XTRM is a global multi-tenant payment system. This means we have one organization account (Prime Entity) for a company worldwide with separate entities for regional subsidiaries, or any legal entity owned by the organization. The regional user admins can create and separately manage their own entity profile, users, wallets, and role-based access as needed for their local requirements.


To Summarize:


  • Only one org acct (Prime Entity) is needed for your company globally. 
  • You can set up as many regional entities within the organization as you like.
  • You can add as many single entity and multi-entity regional users as you like.
  • Wallet and service access are strictly controlled via security roles and settings.
  • Existing master, controller, or manager admin users can add new regional users. More Info


Master Admin Consideration:


One designated person, typically with signatory authority, is designated the "Master Admin" and should register the Org Acct. (Prime Entity)  with the company headquarters details, i.e. register ACME Inc HQ. and associated address (Not ACME Region 1 or ACME Region 2). If you are a company regional office, you will need to register your Org Acct (Prime Entity) first. This can be done at www.xtrm.com - choose company registration. If an Org account (Prime entity) already exists, you will be notified and asked to contact the existing admins to add you as an admin for your region. 


When considering who is to be the master admin for your company account, since XTRM is a financial service account regulated in the same way as a bank, we recommend you choose someone with financial signatory approval for your company. This is often someone in the exec team, treasury  or finance group. This person is not solely responsible for managing the account but can delegate responsibility to regional entity managers (controller, manager, and standard users).


Entities, user roles and access levels handle the separation of access to wallets and funds. Regional entities can have specific access to regional entity wallets and functions. It is identical to separate accounts from a compliance and security perspective but provides global account compliance  and consolidated reconciliation reporting. It also simplifies onboarding times and ensures more accurate and faster payments whilst ensuring only the right people access the right wallets, funds and services.


Some key terms:


Term
Description
Identifier
#
Organization (Prime Entity)This is your prime entity, typically your HQ.  It has a unique Organization ID (OID) - the format is SPNXXXXXXXX. There is just one ORG account (Prime Entity) globally with multiple regional entities below the org account. 
SPN Prefix + 7 Numbers
SPN1234567
1
EntitiesThese are the local country or regional entities. An example of a regional entity is ACME France or ACME EMEA. (An example of an ORG would be ACME HQ). Entities can also be legally seperate companies or member firms rolling up into one organization.
Name

Acme France

Any
WalletsWithin an entity account, you can have as many currency wallets as you like. Wallets are assigned to entities and can only be seen by users with access to the wallet entity.
Unique Number
12345678910
Any
UsersAny person that has access to your company account. Users can have different roles such as maser admin, controller admin, manager admin or standard admin.
PAT Prefix + 7 Numbers
PAT1234567
Any
Master AdminThis is the key global contact. There is one master admin per global Org account. This person should typically be a person in finance or treasury with company signatory authority. This person has full access to all services. Admins have unique account IDs (AID) starting with SPAXXXXXXX.
SPA Prefix + 7 Numbers
SPA1234567

1
Controller Admin (NEW)These are multi-regional or entity administrators responsible for one or more regions or entities. There can be any number of controller admins. These admins can manage other "Controller", "Manager" or "Standard" admins for only the regions they control plus manage wallets and service access for all the admins within their regions. Admins have unique account IDs (AID) starting with SPAXXXXXXX. 
SPA Prefix + 7 Numbers
SPA1234567

Any
Manager AdminThese are regional administrators responsible for one region or entity.  For example, they are responsible for one country or one entity. There can be any number of manager admins. These also have full access to all wallets and services within their entity and can create and manage standard admins within their entity. Admins have unique account IDs (AID) starting with SPAXXXXXXX.
SPA Prefix + 7 Numbers
SPA1234567

Any
Standard AdminThese are your regional program and wallet administrators. There can be any number of standard admins. Very granular access can be set to these admin types. Admins have unique account IDs (AID) starting with SPAXXXXXXX. See below.
SPA Prefix + 7 Numbers
SPA1234567

Any




✓ = Yes    X = No   O=Optional (Access Level Setting)


4 User Levels:
Master Admin
Controller
Manager StandardSuspended
Typical RoleSenior Finance/Treasury
Multi Region, Multi Entity Finance/Treasury Head
Single Regional Finance, Department HeadDepartment Manager (Most common)N/A
Number Allowable1Any numberAny numberAny numberAny Number
Entity Control
Multi
MultiSingleSingleX
Log in to Company Account
X
Delete Admins
✓ 
XXX
Manage Multi RegionsXXX
Create Admins✓ XX
Suspend AdminsXX
Set Admin Access Levels✓.XX
Send Password Reset EmailsXX
Fund WalletsOX
Send FundsOX
Transfer Funds (withdraw)OX
Currency ExchangeOX
Create ProgramsOX
Link BanksOX
Create Edit ClaimsOX
Create Edit BeneficiariesOX
Create Edit Connected OX
Create Edit WalletsOX
View ClaimsOX
View ReportsOX
View BeneficiariesOX
View ConnectedOX
View WalletsOX


There are 4 template levels of access. 


Level
Access
FullFull access to all features

Custom

Custom access to features
ViewView-only access to wallets and features
LimitedLimited access to basic features



A master, controller or manager admin can edit any users that are within entities they manage and are of a lower level by click on the Set Custom Access button to set custom access levels.




They are then taken to the screen to set custom access levels: