Help Center/Team & roles

Team & roles

In brief: Invite users, set roles, appoint your MLRO.

How to invite colleagues to your firm workspace and what each role can do. The role you pick determines what a user sees, what they can change, and whether they count as the firm's MLRO for audit purposes.

Where to find it

Sidebar → Settings → Team, or the standalone Team page if you've enabled the legacy view.

Roles

RoleCan do
OwnerEverything. Billing, branding, deleting the firm.
ManagerDay-to-day admin — invite team, edit settings, action MLRO queue. Can be appointed MLRO / Deputy MLRO.
Compliance officerAction MLRO queue items, run AML screens, sign off cases. Cannot edit billing.
StaffOperate on client files (upload docs, request verification), view dashboards. Cannot edit settings.
AuditorRead-only across the entire firm. Useful for external auditors and inspections.

A user has exactly one role per firm. To change it, click their row → Change role.

Inviting someone

Invite member → email + role. They get an invite link valid for 7 days. When they accept they hit /auth/accept-invite?token=…, set a password, and land on your firm's dashboard.

Invites are tied to email — if the user already has a Certivus account with that address, they're added directly.

Appointing the MLRO

MLR 2017 reg 21 requires you to nominate an MLRO and (for larger firms) a Deputy. Use Settings → AML Compliance → MLRO appointments to record who currently holds each role. The active appointment shows on the compliance pack, the annual MLRO report, and the firm-wide audit log.

The MLRO must be a registered user in your firm — they don't have to be the owner.

Removing access

Remove from firm revokes the user's access immediately and logs the event in the audit log. Their historical actions (signed-off cases, audit log entries) stay attributed to them — you're auditing what they did, not whether they still work for you.

Related

Didn't find what you needed?

Contact support