The onboarding pipeline, end to end.
This page walks through every stop on the client onboarding pipeline — what the client sees, what compliance does, what the system records, and which regulation each step is built around. It is the document compliance can hand to their own auditor.
A configurable, whitelabeled client onboarding platform for broker-dealers and RIAs.
One application replaces the patchwork of PDF forms, DocuSign envelopes, KYC vendor portals, and email approval threads that most firms still use. Compliance configures the flow per client type. Clients move through a guided wizard. Reviewers approve or reject from a single workbench. Every step is recorded as immutable audit evidence.
The product ships with four client-type templates out of the box — Professional Trader, Hedge Fund, Intro Broker-Dealer, and Retail — and the Admin Console lets compliance reshape any of them without engineering involvement.
Three personas, three views, one source of truth.
Compliance Admin
Configures the document set, form questions, KYC requirements, eSign templates, and disclosures per client type. Publishes versioned configurations.
Client
Receives an invite, completes a guided wizard, finishes identity verification in-browser, eSigns documents inline, and submits the application.
Compliance Reviewer
Works the queue: reviews applicant data, KYC results, signed documents, and either approves, rejects, or requests more info — all signed and audit-logged.
From invite to activation in one continuous record.
Each stop produces its own audit row. The application's full history is a deterministic sequence of those rows, joined by application_id.
The client receives a one-time invite link tied to a specific client type.
Compliance dispatches the invite from the Admin Console or via an upstream CRM. The link encodes the client type, the published configuration version, and a single-use token. Opening the link creates an applicant record and starts the session.
The wizard branches into three paths based on client type.
Institutional path
Pro Trader, Hedge Fund, Intro BD. 9 steps. Embedded at /m/portal.
Retail path
Individual, joint, UGMA, IRA. Step sequence varies by account type. Embedded at /m/retail.
Intro BD path
Same 9-step institutional shell, with additional NAA / MGN / W-8 documents bound to the BD entity.
The 9 institutional steps
1 · Select Account Type
retail redirects to the retail wizard.2 · Personal Information
3 · Employment & Financial Profile
4 · Trading Experience
5 · Identity Verification (KYC)
6 · Tax Certification
velocity-w8w9.vercel.app. Required by IRS § 1441 / FATCA.7 · Regulatory Disclosures
8 · eSign Documents
9 · Confirmation
Identity verification happens in the browser — no portal redirect.
Hyperverge is embedded as a component (originally from CleverAlpha-2.0). The flow: document capture (driver's license, passport, or state ID) → face match selfie → liveness check. Result returns synchronously. If the result is pending_review, the wizard pauses and notifies compliance.
CleverAlpha's own eSign engine — not DocuSign.
This is a deliberate architectural choice. CA's eSign engine (SACompliance/ESign on the admin side, ESignUser on the client side) lets the firm own the audit envelope, control the signature ceremony, and avoid the per-envelope vendor fees of DocuSign/HelloSign/Adobe Sign.
Documents bound to each client type are signed in a single envelope. Field positions are mapped in the Admin Console's eSign template editor. The signature pad captures stroke timing, IP, and user-agent. The completed envelope is sealed with a SHA-256 hash and written to immutable storage.
One workbench, one decision per row.
The Compliance Dashboard (/m/compliance) is the principal's surface. Live counts of queue depth. Filterable table. Slide-out drawer for full applicant detail. Three terminal actions: Approve · Request Info · Reject.
The Ops View (/m/ops) is the same surface with decision controls removed — for SLA monitoring without approval authority.
Approval fires a chain of one-shot events.
- Account creation — record created in the firm's clearing system (Velocity Clearing for CA, or whatever the licensee maps to)
- Welcome email — client receives account number, login instructions, funding wire details
- Document packet — signed envelope + KYC report + suitability profile delivered to compliance and the back office
- System handoff — application is archived, status set to
activated, and the applicant transitions to a customer record
Every field recorded, with retention and lineage.
Every step writes a row to its dedicated Supabase table. Rows are joined by application_id. Critical events are hash-chained (each row's hash includes the prior row's hash) so any tampering is detectable.
onboarding_configs
id, client_type, version, document_set, form_questions, logic, published_by, published_at. Retention: 6 years.applicants
id, email, client_type, config_version, invite_token_hash, opened_at. Retention: 6 years.onboarding_drafts
applicant_id, step, payload, completed_at. Retention: 6 years.kyc_results
applicant_id, vendor, result, document_type, face_match_score, liveness_score, sanctions_hit, raw_payload_redacted. Retention: 6 years.esign_envelopes
applicant_id, document_ids, signature_strokes, signed_ip, signed_ua, envelope_hash, storage_uri. Retention: 6 years, WORM.compliance_actions
application_id, reviewer_id, action, basis, prior_hash, this_hash, acted_at. Retention: 6 years, hash-chained.Every step ties to a documented rule.
| Pipeline stop | Rule | What it requires | How we satisfy it |
|---|---|---|---|
| Invite / Wizard | FINRA 4512 | Customer account information at opening | Steps 2–4 collect & persist |
| Wizard | FINRA 2090 | Know Your Customer | Step 2 identity, step 3 financial profile |
| Wizard | FINRA 2111 | Suitability | Step 3 + step 4 drive suitability profile |
| KYC | PATRIOT Act § 326 | Customer Identification Program | Step 5 Hyperverge in-browser verification |
| KYC | BSA / OFAC | Sanctions screening | OFAC, PEP, adverse-media screening on Step 5 |
| Tax | IRS § 1441 / FATCA | Tax certification | Step 6 W-9 inline / W-8 routed |
| Disclosures | Reg BI | Disclosure Obligation | Step 7 per-disclosure acknowledgment |
| eSign | ESIGN Act / UETA | Electronic-signature equivalence | Step 8 signature ceremony + envelope hash |
| Review | FINRA 4512(c) | Principal approval | Compliance Dashboard approve action |
| All | SEC 17a-3 / 17a-4(f) | Books and records, WORM | Hash-chained audit trail, 6-year retention |
What you can rebrand for Velocity Capital.
| Surface | Where it lives | Effort |
|---|---|---|
| Brand colors | velocity-brand.css — three CSS variables | 5 min |
| Wordmark / logo | Replace .vc-wordmark markup or swap ca-logo.png | 15 min |
| Display copy | Per-page <h1> / vc-lead text | 30 min |
| Email sender / from | Notification config in Admin Console → Notifications | 5 min |
| eSign template | Admin Console → eSign Templates → mapper | per template |
| Regulatory citations | Hand-edited in m-*.html narrative panels and /explainer sections | per change |
| Custom domain | Vercel project → Settings → Domains | 5 min |
Every red and white surface in this explainer is tagged with data-velocity-brand so a future find-and-replace can swap branding in one pass without touching content.