Platform Agreement

Commonly Asked Questions

Revised March 19, 2024

Accessing the Brex platform

What company information do I need to open an account?

You can learn more about what you’ll be asked to provide to open an account in Section 1 of our Platform Terms, at brex.com/legal.

Importantly, due to Brex’s role as a financial services provider and related regulatory requirements, Brex must perform diligence via KYC (know your customer) review on our customers. Brex is also required to understand the nature and purpose of its customers' accounts, i.e., understand its customers' transactions, including making sure it is not providing financial services to entities on certain government lists, e.g., OFAC SDN, etc.

In certain instances, you may be asked to provide supporting documentation, such as your company’s formation documents and/or financial statements. Formation documents are documents showing the existence of an entity, such as Articles of Incorporation or a government-issued business license.

Our industry is listed on the Brex Restricted Activities List. How does that impact our ability to use Brex?

Operating in an industry listed on the Restricted Activities List does not, by itself, disqualify a customer from using Brex. Brex performs some additional review of these customers during onboarding and periodically thereafter. This review typically checks on the customer’s business and its beneficial owners/controlling officers along with verification of supporting information provided.

Will I need to provide any personal information?

Unless you are opening an account on behalf of a public company, you will also need to provide the following for one controlling officer (e.g., Chief Executive Officer, Chief Financial Officer, etc.) and for every beneficial owner (every individual who owns 25% or more):

  • Full legal name
  • Date of birth
  • Physical address (a residential or business street address)
  • Taxpayer identification number (e.g., Social Security Number (SSN) for US citizens, passport number and country of issuance)

Individuals applying on behalf of Customers (“Applicants”), along with those who will either transact or approve transactions on behalf of the company (such as Administrators), will also be asked to provide the information listed above. However, these individuals can provide a passport number or driver’s license number, instead of an SSN.

Can Brex support companies outside the US?

Currently, Brex only enters into order forms for services with US businesses. As explained in our terms, to submit an application for a Brex account, you must be:

  • A business entity (e.g., C-corp, S-corp, LLC, LLP)
  • Duly organized and registered in the US
  • In good standing under the laws of the US
  • With a valid US Employer Identification Number (EIN)

However, Brex is a global platform and offers “multi-entity” — a set of features available to paid customers enabling them to manage and track spending across multiple legal entities (subsidiaries). The feature is designed for companies with multiple entities/subsidiaries in the US or around the world who want to manage all their expenses in one place.

Why do we collect information on the entities a customer adds to its multi-entity account?

As discussed above, Brex is required to understand the nature and purpose of its customers' accounts. Brex is required to update and maintain this information on an ongoing basis, so that it can fulfill its regulatory obligations.

We collect additional information on the entities a customer adds to its account because adding entities can change the nature and purpose of that customer’s account and because it allows us to make sure we're not providing financial services to entities on certain government lists.

We may go through a change of control, can Brex agree to assignment without consent?

No. As discussed above, Brex must perform diligence via KYC (know your customer) review. Thus, we cannot permit assignment without consent, as diligence and approval requirements will apply to any customer successor entity.

Terms and conditions

Where can I see relevant terms and conditions?

Relevant terms and conditions are available throughout our website and application. Our platform agreement and many other service-specific terms can be found at brex.com/legal. Our card terms can be found at brex.com/legal/card, our payment agreement can be found at brex.com/legal/payments-agreement, and our Brex business account agreement can be found at brex.com/legal/product-terms/treasury/agreement.

How will we receive notice if there is an update to terms and conditions?

If any updates to our terms materially reduce customers’ rights or increase their responsibilities, Brex will provide at least 30 days’ advance email notice of the updates. This email notice will be sent to the email address(es) that we have on file for the administrator(s) of your Brex account.

Can you provide us with a document of the Platform Agreement?

Brex does not issue editable copies of the Platform Agreement or its other online terms. Brex needs to be able to update the Platform Agreement and other online terms to support compliance with evolving financial regulatory requirements and the launch of new products and features — to have those updates apply uniformly to all customers. If a deal is eligible for negotiation, any additional legal terms and conditions will be set forth in the order form for the services you receive from Brex.

Trust and safety

Where can I find out about data security at Brex?

We encourage you to visit our Security Center at https://www.brex.com/trust to learn more about how Brex protects your data and keeps your enterprise safe. Brex is SOC 2 Type II compliant. You can request that and other security documentation at https://trust-portal.brex.com/.

Does Brex have a Data Processing Addendum?

Yes, Brex values the confidentiality, integrity, and security of our customer’s data. Brex’s standard DPA is included by default for all customers as part of the Platform Agreement. It is designed to meet the requirements of applicable data protection laws and standards and is publicly available here. If you’d like to review the security annex referenced in our DPA, this can be found at https://trust-portal.brex.com/.

Can you provide a list of the subprocessors used by Brex?

Yes, Brex’s current subprocessor list is available at Trust-portal.brex.com/subprocessors

What’s Brex’s position on AI?

Brex aims to employ AI where it will have the greatest benefit to our customers — in terms of increasing their efficiency, productivity, and accuracy. We also believe that while AI can be a true game changer, it requires a thoughtful, measured approach. Learn more in our white paper, Risk considerations and guidelines for artificial intelligence, especially the section on how Brex mitigates risk.

How does Brex protect its platform from being misused to facilitate financial crimes?

Brex is committed to conducting business in accordance with the highest ethical standards and in full compliance with all financial crime laws and regulations that apply to our business in order to:

  • Protect our customers, business partners, and platform; and
  • Support law enforcement in the prevention of financial crime.

Brex establishes risk-based compliance policies and programs for the following key financial crimes risk areas:

  • Anti-money laundering (including terrorist and proliferation financing)
  • Anti-fraud
  • Sanctions
  • Anti-bribery and corruption

Brex’s financial crimes compliance policies and programs apply across all of Brex’s operations, employees — including contractors and contingent workers —and in all locations within which Brex operates to protect our services from being misused by bad actors. Brex’s Financial Crimes Compliance Statement is available at brex.com/legal/financial-crimes-compliance-statement.