Skip to main content
Didit’s Business Verification (KYB) lets you verify companies and legal entities before onboarding them to your platform. The system automates company registry lookups, identifies beneficial owners and officers, screens all parties against AML watchlists, and collects supporting documents — all within a single workflow. Each verified company is tracked as a business profile, aggregating results across sessions. New to Didit KYB? Start with the quickstart for a 10-minute end-to-end walkthrough, then read the integration guide for production patterns. For the underlying Business entity model (linking to Users, blocklists, import/export), see Businesses.

How it works

Create a business session

Start a business verification by creating a session with a KYB workflow. When the workflow type is KYB, Didit automatically creates a business session:
curl -X POST https://verification.didit.me/v3/session/ \
  -H "x-api-key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "workflow_id": "your-kyb-workflow-id",
    "vendor_data": "company-123"
  }'
The session type is determined by the workflow — no extra fields needed. KYB workflows automatically create business sessions with business-specific features enabled.

Company registry lookup

Didit queries official company registries to retrieve:
DataDescription
Company nameLegal name as registered
Registration numberOfficial company registration number
CountryCountry of incorporation
StatusActive, dissolved, struck off, etc.
Company typeLtd, LLC, PLC, SA, GmbH, etc.
Incorporation dateDate the company was registered
Registered addressOfficial registered office address
Tax numberTax identification number (where available)
Registry data is cross-referenced with the information provided to detect inconsistencies.

Key people — UBOs, shareholders, directors & representatives

The system identifies every person and corporate entity tied to the business under the unified Key People model:
  • UBOs — individuals who ultimately own or control the company, with ownership and voting percentages
  • Shareholders (individual and corporate) — each with their ownership percentage
  • Directors, representatives, secretaries, authorized signatories, and other officer roles — with their specific role tag
  • Corporate ownership layers — parent companies in the ownership chain, with optional nested KYB
A single person can carry multiple role tags (for example, director and shareholder). Each role is individually configured in the workflow — which roles require KYC, which KYC workflow to use, and whether the end user can skip verification. Learn more in Key People and Ownership.

AML screening

All identified parties are automatically screened against global AML watchlists:
  • Company AML — screens the company entity against sanctions, adverse media, and regulatory enforcement lists
  • Person AML — screens each key person (UBO, shareholder, director, representative, etc.) individually
  • Uses the same two-score risk system (match score + risk score) as user verification

Document collection

Collect and verify supporting documents:
Document typeExamples
Certificate of incorporationCompany formation certificate
Articles of associationBylaws, memorandum of association
Proof of addressUtility bills, bank statements for the registered address
Shareholder registerOfficial register of shareholders
Financial statementsAnnual accounts, audit reports
Tax certificatesTax registration or compliance certificates
Custom documentsAny additional documents required by your compliance process
Analysts can request additional documents from the business during the review process.

Review and decide

The business session receives an overall status based on all checks:
StatusMeaning
ApprovedAll checks passed — company is verified
In ReviewOne or more checks require manual review
DeclinedA critical check failed (e.g., dissolved company, sanctioned entity)
Analysts can review all collected data in the Business Console, add comments, request additional documents, and make a final decision.

Business session lifecycle

Each business verification runs within a business session that tracks progress through the following statuses:
StatusDescription
NOT_STARTEDSession created but verification has not begun
IN_PROGRESSVerification is underway — registry lookups, AML screening, or document collection in progress
APPROVEDAll checks passed — company is verified
DECLINEDA critical check failed (e.g., dissolved company, sanctioned entity)
IN_REVIEWOne or more checks require manual analyst review
RESUBMITTEDPreviously declined session resubmitted with updated data
Each session has a unique session_id, a sequential session_number, and a session_token for the hosted verification link. When a session is created with a vendor_data identifier, Didit automatically links it to the corresponding business profile.

Feature statuses

Business verification tracks the status of each component independently:
FeatureDescription
Registry checkCompany registry lookup and data extraction
Company AMLCompany-level AML screening against sanctions and watchlists
DocumentsDocument collection, OCR, and cross-referencing
Key peopleBeneficial owner and officer identification, AML, and KYC
Each feature can be: NOT_FINISHED, APPROVED, DECLINED, IN_REVIEW, or RESUB_REQUESTED. The overall session status aggregates the individual feature statuses — the session is only APPROVED when all required features pass.

Webhook events

Business sessions generate the following webhook events:
EventTrigger
status.updatedSession status changed. Payload carries session_kind: "business" for KYB sessions.
data.updatedSession data changed (registry, key people, documents, AML). Payload carries session_kind: "business".
business.status.updatedThe linked Business entity’s status changed (ACTIVE / FLAGGED / BLOCKED).
business.data.updatedThe linked Business entity’s profile fields or aggregate counters changed.
Webhook payloads include session_kind: "business" and the business_session_id to distinguish them from user verification events. See Webhooks for signature verification and delivery details.

Key capabilities

CapabilityDescription
Automated registry lookupsQuery official company registries in supported countries
UBO identificationAutomatically extract beneficial ownership structures with percentages
Officer screeningIdentify and verify directors, secretaries, and other officers
Company AMLScreen the company entity against sanctions and watchlists
Person AMLScreen all identified UBOs and officers individually
KYC linkingLink each identified person to a User Verification (KYC) session for identity verification
Document collectionStructured document requests with upload tracking
OCR cross-checkingExtract data from uploaded documents and cross-reference with registry data
Business profilesAutomatic profile creation and session aggregation for each verified company
Feature-level statusesIndependent status tracking for registry, AML, documents, and key people
Risk assessmentOverall risk level based on company status, AML results, and ownership complexity
WebhooksReceive session lifecycle and data update events in real time via webhooks

Business sessions vs. user sessions

FeatureUser sessionBusiness session
TargetIndividual personCompany or legal entity
Session kinduser (default)business
Core checksID, liveness, face match, AMLRegistry lookup, UBO, officers, company AML
Additional checksPhone, email, proof of address, NFCDocument collection, person AML, KYC linking
Webhook payloadsStandard session eventsInclude session_kind: "business" and business_session_id

Next steps

Business profiles

Track companies across sessions with profiles, tags, and bulk operations.

Company data

Registry lookups, company status, and data cross-referencing.

Ownership structure

UBO identification, corporate shareholders, and ownership chains.

Officers & directors

Director identification, roles, and KYC linking.

AML screening

Company and person-level AML checks.

Documents

Document collection, requests, and OCR verification.