Outsourced: Onboard a society
Under our outsourcing model, Griffin does not perform independent third-party verification of the data you submit. We define the information required to meet account opening and regulatory reporting obligations, and when data is submitted, we validate that the required fields are present and screen the customer against our appetite criteria — including industry, jurisdiction, and risk profile.
To check the different types of entities you can onboard using Outsourced, see Entities we onboard.
Outsourced onboarding is for firms which Griffin has a pre-existing agreement with to outsource the onboarding processes to. If you don't have this agreement in place, this onboarding guide does not apply to you.
Only users with the compliance role can create and submit Outsourced applications.
Process overview
There are four steps to onboarding a society via Outsourced:
- Capture the customer information
- Create the legal persons
- Run the verification
- View the verification outcome and onboarding decision
1. Capture the customer information
Society information
| Information | Claim | Required |
|---|---|---|
| Society name | entity-name | ✓ |
| Registered address | entity-address | ✓ |
| Society type | fca-mutuals-register | ✓ |
| Mutuals register number | fca-mutuals-register | ✓ |
| Registration act | fca-mutuals-register | ✓ |
| Business size | business-size | ✓ |
| SIC codes | sic-codes | ✓ |
| Tax residencies | tax-residencies | ✓ |
| External risk rating | external-risk-rating | ✓ |
| FCA Firm Reference Number | fca-fs-register-firm | Required when society-type is credit-union or building-society |
The society-type value determines which registration-act applies. Use the table below to find the correct act for the society you are onboarding:
| Society type | Registration act |
|---|---|
building-society | Building Societies Act 1986 |
credit-union | Credit Unions Act 1979 or The Credit Unions (Northern Ireland) Order 1985 or Co-operative and Community Benefit Societies Act (Northern Ireland) 1969 |
co-operative-society | Co-operative and Community Benefit Societies Act 2014 or Co-operative and Community Benefit Societies Act (Northern Ireland) 1969 |
Note: this is the data we require to be sent to our system. A larger set of data requirements will be required from the customer by the outsourcing party (you) to complete CDD and risk rate the customer.
Governing body member and senior manager information
For each individual linked to the society, you'll need:
| Information | Claim | Required |
|---|---|---|
| Full name (given name) | individual-identity | ✓ |
| Middle name | individual-identity | Optional |
| Full name (surname) | individual-identity | ✓ |
| Date of birth | individual-identity | ✓ |
| Governing body member role | governing-body-member | ✓ (every linked individual must have this or senior-manager-function-holder) |
| Senior manager role | senior-manager-function-holder | ✓ (every linked individual must have this or governing-body-member) |
| Role titles | role-titles | ✓ (required for every linked individual) |
| FCA Individual Reference Number | fca-fs-register-individual | Required when individual holds a senior-manager-function-holder role |
- Every individual linked to the society must hold at least one of
governing-body-memberorsenior-manager-function-holder. An individual may hold both. - Every linked individual must have a
role-titlesclaim describing their position(s) at the Society, for exampleChief Executive Officer,Secretary,Compliance Officer. - Individuals holding a
senior-manager-function-holderrole must also provide their FCA Individual Register reference number via thefca-fs-register-individualclaim.
2. Create the legal persons
In the API, your customer is represented as a legal person, and each of the data points above represent one claim about them. Create a corporation legal person to represent the society, then add claims about it and any governing body members or senior managers.
Create the society legal person
The example below uses a credit union, which requires a fca-fs-register-firm claim.
curl "https://api.griffin.com/v0/organizations/${ORGANIZATION_ID}/legal-persons" \
-H "Authorization: GriffinAPIKey $GRIFFIN_API_KEY" \
-H 'Content-Type: application/json' \
-d \
'{
"display-name": "Northside Credit Union",
"legal-person-type": "corporation",
"claims": [
{
"claim-type": "entity-name",
"entity-name": "Northside Credit Union"
},
{
"claim-type": "entity-address",
"address-line-1": "10 Riverside Road",
"city": "London",
"postal-code": "EC2V 9AN",
"country-code": "GB"
},
{
"claim-type": "fca-mutuals-register",
"fca-mutuals-register-number": "486CU",
"society-type": "credit-union",
"registration-act": "credit-unions-act-1979"
},
{
"claim-type": "business-size",
"business-size": "small"
},
{
"claim-type": "sic-codes",
"sic-codes": ["64922"]
},
{
"claim-type": "tax-residencies",
"tax-residencies": ["GB"]
},
{
"claim-type": "external-risk-rating",
"external-risk-rating": "low-risk"
},
{
"claim-type": "fca-fs-register-firm",
"fca-firm-reference-number": "123456"
}
]
}'
A successful response will display the URL for the newly created legal person (e.g. /v0/legal-persons/lp.njk7tIWvQJGPEFIdDmS9yQ) in the response's Location header and in the response body. Save this URL for the next step.
Create governing body member and senior manager legal persons
For each governing body member or senior manager, create an individual legal person. Include all their claims in the same request. If the individual holds a senior-manager-function-holder role, include their fca-fs-register-individual claim here too.
curl "https://api.griffin.com/v0/organizations/${ORGANIZATION_ID}/legal-persons" \
-H "Authorization: GriffinAPIKey $GRIFFIN_API_KEY" \
-H 'Content-Type: application/json' \
-d \
'{
"display-name": "PATEL, Amir",
"legal-person-type": "individual",
"claims": [
{
"claim-type": "individual-identity",
"given-name": "Amir",
"surname": "Patel",
"date-of-birth": "1978-09-22"
},
{
"claim-type": "fca-fs-register-individual",
"fca-individual-reference-number": "PRA12345"
}
]
}'
Add role associations to the society
After creating the individual legal persons, link them to the society by adding role association claims. Submit these to the society's claims endpoint:
curl "https://api.griffin.com/v0/legal-persons/lp.njk7tIWvQJGPEFIdDmS9yQ/claims" \
-H "Authorization: GriffinAPIKey $GRIFFIN_API_KEY" \
-H 'Content-Type: application/json' \
-d \
'{
"claim-type": "senior-manager-function-holder",
"legal-person-url": "/v0/legal-persons/lp.{individual-id}"
}'
curl "https://api.griffin.com/v0/legal-persons/lp.njk7tIWvQJGPEFIdDmS9yQ/claims" \
-H "Authorization: GriffinAPIKey $GRIFFIN_API_KEY" \
-H 'Content-Type: application/json' \
-d \
'{
"claim-type": "role-titles",
"legal-person-url": "/v0/legal-persons/lp.{individual-id}",
"role-titles": ["Chief Executive Officer"]
}'
In these examples, you create the legal person and their claims in one go, but you can also create a legal person first and then add claims individually. For more detail on claims, see the API reference.
3. Run the verification
Retrieve your workflows
If you're onboarding a customer for the first time, you will need to retrieve your workflows in order to submit the verification. Retrieve and cache your workflow URLs.
Submit the verification
Submit the corporation legal person for verification:
curl 'https://api.griffin.com/v0/legal-persons/lp.njk7tIWvQJGPEFIdDmS9yQ/verifications' \
-H "Authorization: GriffinAPIKey $GRIFFIN_API_KEY" \
-H 'Content-Type: application/json' \
-d '{"workflow-url": "/v0/workflows/wf.Ul-1r4gRWfOFxHJsHWghcA"}'
A successful response will look like this. Grab the verification-url for monitoring later.
{
"created-at": "2024-02-10T10:47:51.959Z",
"display-name": "Northside Credit Union",
"legal-person-type": "corporation",
"legal-person-url": "/v0/legal-persons/lp.njk7tIWvQJGPEFIdDmS9yQ",
"updated-at": "2024-02-10T10:47:51.959Z",
"verification-status": "pending",
"verification-url": "/v0/verifications/vn.BhpS_dCqFKRYXa8d457fgA",
"workflow-url": "/v0/workflows/wf.Ul-1r4gRWfOFxHJsHWghcA"
}
4. View the verification outcome and onboarding decision
Verification status
The verification has successfully completed when verification-status reaches checks-complete. You can track this by:
- Polling the
verification-url - Listening for
verification-updatedwebhook events
Example response:
{
"created-at": "2024-02-11T10:47:51.959Z",
"display-name": "Northside Credit Union",
"legal-person-type": "corporation",
"legal-person-url": "/v0/legal-persons/lp.njk7tIWvQJGPEFIdDmS9yQ",
"updated-at": "2022-08-15T10:48:03.215Z",
"verification-status": "checks-complete",
"verification-url": "/v0/verifications/vn.BhpS_dCqFKRYXa8d457fgA",
"workflow-url": "/v0/workflows/wf.Ul-1r4gRWfOFxHJsHWghcA"
}
Verification statuses explained
| Status | Description |
|---|---|
pending | Verification has been created but processing has not yet begun |
in-progress | Verification checks are actively being performed |
failed | An internal system error has occurred during verification |
checks-declined | Verification was terminated early due to failing one or more workflow checks |
checks-complete | Verification has successfully completed all required checks |
Decision process
After reaching checks-complete, the system will either:
- Generate an automated decision
- Refer the application for manual review (followed by a manual decision)
Monitor decisions by:
- Polling the
legal-person-decisions-urlendpoint - Listening for
decision-createdwebhook events
View on the legal person
Both the verification status and the decisions can be seen in context on the legal person entity.
curl 'https://api.griffin.com/v0/legal-persons/lp.njk7tIWvQJGPEFIdDmS9yQ' -H "Authorization: GriffinAPIKey $GRIFFIN_API_KEY"
The response will include application-status and also the latest-decision when one exists:
{
"latest-decision": {
"verification-url": "/v0/verifications/vn.BhpS_dCqFKRYXa8d457fgA",
"decision-outcome": "accepted",
"decision-maker": "user",
"decision-notes": "No red flags here",
"decision-user-url": "/v0/users/ur.ICAgICAgICAgdXNlci1pZA",
"created-at": "2024-08-11T10:47:51.959Z"
},
"display-name": "Northside Credit Union",
"application-status": "accepted",
"status-changed-at": "2024-02-11T10:47:51.959Z",
"created-at": "2024-02-10T10:47:51.959Z"
}
Once you have an accepted decision, you're good to go 🎉
What's next?
Open an account! See Types of bank accounts to get started.