get risk requirements with the API
As part of a current preview, you can handle current and upcoming risk-related account issues with the account.requirements attribute. To learn more about how to participate in the preview, submit your email.
These updates might require you to take the following actions:
- Modify your onboarding flow to account for the changed requirements.
- Collect updated information from affected connected accounts and handle verification responses.
- Handle risk-related requirements by notifying connected accounts of identified issues so you can guide them to resolve through Stripe interfaces.
When upcoming requirements updates affect your connected accounts, we’ll notify you.
If you use embedded or Stripe-hosted onboarding, you can proactively collect information to fulfil future requirements. For embedded onboarding, include the collectionOptions
attribute in the embedded onboarding component. For Stripe-hosted onboarding, specify the collection_
parameter when creating account links.
API version considerations
In API version 2023-10-16 and later, the account
object’s requirements.errors array specifies the latest verification error types in the code
attribute. We recommend upgrading to API version 2023-10-16 and using requirements.
.
If you can’t update to version 2023-10-16, earlier versions of the requirements.
array include a detailed_
field to return verification errors that weren’t compatible with the code
attribute. The detailed_
attribute doesn’t appear in the API reference.
If you’re using account or remediation links to collect new requirements, set the API version to 2021-09-07 or later.
If you’re receiving account.
events. Set the webhooks API version to 2021-09-07 or later.
Modify your onboarding flow
Onboarding flow options
When requirements change, we update Stripe-hosted and embedded onboarding flows to reflect the changes. However, if you use a custom API-based onboarding flow, you must update it to handle any changed requirements.
Regardless of the onboarding flow type, you must address requirements changes for your existing connected accounts.
Onboarding Flow Type | Description | Update Responsibility |
---|---|---|
API-based | You build custom flows using Stripe APIs for your connected accounts. Your integration must meet all of Stripe’s onboarding requirements. | You’re responsible for identifying requirements changes and updating your flows to handle them. |
Embedded new | (Recommended method) Your connected accounts interact with a highly themeable and customisable UI in an embedded component without leaving your application. | You don’t have to update your onboarding flow when requirements change. Stripe automatically updates embedded onboarding components accordingly. |
Stripe-hosted | Your application redirects your connected accounts to Stripe to complete the onboarding process in a co-branded interface. | You don’t have to update your onboarding flow when requirements change. Stripe automatically updates hosted onboarding accordingly. |
If you use embedded components or Stripe-hosted onboarding, requirements changes don’t require you to update your onboarding flow. Skip to the section on collecting updated information.
If you use a custom API-based onboarding flow, handle updated requirements by following these steps or by replacing your onboarding flow with embedded components or Stripe-hosted onboarding.
Note
You can’t use the API to respond to Stripe risk reviews. You can enable your connected accounts to respond using embedded components, Stripe-hosted onboarding, or remediation links. You can also use the Dashboard to respond to risk reviews on behalf of your connected accounts.
Modify your API-based onboarding flow
Preview updated verification requirements
When verification requirements change, you must collect updated information by a certain date. Otherwise, connected accounts won’t be able to use the capabilities you request (for example, card_
). See details about the information you need to collect based on an account’s region, capabilities requested, and other factors.
You can avoid disruption of your connected accounts’ capabilities by planning the collection of updated information before the current_
. To preview information about upcoming requirements changes, look at the Account object’s future_requirements hash.
{ "id":
, "object": "account", "future_requirements": { "current_deadline": 1656608400, "currently_due": [ "company.tax_id" ], "disabled_reason": null, "errors": [], "eventually_due": [ "company.tax_id" ], "past_due": [], "pending_verification": [] }, ... }"{{CONNECTED_ACCOUNT_ID}}"
Note
If you use Stripe Data, you can retrieve the future_
hash using a Sigma query.
Add required fields to your onboarding flow
When you’ve identified the updated information you need to collect, add corresponding fields to your onboarding flow and update your connected accounts using the Accounts API.
To avoid disruption to your connected accounts, set up your onboarding flow to address all requirements listed in the Account object’s future_requirements.currently_due list.
You can also prepare for requirements that will apply when an account reaches their thresholds by considering the future_requirements.eventually_due list.
Test your updated onboarding flow
To simulate future verification requirements, create a test account using the Accounts API with enforce_
in the email field. That populates the account’s requirements
hash with all known future verification requirements.
To verify that your updated onboarding flow fulfils the account requirements, onboard the test account and check its requirements
hash. If your flow covers all the requirements, the currently_due list is empty.
Listen for account status changes to enable functionality
Detect account status changes by listening to the account.
event. After an account has gone through your onboarding flow, inspect the currently_
and pending_
lists in the account’s requirements
hash. When both are empty, and requirements.
is null, you can enable functionality for the account. When payouts_
is true, the account can receive payouts. When charges_
is true, unlock payments for the account.
{ "id":
, "object": "account", "charges_enabled": true, "payouts_enabled": true, "requirements": { "alternatives": [], "current_deadline": null, "currently_due": [], "disabled_reason": null, "errors": [], "eventually_due": [], "past_due": [], "pending_verification": [] }, ... }"{{CONNECTED_ACCOUNT_ID}}"
Collect updated information from accounts with outstanding requirements
You can collect updated information from your connected accounts using embedded components, Stripe-hosted onboarding, or the Stripe API. We recommend either integrating embedded components or directing your connected accounts to Stripe-hosted onboarding using Account Links.
In all cases, follow these steps:
Adjust your integration to handle new verification responses
When Stripe receives updated information about your connected accounts, it takes time to verify the associated account fields. Until we complete verification, assume that any related functionality remains disabled. To detect field verification updates, listen for account.updated events and inspect them for verification errors. If you don’t resolve an error before its deadline, it disables requested capabilities for affected accounts.
A disabled capability’s requirements
hash contains a disabled_reason that you can use to determine the action you must take. To investigate or to provide required information, use the Accounts to review tab in your Connect Dashboard.
Identify accounts with outstanding requirements
In your Connect Dashboard, select Accounts to review. It displays a list of connected accounts with current or future outstanding requirements. You can filter the list by account issue and status.
You can also see what information each connected account must provide, and the deadline, in the account object’s future_requirements hash or by using a Sigma query.
Prepare for enforcement of updated requirements
On the enforcement date for an account (future_
), the contents of the future_
hash move to the requirements
hash and Stripe generates an account.updated event. Because this enforcement can cause more accounts to require review, use the enforcement date as a reminder to check the Accounts to review tab in your Connect Dashboard.
Send connected accounts to the information collection flow
If any account has currently_due requirements or verification errors, you must address them by the requirements current_deadline. At that deadline, the requirements in the requirements.
array are added to the requirements.
array and any associated capabilities become disabled until you provide the information and resolve the errors.
Future requirements can immediately affect an account’s capabilities when they become current requirements. Make sure to address all requirements before their deadlines, even if they’re still in future_
.
When your accounts have requirements
that are currently_
, direct your accounts to address any issues according to your onboarding flow or with remediation links:
- API-based onboarding: Use your custom onboarding flow, optionally collecting
future_
as well.requirements - Embedded onboarding: Render the embedded onboarding component for affected accounts.
- Stripe-hosted onboarding: Use the Account Links API to generate a single-use link to Stripe-hosted onboarding. Send your connected accounts to this link from your application.
- Remediation links: Use the Dashboard to generate remediation links that your connected accounts can use to provide required information.