Stripe · Stripe Terms of Service

AML and KYC Identity Verification Obligations

Medium severity
Share 𝕏 Share in Share 🔒 PDF

What it is

Stripe is legally required to verify your identity and business information before you can use its services, and it may check your details against external databases without further notice.

Consumer impact (what this means for users)

Merchants must provide extensive personal and business information — including date of birth, tax ID, and beneficial ownership details — and authorize Stripe to share that information with third-party verification services, with no guarantee of a successful outcome or right to contest a failed verification.

Cross-platform context

See how other platforms handle AML and KYC Identity Verification Obligations and similar clauses.

Compare across platforms →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

This means Stripe collects and shares sensitive personal and business data with third-party identity verification services, which has privacy implications and may result in account access being denied if verification fails.

View original clause language
Stripe is required by law to obtain, verify, and record information that identifies the beneficial owners and authorized representatives of each business that uses our services. Before providing you with access to the Stripe Services, we will collect information including your name, business name, address, email address, date of birth, tax identification number, and other information, as required by applicable laws. We may also verify this information against third-party databases and public records, and we may request additional documentation if we are unable to verify your identity. You authorize Stripe to make any inquiries, either directly or through third parties, that we consider necessary to verify your identity and prevent fraud.

Institutional analysis (Compliance & legal intelligence)

(1) REGULATORY FRAMEWORK: This provision implements Bank Secrecy Act (31 U.S.C. § 5311) and FinCEN Customer Due Diligence Rule (31 C.F.R. § 1020.210) obligations, including the Beneficial Ownership Rule (31 C.F.R. § 1010.230) for legal entity customers. USA PATRIOT Act §326 requires financial institutions to implement CIP programs. GDPR Arts. 6(1)(c) and 9 apply to EU Users whose data is processed for legal compliance purposes; CCPA §1798.100 applies to California residents. The sharing of data with third-party verification databases implicates the FCRA (15 U.S.C. §1681) if those databases are consumer reporting agencies. (2)

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • FTC
    The FTC has authority over third-party identity verification data sharing practices and FCRA compliance by entities using consumer reporting databases.
    File a complaint →

Provision details

Document information
Document
Stripe Terms of Service
Entity
Stripe
Document last updated
April 29, 2026
Tracking information
First tracked
April 27, 2026
Last verified
April 27, 2026
Record ID
CA-P-003377
Document ID
CA-D-00107
Evidence Provenance
Source URL
https://stripe.com/legal/ssa
Wayback Machine
View archived versions →
SHA-256
ba3a7b25a1b43698323b986577624b162c5c51802d1bb82f1a99dff5da4335ef
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: Stripe | Document: Stripe Terms of Service | Record: CA-P-003377
Captured: 2026-04-27 12:29:11 UTC | SHA-256: ba3a7b25a1b43698…
URL: https://conductatlas.com/platform/stripe/stripe-terms-of-service/aml-and-kyc-identity-verification-obligations/
Accessed: May 2, 2026
Classification
Severity
Medium
Categories
Unknown

Other provisions in this document