Finnish signatory check: now live in production

The Finnish signatory check is now live on secure.maventa.com for Finnish companies registered through the Maventa UI. The signature still has to come from a person with the legal right to represent the company (nimenkirjoitusoikeus) — what changes is how that person reaches the signing step. The wizard now collects the signatory’s email, verifies their signing authority against the Finnish business register before any signature is collected, and routes them through Visma Sign for strong authentication. Joint signing authority is supported — the company is verified once all required signatories have signed.

What changes for Finnish UI registrations

• The admin no longer signs the Maventa Terms of Service. Instead, they enter the signatory’s email address and the wizard sends a personal invitation link.
• The signatory’s signing authority is verified against the Finnish business register before they are asked to sign. Signatories without signing rights are rejected before any signature is collected.
• Joint signing authority (nimenkirjoitusoikeus yhdessä) is handled natively. The wizard reports a partial-authority result after the first signatory signs and prompts the admin to invite the next signatory; the company is verified once all required distinct signatories have signed.

How it works

The flow happens in two phases:

1. Admin phase — the admin opens the registration wizard for a Finnish company, enters the signatory’s email, and sends the invitation. The admin can close the tab and move on.
2. Signatory phase — the signatory opens the invitation link on their own device, agrees to the privacy statement, enters their personal identity code (henkilötunnus), and picks their bank. If authority is confirmed, the signatory is redirected to Visma Sign for strong authentication and signs the Maventa Terms of Service.

The invitation link is valid for 7 days. Once the signatory opens the link and starts signing, the window narrows to 15 minutes so they finish in one sitting. After signing, the company’s company_state updates to verified (1) automatically — no API status poll is needed.

Gradual rollout

The new flow is being rolled out gradually. Each Finnish company is assigned to either the new flow or the existing Visma Sign authentication process based on a stable per-company bucket, so a given company will consistently see one flow or the other across registration attempts. The proportion of companies routed to the new flow will increase over the coming weeks.

If you are integration-testing against a specific Finnish customer and they are not yet seeing the invitation-based UI, that company is still on the existing Visma Sign authentication process for now. The stage environment at testing.maventa.com always uses the new flow, so you can preview it there regardless of the production bucket.

What stays the same

• API-driven authorisation continues to work as before for any country. Calls to POST /v1/company/authorization and POST /v1/companies/authorizations are unchanged.
• UI registrations for other countries (Sweden, Norway, Denmark, the Netherlands) continue to use the existing Visma Sign authentication process.
• Partner’s own customer authentication process is unchanged.

Try it on stage

The stage environment at testing.maventa.com mocks both the Finnish business register lookup and the Visma Sign signing service by default, so you can click through the full flow without real personal identity codes or real bank authentication. See Stage environment for the Finnish signatory check in the integration guide for the test henkilötunnus values and a joint-authority walkthrough.

Learn more

For the full description of the Finnish signatory check — the three authority outcomes, the invitation timing, and the differences from the Visma Sign authentication process — see Companies and Settings in the integration guide.