Run merchant screening
Run additional checks on the payments history of merchants on your platform
As a payment facilitator (Payfac), you can use the Onboarding API to carry out essential screening checks on the merchants who want to accept payments on your platform.
Merchant screening is a way to confirm that your merchant clients do not have any issues to prevent them from participating in J.P. Morgan payment networks. It complements your own background checks and Know Your Customer (KYC) due diligence process.
There are three possible outcomes of the screening process, represented in the API as:
APPROVED— The merchant screening is complete and your client has been approved. They are permitted to use the payment network.DECLINED— The merchant screening found a reason to decline your client's access to the payment network. They are not permitted to use the payment network.TERMINATED— Your merchant decides to manually stop the process and cannot be added as a merchant on your platform.
Submit client details for screening
To perform the screening process:
- Create a party to represent the merchant using
POST /parties. Both theorganizationDetailsandnetworkRegistrationfields must be filled in. - Capture the information for at least one related party by creating additional parties with the
parentPartyIdset to the merchant party'sid. This connects an individual to the merchant screening process. - Send the full information set for screening using
POST /parties/{id}/validationswith the merchant'spartyIDas the{id}. - Use
GET /parties/{id}to track the screening process.
Once you have sent the merchant's details for screening, they are automatically screened periodically to ensure they are still able to use J.P. Morgan banking and payment services.
Before you begin
To conduct merchant screening, make sure you can provide values for the following objects and fields:
General information about the party being created to represent the merchant
All of these fields are within the createPartyRequest object:
externalId— Your own unique identifier for your client.partyType— Whether your client is anINDIVIDUALor anORGANIZATION. In most cases, the party is anORGANIZATION. In this case, you need to add information about the organization and an associated individual — either aBENEFICIAL_OWNERor aCONTROLLER.- The parent party (the party you create first) must contain the
networkRegistrationobject, including the payment methods your client will settle to.
Organization details
All of these fields are within the organizationDetails object:
address— Full address of your client's organization, including city and postal code.dbaName— The name that your client's business is operating under.websiteAvailable— Whether or not your client trades over the internet.website— The URL for the website of your client's online business if they trade over the internet.organizationName— The legal name of your client's organization. This may be the same as the DBA, or it may be different.mcc— Merchant Category Code (MCC) for your client.secondaryMcc— To be added if your client has more than one MCC.
organizationIds.idType— The ID type in the organizationDetails object. The value for this can be eitherBUSINESS_REGISTRATION_IDorEIN.associatedCountries— Any country in which your client's organization has done business or has a presence. For example, US.
Individual details
All of these fields are within the individualDetails object:
firstNameandlastNameof the individual.addresses— Full address of your client's representative, including city and postal code.individualIds— Your client must provide one of three types of using:idType— The type of individual ID provided by your client. One each forPASSPORT,SSN(Social Security Number), orNATIONAL_ID.- The value is the passport number, Social Security Number (SSN), or national ID number for the ID.
Network registration details
These fields represent the payment types your merchant client intends to use, and related information. Some of these fields are dependent on the payment methods accepted by your clients.
All of these fields are within the networkRegistration object:
settlementPaymentMethods— The methods of payment accepted (and settled). You can add:VISA— for Visa debit and credit cards.DISCOVER— for Discover cards.AMEX_OPT_BLUE— for American Express cards.
visaDebitAcceptance— Whether your client intends to accept debit card payments from Visa. Required if Visa is selected as a settlementPaymentMethod. You can select:DEBIT_ACCEPTED_ALL— If your client accepts all Visa debit card payments.DEBIT_ACCEPTED_CARD_PRESENT— If your client accepts Visa debit cards only when the payment is in person. For example, in a physical store.DEBIT_ACCEPTED_CARD_NOT_PRESENT— If your client accepts Visa debit cards only when the payment is made online.DEBIT_NOT_ACCEPTED— If your cient does not accept Visa debit. This means only Visa credit cards are accepted.
currencyCode— The currencies accepted. Only required if AMEX_OPT_BLUE is selected as a settlementPaymentMethod.transactionDeviceType— The type of payment acceptance to be used. Accepted values are:HOST_BASED_POS_DEVICE— For online payments.TERMINAL_BASED_POS_DEVICE— For physical, in-store payments.SOFTWARE_POS_DEVICE— For payment through an app or other software.ALL_OTHER_POS_DEVICES— For payment through a device not available in the other options.UNKNOWN— For when the payment device is not known.
serviceEstablishmentStatus— If your client previously used the AMEX_OPT_BLUE network and it was terminated, you must add a value here. Accepted values:D_CANCELLED— If your client'sAMEX_OPT_BLUEservice was cancelled for derogatory or negative reasons.N_CANCELLED— If your client'sAMEX_OPT_BLUEservice was cancelled for normal reasons.R_REINSTATED— If your client'sAMEX_OPT_BLUEservice was cancelled and then reinstated.
serviceEstablishmentStatusUpdateDate— The date of the latest update of the merchant's AMEX_OPT_BLUE service. For example, "2024-01-25". This is required if you include a value for serviceEstablishmentStatus.settlementPaymentMethodsOptOut— If no settlement payment methods are selected, you must set this value toTRUEto confirm you do not want the merchant to be screened for any payment methods. This is to prevent accidental requests being sent without this important information.
Create a party for merchant screening
To enter your client's details for screening:
- Send all required party details for both individuals and your client's organization using
POST /parties. - If needed, add any additional individuals to your client using
POST /partieswith the ID returned in yourPOST/ partiesrequest as theparentPartyId. - Send the request to
POST /parties/{id}/validations. - Check the status of the screening with
GET /parties/{id}.
Here is sample of a complete POST /parties request with partyID for a merchant organization:
POST /parties
Json
{
"partyType": "ORGANIZATION",
"roles": [
"CLIENT"
],
"email": "foremanmedical@example.com",
"externalId": "394800000000555",
"organizationDetails": {
"organizationType": "C_CORPORATION",
"organizationName": "Foreman Medical Corporation",
"organizationDescription": "Purveyor of heirloom medical and dental instruments.",
"dbaName": "FM Corp",
"mcc": "5047",
"secondaryMccList": ["5065"],
"countryOfFormation": "GB",
"associatedCountries": ["GB", "US"],
"website": "https://foremanmedical.com",
"websiteAvailable": true,
"yearOfFormation": "2004",
"addresses": [
{
"addressType": "BUSINESS_ADDRESS",
"addressLines": [
"82 Alexander Road"
],
"city": "CREWE",
"state": "Scotland",
"postalCode": "CW181NE",
"country": "GB"
}
],
"phone": {
"phoneType": "BUSINESS_PHONE",
"phoneNumber": "2077221234",
"countryCode": "+44"
},
"organizationIds": [
{
"idType": "BUSINESS_REGISTRATION_ID",
"value": "100100122",
"issuer": "GB"
}
]
},
"networkRegistration": {
"settlementPaymentMethods": [
"VISA",
"DISCOVER",
"AMEX_OPT_BLUE"
],
"visaDebitAcceptance": "DEBIT_ACCEPTED_ALL",
"currencyCode": "GBP",
"transactionDeviceType": "HOST_BASED_POS_DEVICE",
"serviceEstablishmentStatus": "D_CANCELLED",
"serviceEstablishmentStatusUpdateDate": "2024-01-25"
}
}In the response to this request, you receive the id for your newly created party:
POST /parties response
Json
{
"id": "2000000555",
"partyType": "ORGANIZATION",
"roles": [
"CLIENT"
],
"email": "foremanmedical@example.com",
"externalId": "394800000000555",
"createdAt": "2022-11-18T12:28:11.232Z",
"organizationDetails": {
"organizationType": "C_CORPORATION",
"organizationName": "Foreman Medical Corporation",
"organizationDescription": "Purveyor of heirloom medical and dental instruments.",
"dbaName": "FM Corp",
"mcc": "5047",
"secondaryMccList": ["5065"],
"countryOfFormation": "GB",
"associatedCountries": ["GB", "US"],
"website": "https://foremanmedical.com",
"websiteAvailable": true,
"yearOfFormation": "2004",
"addresses": [
{
"addressType": "BUSINESS_ADDRESS",
"addressLines": [
"82 Alexander Road"
],
"city": "CREWE",
"state": "Scotland",
"postalCode": "CW181NE",
"country": "GB"
}
],
"phone": {
"phoneType": "BUSINESS_PHONE",
"phoneNumber": "2077221234",
"countryCode": "+44"
},
"organizationIds": [
{
"idType": "BUSINESS_REGISTRATION_ID",
"value": "100100122",
"issuer": "GB"
}
]
},
"networkRegistration": {
"settlementPaymentMethods": [
"VISA",
"DISCOVER",
"AMEX_OPT_BLUE"
],
"visaDebitAcceptance": "DEBIT_ACCEPTED_ALL",
"currencyCode": "GBP",
"transactionDeviceType": "HOST_BASED_POS_DEVICE",
"serviceEstablishmentStatus": "D_CANCELLED",
"serviceEstablishmentStatusUpdateDate": "2024-01-25"
}
}Add related individuals to a screening request
You can screen additional individuals related to your merchant client's business by creating a new party connected to the organization using its ID as a parentPartyId.
To add related parties to the root party:
- Send a further
POST /partiesrequest, with the organization's partyId as the value forparentPartyId. - Specify the related party's relationship via the
rolesfield. There should be at least oneCONTROLLERorBENEFICIAL_OWNERassociated with the organization.
Example request payload for POST /parties if the root party's ID is "2000000555":
POST /parties with parentPartyId included
Json
{
"parentPartyId": "2000000555",
"partyType": "INDIVIDUAL",
"roles": [
"CONTROLLER"
],
"individualDetails": {
"firstName": "Eric",
"lastName": "Foreman",
"birthDate": "1973-07-20",
"addresses": [
{
"addressType": "RESIDENTIAL_ADDRESS",
"addressLines": [
"1 Upper Littleton",
"Apt 2E"
],
"city": "Winford",
"state": "Bristol",
"postalCode": "BS18 8HF",
"country": "GB"
}
],
"countryOfResidence": "GB",
"phone": {
"phoneType": "BUSINESS_PHONE",
"phoneNumber": "2071234567",
"countryCode": "44"
},
"jobTitle": "Other",
"jobTitleDescription": "Top Dog",
"individualIds": [
{
"idType": "NATIONAL_ID",
"value": "444331111",
"issuer": "GB"
}
]
}
}Example Response for an approved additional party:
Response to a request to POST /parties with parentPartyId
Json
{
"id": "2000000556",
"createdAt": "2022-11-18T12:28:11.232Z",
"partyType": "INDIVIDUAL",
"parentPartyId": "2000000555",
"profileStatus": "NEW",
"roles": [
"CONTROLLER"
],
"active": true,
"individualDetails": {
"addresses": [
{
"addressType": "RESIDENTIAL_ADDRESS",
"addressLines": [
"1 Upper Littleton",
"Apt 2E"
],
"city": "Winford",
"state": "Bristol",
"postalCode": "BS18 8HF",
"country": "GB"
}
],
"birthDate": "1973-07-20",
"countryOfResidence": "GB",
"firstName": "Eric",
"lastName": "Foreman",
"individualIds": [
{
"idType": "NATIONAL_ID",
"value": "444331111",
"issuer": "GB"
}
],
"jobTitle": "Other",
"jobTitleDescription": "CEO"
}
}Send the completed party details for screening
To complete the screening request, send a request to POST /parties/{id}/validations without a request body. Use the parent party ID as the {id} in this request.
A successful response confirms the date and time the request was accepted. For example:
A response to a POST /parties/<id>/validations request:
Json
{
"acceptedAt": "2024-01-20T14:00:00.000Z"
}Check the status of a merchant screening request
To check the status of a screening request, you can use GET /parties/{id}. Use the parent party ID as the {id} in this request.
In the response, check the profileStatus for the most up to date status of your merchant screening request. Possible values are:
NEW— When you have not yet submitted the party details for screening. Make sure you have sent the request using POST /parties/{id}/validations.REVIEW_IN_PROGRESS— When the merchant screening is in progress.APPROVED— When the merchant screening is complete and your client has been approved.DECLINED— When the merchant screening found a reason to decline your client's access to the payment network.TERMINATED— When Your merchant decides to manually stop the process and cannot be added as a merchant on your platform.
The response shows the status of the request:
Example response showing profileStatus: "APPROVED". This means your client has passed the merchant screening successfully:
Response to a GET /party/{id} request showing the `profileStatus` as APPROVED
Json
{
"id": "2000000555",
"createdAt": "`2022-11-18T12:28:11.232Z`",
"email": "foremanmedical@example.com",
"externalId": "394800000000555",
"partyType": "ORGANIZATION",
"profileStatus": "APPROVED",
"roles": [
"CLIENT"
],
"active": true,
"organizationDetails": {
"addresses": [
{
"addressType": "BUSINESS_ADDRESS",
"addressLines": [
"82 Alexander Road"
],
"city": "CREWE",
"state": "Scotland",
"postalCode": "CW181NE",
"country": "GB"
}
],
"associatedCountries": [
"GB",
"US",
],
"countryOfFormation": "GB",
"dbaName": "FM Corp",
"jurisdiction": "GB",
"organizationName": "Foreman Medical Corporation",
"organizationDescription": "Purveyor of heirloom medical and dental instruments.",
"organizationIds": [
{
"idType": "BUSINESS_REGISTRATION_ID",
"value": "100100122",
"issuer": "GB"
}
],
"phone": {
"countryCode": "+44",
"phoneType": "BUSINESS_PHONE",
"phoneNumber": "2077221234"
},
"website": "https://foremanmedical.com",
"websiteAvailable": true,
"mcc": "5047",
"secondaryMccList": [
"5065"
]
},
"networkRegistration": {
"settlementPaymentMethods": [
"VISA",
"AMEX_OPT_BLUE",
"DISCOVER"
],
"settlementPaymentMethodsOptOut": false,
"visaDebitAcceptance": "DEBIT_ACCEPTED_ALL",
"currencyCode": "GBP",
"transactionDeviceType": "HOST_BASED_POS_DEVICE",
"serviceEstablishmentStatus": "D_CANCELLED",
"serviceEstablishmentStatusUpdateDate": "2024-01-25"
}
}You have completed the merchant screening process.
Next steps
Take a look at the testing pages to help with your implementation of Merchant screening.