<aside> ℹ️

The FAQ here are intended for CARO users and people who have already had some exposure to CARO. If you have just discovered CARO, you might find the introductory resources on our website helpful to get started.

</aside>

CARO usage

Which entity should we use for credentialing?

If your enterprise consists of more than one entity, you will need to choose one that is to represent the corporate ATP status. However, we cannot advise on the choice of entity for ATP credentialing.

In the end, your compliance team must be comfortable with the following decisions:

• with which corporate identity you appear in VRS interactions and
• to which entities you give permission to utilize that corporate identity.

A way of thinking about this is to start at the end of the process: For which entity can you prove ATP status? Then this entity will also need to undergo identity proofing bearing in mind that:

• the entity name and address across all documents must match;
• the individual(s) submitting the evidence for due diligence must be authorized (usually employed) by the entity.

Your VRS set-up may also help you decide, as it makes sense to use the same entity for credentialing as you use with your VRS.

I have my first set of credentials! How does credential renewal work?

As far as regular renewals of your Identity and ATP credentials are concerned, your work is done.

For as long as you maintain your contract and subscription payments with us, your credentials will be monitored and re-issued in the background. We will only need to involve you in further due diligence activities if something changes about your company that affects the validity of the credentials. If we detect anything like that, you will hear from us.

Do I have to upload all my trading partners to set up CARO?

No, you do not need to pre-populate CARO with your business partners. The list of trading partners within CARO will grow organically as interactions with your CARO Enterprise Account happen. The use of verifiable credentials by CARO caters for the underlying due diligence and capturing of salient counterparty details in your audit log by design.

Are a Trading Partner's licenses visible in the electronic credentials?

No. Any organizational or licensing documents submitted during the credential application process are used for due diligence by the Credential Issuer but will not be disclosed in the electronic credentials.

What details are captured by CARO's audit log?

CARO offers two audit logs. One captures transaction details, such as transaction ID, time, type, status, interacting parties. The other one captures user activity, so you always know who did what when. These data are securely stored in a non-public AWS database.