About Organizations

You need a KYB-verified corporate Kraken account to create an Organization. Personal Kraken accounts are not eligible.

Only the account holder who completed business verification can create an Organization. After creation, this person becomes the Organization Owner.

You cannot undo Organization creation through self-service. After an Organization is created, reversing it requires manual support.

Note: Organizations is currently in Beta. Some capabilities may have limitations. See Beta limitations for details.

Organizations lets institutional clients manage team access and require approvals for sensitive actions across shared accounts.

• Invite team members to your Organization
• Assign permissions by workflow and account
• Require approvals for sensitive actions like withdrawals, address changes, and permission updates
• Apply shared security controls such as 2FA and session timeout
• Introduce governance incrementally — start fast, tighten later

Organization Owner — The account holder who created the Organization. The Owner starts with full administrative permissions and is responsible for setting up access and governance for the team. There is no co-owner role.

Member — A person invited to the Organization with specific permissions. Members sign in with their own Kraken credentials and must comply with the Organization Sign-in 2FA policy.

Service User — An API-only operator created within the Organization. Service Users authenticate with API key credentials and can initiate requests, but cannot approve them or sign in to the UI. See Service Users for details.

Organization — The top-level container that groups Members, accounts, and governance under a single structure.

Account — A unit with segregated balances used for trading and funding. Permissions are granted per account — access to one account does not carry over to another. Multi-account trading is planned for a future release.

Permission — A grant that defines what a Member or Service User can do. Permissions are additive: users start with no access and must be granted each permission individually. See Permissions and workflows for the full reference.

Workflow — A group of related operations that share the same permission model and policy configuration. Organizations has four workflows: Initiate Withdrawal, Manage Addresses, Manage Access, and Manage Policies.

Operation — A specific action within a workflow. For example, "Create a crypto withdrawal" is an operation in the Initiate Withdrawal workflow.

Policy — The governance configuration for a workflow. A policy defines how many approvals are required and whether actions can be completed immediately by a subset of users. See Policies, approvals, and governance for details.

Request — A unit of work created when a Member or Service User initiates an action on a governed workflow. Requests are either completed immediately (when permitted by the policy) or placed in the approval queue for review.

Execute — A permission that allows a Member to complete actions without waiting for approval, when the workflow policy permits it. When "Always require approval" is ON, Execute has no effect.

Policy lock — A governance control that prevents any single person from changing a workflow's policy. Future changes require an independent approval and depend on approver coverage remaining available.

Separation of duties — The rule that a Member cannot approve their own request. Enforced by the system and not overridable.

• Members cannot approve their own requests. Enforced by the system and not overridable.
• Permissions are additive. Members start with no access and must be granted each permission individually.
• Whether an action completes immediately or requires approval depends on both the Member's permissions and the workflow's policy. See Permissions and workflows.
• Locked policies cannot be changed without independent approval — including by the Owner.
• Organization Sign-in 2FA is required. The policy is set at creation and applies to all current and future Members.
• Idle sessions expire and require re-authentication.

Organizations is currently in Beta. Key limitations:

• Only single-account mode is available — multi-account trading is not yet supported

• Some platform operations remain Owner-only (Futures, OTC, Convert, Custody)

• Client-facing audit logs are not yet available

• Custom roles cannot be saved and reused

• Email confirmation for immediate address changes is sent to the Owner, not the request creator

• Some operations may differ between UI and API during Beta

See Beta limitations for the full list.

Organizations groups actions into four workflow areas. Each workflow has its own permissions and policy settings.

Ready to set up your Organization? See Create an Organization for the full creation walkthrough and first steps — including how to invite Members, assign permissions, configure approval policies, and lock governance when you are ready.