Skip to main content
An Organization is the business entity Tesouro maintains a banking relationship with — either directly, or indirectly through one of its banking partners. An Organization can be a bank, a platform partner contracted to a bank, a fintech partner contracted to that platform partner, or a business customer of the platform or fintech partner. Every bank account, user, transfer, and webhook in Embedded Banking is scoped to one Organization. Onboarding a business customer is KYB — the bank’s Know Your Business pipeline. It collects information on the business and the people behind it, runs identity and risk checks, and either opens a deposit account or doesn’t. These pages cover the concept. For the API shape of the application that drives KYB, see Bank account applications.

Where Organizations sit

A Tesouro deployment is a hierarchy of Organizations. The bank sits at the top, and the business customer is the leaf. In between sit the platform partners and fintech partners integrating Embedded Banking. A partner tier can be skipped — a fintech partner can sit under a platform partner or directly under the bank — but the business customer is always the leaf.
ExampleNorthfield Software, a platform partner integrating Embedded Banking, has its own Organization and creates a child Organization for each business customer that signs up through Northfield’s product. Northfield’s backend acts on those child Organizations using its own credentials and the X-Organization-ID header (see Creating an application).

Cross-organization isolation

A user identity is bound to the OIDC application that introduced it, which is bound to a single Organization. User-scoped tokens cannot read or write data outside that Organization — even if the same identity exists in another.

Prerequisites

You don’t need anything from the business customer before creating the application. An empty DRAFT is valid; details get PATCHed in later, either by your backend or by the applicant in a browser.

Where to next

What KYB collects

The three entities — business, controller, beneficial owners — and what to pre-fill to reduce drop-off.

Onboarding outcomes

Instant approval, manual review, denied — what each one means and what your product should do.