Direct API integrations with national company registers across the EU/EEA

Regulatory backbone Built on the EU Data Act and interoperable public-sector data

Cross-border company formation only works if the data we rely on is authoritative. Under the EU Data Act (Regulation (EU) 2023/2854), the Single Digital Gateway Regulation ((EU) 2018/1724) and the eIDAS-EEA framework, public-sector data on legal entities must be made available through interoperable, machine-readable APIs. We have built our onboarding platform on top of that principle: instead of asking founders to upload PDFs and re-typing fields by hand, we go straight to the national register that holds the legal truth about the company.

Interoperability is not a feature we add on top of the service — it is the foundation the entire service is built on. Every country we serve has a public, authoritative business register. The EU Data Act is what turns those registers into a single, machine-readable layer that a trust-service provider like us is allowed to query in real time on behalf of a client.

Direct API integrations The national company registers we connect to

For every entity we onboard — a Danish ApS, a Swedish AB, a Norwegian AS, a German GmbH, an Estonian OÜ — we query the relevant authoritative register at the moment of registration. We retrieve the legal name, organisation number, registered address, signatory powers, status (active, dissolved, under bankruptcy) and, where the register exposes it, the chain of ownership. Nothing is taken on trust from a user-submitted form.

• Denmark — Erhvervsstyrelsen (CVR API)
• Sweden — Bolagsverket
• Norway — Brønnøysundregistrene (Enhetsregisteret)
• Finland — PRH / YTJ — Business Information System
• Germany — Handelsregister via Bundesanzeiger
• Iceland — Skatturinn — Fyrirtækjaskrá
• Estonia — Äriregister (RIK)
• France — Registre National des Entreprises (RNE) / Infogreffe
• Ireland — Companies Registration Office (CRO)
• Poland — Krajowy Rejestr Sądowy (KRS)
• Belgium — Kruispuntbank van Ondernemingen (KBO/BCE)
• Lithuania — Registrų centras
• Latvia — Uzņēmumu reģistrs
• United Kingdom — Companies House

Each of these registers is the legally designated source of truth in its own jurisdiction. By integrating with them directly rather than through a re-seller of cached data, we make sure that the picture we present to the bank, the auditor and the regulator is the same picture the national authority itself would show — down to the minute the query was made.

Trust by design Registry data reconciled with eIDAS-notified UBO identity

Each API call is logged, signed and time-stamped, and the resulting record is stored as evidence in the audit trail of the onboarding case. The legal-entity data returned by the register is treated as the source of truth and reconciled with the eIDAS-notified identity of every Ultimate Beneficial Owner. Registry data on the company side, national eID on the person side — that dual-track interoperability is what makes cross-border onboarding both fast for the client and legally defensible for the regulator, the bank and the auditor that will look at the file afterwards.

The eID side of that equation — Danish MitID, Norwegian BankID, Swedish BankID, German Personalausweis via AusweisApp and the Finnish Trust Network, all brokered through Idura Verify — is documented in detail on our Trust Services page.

End-to-end What this means in practice for a client onboarding

When a founder starts a registration on registercompany.no, the platform identifies the relevant jurisdiction and queries the national register in real time. If the founder is already a director or signatory of an existing company in that register, the data is pulled in pre-filled and locked to the value the register itself returns. If a new entity is being formed, the register is queried again at the moment of incorporation to confirm that the legal name is available, that the chosen organisation form is valid, and that the signatories have the powers we record in the share register and the board minutes.

The same interoperability layer is what lets us file the final registration electronically with Brønnøysundregistrene for a Norwegian AS or NUF, or with the equivalent authority in the founder's home country when we set up a parent or sister entity abroad. One platform, one audit trail, one source of truth per jurisdiction — connected through APIs the EU Data Act, the Single Digital Gateway Regulation and the eIDAS framework were designed to enable.

Circular by design Data re-use, less friction, fewer human errors

Once we have pulled an authoritative record from a national company register and reconciled it against an eIDAS-notified identity, that same dataset is re-used across every downstream document we generate for the client — nothing is typed twice. The verified company name, registration number, registered address, share capital, directors and ultimate beneficial owners flow straight into the Samordnet registermelding submitted to Brønnøysundregistrene, into the articles of association (vedtekter), into the share register (aksjeeierbok) and into the board minutes that establish the Norwegian AS or NUF. The same canonical record is also mirrored back into the founder’s home-jurisdiction filings where a parent, branch or sister entity needs to be updated.

This circular re-use is what makes the platform feel effortless to the founder and bullet-proof to the regulator at the same time. Every field on every form can be traced back, click by click, to the exact API response and the exact eIDAS-signed identity assertion it came from. No one on our team re-types a passport number, a company number or an address into a Norwegian form — the system does it, the audit trail records it, and the founder signs once.

How this differs from the traditional, manual approach. Most cross-border formation providers still re-key data from PDFs and screenshots into the Norwegian forms by hand. That manual step is the single biggest source of friction and rejection in the entire process:

• Typos and transliteration errors in names, addresses and registration numbers — especially across Latin, Nordic and Baltic character sets — that cause Brønnøysundregistrene to reject the filing or flag a discrepancy with the passport.
• Mismatches between passport, home-country register and Norwegian filing that block BankID activation, bank account opening and Skatteetaten enrolment until they are reconciled by email, often across several time zones.
• Stale data — a director or address changed in the home register the day before submission, but the manual operator typed in last week’s value from an old PDF.
• Missing fields and silent omissions on the Samordnet registermelding because a human checklist was skipped under time pressure.
• No audit trail back to a verifiable source — only an operator’s word that “this is what was on the PDF”.

Because our pipeline pulls live from the authoritative register and re-uses that exact payload everywhere downstream, those failure modes simply cannot occur. The result for the founder is a faster, calmer onboarding; for Brønnøysundregistrene and the banks we file into, it is a clean, machine-verifiable submission backed by an eIDAS signature; and for us, it is a structurally lower cost-to-serve that we can pass back as transparent pricing instead of hourly re-work.

That is the difference between a service built on top of the EU Data Act and the Single Digital Gateway Regulation, and a service that merely files paperwork in front of them.