Select fields in the Modern Treasury API contain sensitive information, such as bank account numbers (
account_number). Modern Treasury provides a setting on the Organization Settings page that controls whether these fields appear in API responses and webhook event bodies.
When the setting is enabled, sensitive fields do not appear in API responses, webhook event bodies, and data warehouse integrations. Modern Treasury encourages customers to enable the setting unless it is necessary to ingest particular sensitive fields described below. Please be careful when changing the setting, as it can affect your integration or security posture.
The following fields are impacted by this setting. Bank account numbers are the primary concern, and they are nested in many objects. A new field,
account_number_safe, which contains the last four digits of the bank account number, has been introduced for use in workflows. Other fields redacted are passed along from banking partners and may contain sensitive information.
|API Resource||Fields||Description||Other Affected Objects|
|Account Details||Bank account numbers are sensitive information.||Counterparties, External Accounts, Incoming Payment Details, Internal Accounts, Paper Items, Payment Orders, Virtual Accounts|
|Incoming Payment Details||This field contains raw data from banking partners and may contain bank account numbers or other sensitive information.|
|Returns||This field contains raw data from banking partners and may contain bank account numbers or other sensitive information.||Payment Orders|
|Transactions||This field contains raw data from banking partners and may contain bank account numbers or other sensitive information.|
|Transaction Line Items|