API Reference

KYC

Introduction to KYC

KYC (Know Your Customer) entails confirming the authenticity of your users.
Mandates like the Bank Secrecy Act/Anti-Money Laundering law (BSA/AML) necessitate that financial entities overseeing your assets conduct identity checks to curtail potential fraudulent actions.
Every user in the Kulipa system must successfully complete KYC in order to have a card issued for their account.

The KYC verification resolves vital queries:

  • Does the person (in the system, a user entity) genuinely represent their claims?
  • Have there been instances of dubious or deceitful actions associated with the individual or entity?

KYC types

  • full - A typical KYC one might find in many banking and fintech apps
  • light - A lightweight verification - see "Light vs Full KYCs" below.
  • shipping - Shipping address collection
  • full-followup - A special case of full KYC, where a second KYC provider needed to be invoked. In the future, this will be abstracted away from wallet providers.

Light vs Full KYCs

At Kulipa, we have an innovative approach to KYC, allowing users to undergo different levels of KYC,light or full, with the light process allowing a user to get a (limited) card without any document upload. The full KYC is similar to many other fintechs and apps, requires a document verification, and then allows the user to transact freely.

Light KYC is currently not available for EU + UK users.

Shipping address collection

Kulipa also uses the KYC system to collect shipping addresses for physical cards. This is an optional service that is designed to minimize the amount of sensitive data that wallet providers need to collect and handle by themselves. This is done by creating a shipping KYC in the system. It will then update the user entity with the latest shipping address. When a card order is placed, the user's last filled shipping address is used.

KYC Lifecycle

To begin KYCs, simply call the Initiate KYC endpoint with the desired type.

KYCs have the following statuses during their lifecycle:

  • draft - this is an internal KYC in Kulipa that has not been initialized yet. KYCs in this state are not healthy and in general are not expected to be exposed to wallet providers.
  • pending - A KYC is created and is awaiting user completion & an approval/rejection decision
  • completed - A KYC has been completed by a user and is pending a manual approval/rejection decision. Most KYCs will be automatically decided instantly.
  • verified - A KYC / user has been approved. The user should be moved to status active as well.
  • declined - A KYC has been rejected. Contact support if more details are required.
  • expired - A KYC has been expired (typically after 30 days) and a new one must be created.
  • revoked - A KYC has been revoked (cancelled). A new one must be created if desired, but might be revoked again - contact support to understand why the KYC was revoked.
  • failed - There was an error related to this KYC. Contact support.

From the wallet provider's point of view, when creating a KYC it is moved to status pending.

The user then needs to complete the KYC via access URL provided, and the results are sent back to the KYC provider, from which they propagate to Kulipa. In certain cases, a second KYC provider might be involved, in which case there will be two KYCs in status pending: One will be full and the other will be full-followup.

Once a decision is reached, the KYC will transition to verified or declined state (if there are 2 KYCs, they transition together). If the KYC has not been completed during an appropriate timeframe (default 30 days), it will switch to expired and a new one must be created if the user is still interested in onboarding.