Company Legitimacy Verification Process in the Philippines

A practical legal article and due-diligence guide for verifying whether a Philippine business is real, properly registered, authorized to operate, and compliant enough for you to transact with confidence.

I. Why “legitimacy verification” matters in Philippine transactions

In the Philippines, a “company” can look legitimate online while being:

  • Unregistered (no legal personality to contract, sue, or be sued as a company),
  • Registered but not authorized to do business (missing local permits or sector licenses),
  • Using a different name (trade name vs. registered entity name mismatch),
  • Expired/struck off/suspended (SEC status issues),
  • A real entity being impersonated (fraudsters using a real company’s details),
  • Noncompliant (tax, labor, or regulatory noncompliance that can become your risk).

Verification is not one step; it is a layered due diligence process: confirm identity → confirm authority → confirm compliance → confirm capacity and integrity → confirm ongoing status.

II. Know what you’re verifying: entity types and what “legitimate” means

A. Common Philippine business forms

  1. Sole Proprietorship

    • Registered primarily through the DTI (business name registration).
    • Legally, the “business” is the person; liability is personal.

  2. Partnership

    • Registered with the SEC.
    • Has a juridical personality separate from partners (with important partnership-law nuances).

  3. Corporation (stock or nonstock)

    • Registered with the SEC.
    • Has separate juridical personality; can enter contracts in its corporate name.

  4. Cooperative

    • Registered with the CDA (Cooperative Development Authority).
    • Governed by cooperative laws and CDA regulations.

  5. Foreign corporation (branch office, representative office, ROHQ/RHQ, etc.)

    • Must be registered/authorized by the SEC and meet PH requirements.

B. “Legitimacy” has multiple legal dimensions

A business may be:

  • Validly created/registered (existence),
  • In good standing (status),
  • Authorized to operate (local permits),
  • Authorized for its industry (special licenses),
  • Tax-registered and issuing valid invoices/receipts (BIR compliance),
  • Properly represented (signatories have authority),
  • Not prohibited or restricted (constitutional/statutory limits, negative lists, nationality restrictions),
  • Not a front for fraud (beneficial ownership and KYC concerns).

III. The Philippine legitimacy verification “stack” (the big picture)

Think of verification in layers:

  1. Identity & existence

    • DTI/SEC/CDA registration; correct legal name; registration numbers; entity status.

  2. Authority to do business (operate)

    • Mayor’s/Business Permit, Barangay Clearance, other LGU registrations.

  3. Tax identity & invoicing capacity

    • BIR registration, authority to print or use e-invoicing (as applicable), VAT status, withholding setup (as relevant).

  4. Regulatory licensing (if regulated)

    • BSP/Insurance Commission/HLURB–DHSUD/DOH/FDA/DOE/LTO/NTC/PRC/PCAB/POEA–DMW etc. depending on sector.

  5. Capacity, solvency, and integrity

    • Financial statements, track record, litigation exposure, AML/KYC red flags, adverse media checks (if you choose).

  6. Representation & contracting authority

    • Board resolutions/Secretary’s Certificate/Special Power of Attorney; signing rules.

IV. Step-by-step process: verifying a Philippine company (practical legal workflow)

Step 1: Collect baseline identifiers from the counterparty (minimum data set)

Ask for:

  • Exact legal name (not just trade name),
  • DTI/SEC/CDA registration number and registration date,
  • Principal office address and business addresses,
  • TIN (Tax Identification Number) and BIR registration details,
  • Names and positions of authorized signatories,
  • Nature of business / primary purpose (important for license checks).

Red flag: reluctance to provide basic identifiers, or inconsistencies across documents.

Step 2: Verify existence and registration with the correct agency

A. If the entity claims to be a corporation/partnership

Primary registry: SEC What you verify:

  • Articles of Incorporation / Partnership (entity name, purpose, incorporators/partners, capital structure),
  • SEC Registration Certificate,
  • Current status (active, dissolved, revoked, suspended, delinquent, etc.),
  • SEC filings (e.g., GIS for corporations, if applicable).

Best practice: obtain certified true copies or official certifications when stakes are high.

B. If the entity claims to be a sole proprietorship

Primary registry: DTI What you verify:

  • DTI Business Name Certificate and validity/coverage,
  • Remember: DTI registration is business name registration, not a separate legal person.

C. If it is a cooperative

Primary registry: CDA What you verify:

  • CDA Certificate of Registration,
  • Cooperative’s good standing and authorized officers (co-ops have specific governance rules).

Step 3: Confirm the name you are contracting with (legal name vs. trade name)

In the Philippines, businesses often use:

  • Registered corporate name (legal contracting name),
  • Trade name / “doing business as” name (brand),
  • Secondary business names (for some entities).

Rule of thumb: Your contract, invoices, and payment instructions should match the legal name and the correct registered address, unless you deliberately structure otherwise.

Red flags:

  • Contract name differs from SEC name by more than minor punctuation,
  • Bank account name doesn’t match the contracting entity,
  • Email domains and signatories don’t correspond to the entity.

Step 4: Verify authority to operate locally (LGU permits)

In the Philippines, even a properly registered entity usually needs local authority to operate at each location.

Typical documents:

  • Mayor’s / Business Permit (city/municipality),
  • Barangay Clearance,
  • Often: zoning/location clearances, sanitary permits, fire safety inspection certificate (FSIC) or related requirements depending on LGU practice and business type.

What you check:

  • Permit covers the correct business name, address, and year validity,
  • Nature of business matches what they’re doing with you,
  • For multi-branch operations: permits should align with branch locations.

Red flag: “We’re registered with SEC so we don’t need permits.” (Usually incorrect in practice.)

Step 5: Verify tax registration and invoicing legitimacy (BIR)

BIR compliance is central if you will:

  • Pay them as supplier/contractor,
  • Require valid official invoices/receipts,
  • Withhold taxes,
  • Claim input VAT (if applicable).

What you typically request:

  • BIR Certificate of Registration (COR) (often shows registered tax type obligations),
  • Proof of registered invoices/receipts (and invoicing system details),
  • VAT status if relevant (VAT-registered vs. non-VAT),
  • Registration of books of accounts / invoicing authority (format varies as systems modernize).

Practical checks:

  • Does the supplier issue proper invoices consistent with their registration details?
  • Do invoice details match the COR (name, address, TIN)?
  • Are withholding requirements understood and accepted?

Red flags:

  • They insist on “acknowledgment receipts” instead of official invoices,
  • They request payment to a personal account while invoicing under a corporation,
  • Their invoice name/TIN/address doesn’t match their registration.

Step 6: Confirm the person signing has authority (representation & capacity)

A valid entity can still bind you to a bad deal if you sign with someone without authority.

Common authority documents:

  • Secretary’s Certificate (corporations) approving the transaction and naming authorized signatories,
  • Board Resolution (sometimes attached/quoted in Secretary’s Certificate),
  • Special Power of Attorney (for individuals or when authority is delegated),
  • Partnership authorization (depending on partnership agreement/rules),
  • For cooperatives: authority documents consistent with co-op governance.

What you verify:

  • The signatory’s name and title match,
  • The authority covers the specific transaction (type, counterparties, amounts/limits),
  • Signatory rules (sole signatory vs. joint signatures).

Red flags:

  • “Authorized representative” cannot produce any resolution/certificate,
  • Authority document is undated, unsigned, or inconsistent with corporate officers.

Step 7: Determine whether the business is in a regulated industry (and verify licenses)

Many industries require special authority beyond SEC/DTI/CDA + permits. Examples include (non-exhaustive):

  • Banking, e-money, lending, payment services → typically BSP licensing/registration considerations,
  • Insurance and intermediaries → Insurance Commission,
  • Securities, brokers, investment solicitation → SEC secondary licenses/registrations,
  • Recruitment/overseas employment → DMW (formerly POEA) licensing,
  • Construction contracting → PCAB license (contractors),
  • Real estate development/brokerage → DHSUD and PRC-related requirements,
  • Food, drugs, cosmetics, medical devices → FDA authorizations,
  • Telecom/radio → NTC,
  • Energy (generation, supply, retail electricity, etc.) → DOE/ERC contexts,
  • Transportation → LTFRB/LTO/CAAP/MARINA depending on mode,
  • Security agencies → PNP–SOSIA,
  • Pawnshops/remittance → sector-specific registrations.

Method: map their claimed activity to the relevant regulator, then require the relevant license/registration, and check whether it covers:

  • The correct legal entity name,
  • The correct scope (products/services),
  • Valid dates and conditions.

Red flag: “We’re covered under a partner’s license” (sometimes possible via lawful subcontracting/agency; often misused as a cover).

Step 8: Verify “good standing” and ongoing compliance signals (higher-stakes deals)

For medium to high-value transactions, add:

  • General Information Sheet (GIS) (for corporations required to file; helps confirm directors/officers and sometimes ownership),
  • Audited Financial Statements (if available/required; validates solvency and operations),
  • Disclosure of beneficial ownership (as part of KYC/AML practices),
  • Proof of SSS/PhilHealth/Pag-IBIG registration (if they have employees; relevant for labor compliance risk and contracting standards),
  • Bank certification (for capacity and account name matching),
  • Customer references / project portfolio (commercial validation).

V. Enhanced due diligence: common Philippine fraud patterns and how to counter them

1) “Real company, fake representative” impersonation

Scammer uses a real SEC-registered company’s name but different email/number/bank account.

Countermeasures

  • Independently obtain official contact channels (not just what the sender provides),
  • Require authority documents and verify signatory identity,
  • Cross-check bank account name vs legal entity.

2) “DTI-registered therefore corporation” confusion

A sole proprietor presents DTI papers implying corporate status.

Countermeasures

  • Confirm entity type and insist contracts reflect the correct legal person (individual owner vs corporation).

3) Permit laundering / outdated permits

Old mayor’s permit reused, or permit for another branch/address.

Countermeasures

  • Check year validity and exact address; require current-year permit for operating site.

4) Invoice workarounds

Supplier avoids official invoices to evade taxes.

Countermeasures

  • Make invoice issuance a condition precedent to payment; align withholding requirements.

VI. Practical checklists (copy/paste)

A. Quick verification checklist (low to medium risk)

  • Legal name and entity type confirmed (SEC/DTI/CDA)
  • Registration certificate and number provided
  • Status appears active/in good standing (as evidenced by official documents/certifications)
  • Mayor’s/Business Permit and Barangay Clearance valid for current year and correct address
  • BIR COR matches legal name/address/TIN and invoice details
  • Payment account name matches entity
  • Authorized signatory proven (Secretary’s Certificate / SPA)
  • If regulated: license exists and covers scope

B. Higher-stakes checklist (add-ons)

  • GIS / list of directors/officers consistent with signatories
  • Audited FS and/or bank reference
  • Beneficial ownership/KYC disclosures obtained (as policy requires)
  • Compliance proofs (SSS/PhilHealth/Pag-IBIG) for labor-sensitive engagements
  • Dispute/litigation disclosures and warranties in contract
  • Data privacy and cybersecurity posture (if personal data involved)

VII. Contractual protections to pair with verification (Philippine practice)

Even after verification, protect yourself through contract design:

Core clauses

  • Representations and warranties: valid existence, authority, licenses, tax compliance, no violation of law
  • Conditions precedent: delivery of permits, COR, licenses, authority documents
  • Indemnities: third-party claims, regulatory penalties due to counterparty noncompliance
  • Audit/inspection rights (for vendors and service providers)
  • Termination rights for loss of license, fraud, or material misrepresentation
  • Payment controls: milestone-based, invoice-based, withholding compliance
  • Anti-bribery and compliance undertakings (important for government-facing projects)

VIII. Common misunderstandings in PH verification

  • “SEC registration = allowed to operate anywhere.” SEC registration creates/recognizes the entity; LGU permits usually still required per location.

  • “DTI registration proves the business is a separate legal entity.” DTI business name registration does not create a corporation; the owner is personally liable.

  • “Having a TIN means they can issue valid invoices.” TIN is not the same as proper BIR registration and compliant invoicing.

  • “Any manager can sign.” Authority depends on corporate approvals and signatory rules; insist on proof.

IX. Recommended verification approach by transaction type

1) One-off purchase (small)

Focus on: identity, invoicing legitimacy, payment account matching, basic permits.

2) Services engagement (consultant/vendor)

Add: signatory authority, COR + withholding clarity, basic compliance warranties.

3) Long-term supply, franchising, distributorship

Add: status/good standing, audited FS, stronger contractual protections, regulatory licenses.

4) Investments, acquisitions, joint ventures

Full legal due diligence: corporate records, title/asset checks, regulatory consents, employment and tax, litigation exposure, beneficial ownership, material contracts, IP, data privacy.

X. A simple “decision tree” you can apply

  1. What type of entity is it? (SEC/DTI/CDA)
  2. Is it active/in good standing?
  3. Does it have authority to operate where it operates? (LGU permits)
  4. Can it invoice properly and is it tax-registered? (BIR)
  5. Is it regulated for what it does? (sector licenses)
  6. Is the signer authorized? (board/SPA)
  7. Do risk signals require enhanced checks? (ownership, FS, KYC, integrity)
  8. Do contracts allocate the remaining risks?

XI. Final notes and limitations

  • Verification is context-driven: the stricter the regulatory environment and the larger the money/reputation risk, the deeper the diligence.
  • The Philippines has multiple registries and layers of authority; “legitimacy” is not a single certificate.
  • This article is general information, not legal advice; for high-stakes transactions, tailor the diligence and documentation to the deal structure and the counterparty’s industry.

If you tell me the kind of company you’re verifying (e.g., corporation supplier, contractor, lending company, recruiter, real estate developer) and the type of transaction (purchase, services, partnership, investment), I can give you a tighter, sector-specific checklist and the exact documents to demand.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login