Customer Pre-Validation (KYC)
Overview
The Customer Pre-Validation endpoint performs comprehensive regulatory identity checks and risk profiling before wallet creation.
This critical compliance step ensures that:
- Customer identity is verified via BVN
- Sanctions screening is conducted
- PEP (Politically Exposed Person) status is determined
- Regulatory consent is obtained
- Biometric verification is initiated
Prerequisites
- Valid Bearer token (see Authentication)
- Customer's Bank Verification Number (BVN)
- Completed PEP and risk assessment questionnaire
Why Pre-Validation?
Pre-validation is a mandatory regulatory requirement that:
- Prevents fraud - Verifies customer identity before account opening
- Ensures compliance - Meets CBN KYC/AML regulations
- Manages risk - Identifies high-risk customers early
- Blocks sanctioned individuals - Screens against watchlists
- Streamlines onboarding - Catches issues before wallet creation
Endpoint
POST /waas/Onboarding/validate
Request Parameters
Required Headers
| Header | Value |
|---|---|
Authorization | Bearer <access_token> |
Ocp-Apim-Subscription-Key | Your access subscription key |
Content-Type | application/json |
Request Body Fields
| Field | Type | Required | Description |
|---|---|---|---|
merchantId | string | Yes | Your unique merchant identifier |
requestId | string | Yes | Unique client-side reference for tracking |
bvn | string | Yes | Customer's 11-digit Bank Verification Number |
dataConsent | boolean | Yes | Customer consent for data processing |
engagedInBetting | boolean | Yes | Whether customer engages in betting/gambling |
engagedInCrypto | boolean | Yes | Whether customer trades cryptocurrency |
issuedCeaseandDesist | boolean | Yes | Whether customer has cease-and-desist order |
PEP Assessment Fields
All PEP-related fields are required. If a field is true, the corresponding *Txt field becomes mandatory.
| Field | Type | Required | Description |
|---|---|---|---|
govtOfficial | boolean | Yes | Current or former government official |
govtOfficialTxt | string | Conditional* | Details about government position |
polPartyOfficial | boolean | Yes | Political party official |
polPartyOfficialTxt | string | Conditional* | Details about party role |
govtEntExec | boolean | Yes | Government enterprise executive |
govtEntExecTxt | string | Conditional* | Details about enterprise position |
militaryOfficial | boolean | Yes | Current or former military official |
militaryOfficialTxt | string | Conditional* | Details about military rank/unit |
royalFamily | boolean | Yes | Member of royal family |
royalFamilyTxt | string | Conditional* | Details about royal title/lineage |
intlOrgFunction | boolean | Yes | Senior role in international organization |
intlOrgFunctionTxt | string | Conditional* | Details about role/organization |
immediateFamilyPep | boolean | Yes | Immediate family member of PEP |
immediateFamilyPepTxt | string | Conditional* | Details about PEP relationship |
closeAssociatePep | boolean | Yes | Close associate of PEP |
associatePepTxt | string | Conditional* | Details about PEP association |
* Conditional = Required if corresponding boolean field is true
Request Example
curl -X POST https://api-sandbox.accessbankplc.com/waas/Onboarding/validate \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
-H "Content-Type: application/json" \
-d '{
"merchantId": "MRC123456",
"requestId": "REQ-2025-001-12345",
"bvn": "22222222222",
"dataConsent": true,
"engagedInBetting": false,
"engagedInCrypto": false,
"issuedCeaseandDesist": false,
"govtOfficial": false,
"govtOfficialTxt": "",
"polPartyOfficial": false,
"polPartyOfficialTxt": "",
"govtEntExec": false,
"govtEntExecTxt": "",
"militaryOfficial": false,
"militaryOfficialTxt": "",
"royalFamily": false,
"royalFamilyTxt": "",
"intlOrgFunction": false,
"intlOrgFunctionTxt": "",
"immediateFamilyPep": false,
"immediateFamilyPepTxt": "",
"closeAssociatePep": false,
"associatePepTxt": ""
}'
Response
Success Response
{
"succeeded": true,
"code": "200",
"message": "Validation data.",
"data": {
"requestId": "REQ-2025-001-12345",
"processId": "PROC-987654321",
"widgetUrl": "https://verification.accessbankplc.com/widget?token=abc123..."
},
"pageMeta": {},
"errors": {}
}
Response Fields
| Field | Type | Description |
|---|---|---|
requestId | string | Provided client-side identification number for tracking the request |
processId | string | An Id to recognize the process upon account opening |
widgetUrl | string | Widget URL for face verification redirection |
Important
Request Id & Process Id will be needed for wallet creation not just Process Id.
Biometric Verification Flow
After successful pre-validation:
- Redirect customer to the
widgetUrl - Customer completes face verification
- Verification result is linked to the
processId - Proceed to wallet creation using the same
processId
Data Consent
Consent Requirements
Before calling this endpoint, you must:
- ✅ Display a clear privacy notice
- ✅ Explain how data will be used
- ✅ Obtain explicit customer consent
- ✅ Set
dataConsent: truein the request
Sample Consent Language
"I consent to Access Bank and [Your Company] collecting and processing my personal data including my BVN, biometric information, and identity documents for the purpose of creating and managing my digital wallet, conducting identity verification, and complying with regulatory requirements."
Next Steps
After successful validation:
- Redirect customer to
widgetUrlfor biometric verification - Wait for verification completion
- Proceed to Wallet Creation using the
processId
