The evidence areas
Legal Registration
The business is legally registered with the relevant national or sub-national registry. Establishes legal existence, registration number, and date of incorporation.Constitutive Documents
The instrument that brings the business into existence and governs how it operates: name, registered address, share capital, governance rules. Sometimes a single document (South African MOI, Ghanaian Constitution); sometimes a paired set (Memorandum + Articles in common-law jurisdictions; Escritura + Estatutos in Hispanophone Latin America).Tax Registration
The business is registered with the national tax authority. The local artifact is typically a tax-ID certificate (CNPJ in Brazil, RFC in Mexico, EIN letter in the US, UTR notice in the UK, etc.).Operating Permit
The business has the general municipal or national permit to do business at its registered location. This is the local-government permit (Alvará, Patente, Licencia de Funcionamiento, Trade License, Patente Municipal) — not a sector-specific regulatory license. Some jurisdictions (UK, Singapore) issue no general operating permit; only sector-specific licensing applies.Sector-Specific License
The business is authorized to operate in a regulated sector — financial services, insurance, healthcare, telecom, etc. Only collected when your customer operates in a regulated sector (banks, broker-dealers, insurers, healthcare providers, MSBs, payment institutions). The issuing authority varies by sector and country (BCB / CVM / SUSEP in Brazil; FCA / PRA in the UK; SEC / FinCEN / OCC / state regulators in the US; BaFin in Germany).Ownership Records
The current equity owners (shareholders, members, partners) and any beneficial owners above the local disclosure threshold. The local artifact varies widely: corporate share registers (Stock Ledger, Libro de Acciones), members’ lists (Quadro Societário, Companies House PSC Register), beneficial-owner declarations (post-AMLD5 / FinCEN BOI / RBE / Transparenzregister). The per-country page tells you what to collect.Governance Records
The current board of directors and equivalent governance figures (managers, officers). Sometimes embedded in commercial-registry extracts (CR 12 in Kenya, CoR 39 in South Africa, Extrait RCCM across OHADA states); sometimes filed separately (Annual Report, Statement of Information, Acta de Designación).Signing Authority
An instrument evidencing that the person executing your agreement is authorized to bind the company. Conduit accepts a board resolution, notarized power of attorney, personería certificate, or other equivalent (acta de directorio, PV de Conseil, Vigencia de Poder, Imza Sirküleri, written resolution under CA 2006 s.288).Operating Address
Evidence of the business’s operating address — a lease agreement (no date bound), or a utility bill or bank statement dated within the last 90 days.Person-level evidence
The nine areas above cover the business entity. In most onboardings, identity verification for the business’s control persons is handled separately — either through a Conduit-hosted identity flow or, for organizations enrolled in KYC reliance, via an uploaded provider report.Identity verification (identity_verification)
A government-issued identity document — passport, national ID card, driver’s license. Collected as part of each control person’s identity verification flow. Required when Conduit runs per-person identity verification on your behalf.
Identity verification attestation (identity_verification_attestation)
A structured report exported from your own KYC/IDV provider confirming that a named individual has been verified. Required for all control persons when your organization is enrolled in KYC reliance.
This document type is distinct from a raw government ID (identity_verification). An attestation is a provider-issued verification report, not the identity document itself. The report must contain: the provider’s name, the person’s full legal name, a verification result (verified / approved / clear / pass or equivalent), a verification reference or case ID, and a completion date. One file per person; the name and date of birth in the report must match what was submitted in the onboarding request.
Attestations are attached at ownership.persons[i].documentIds[], not in the top-level documentIds[] array. See the KYC reliance integration guide for the full submission flow.