Bookkeeper requests the link
From inside TreasuryFlow, the bookkeeper (or any teammate) sends the owner a connect link by email: the "invite the person who manages your bank access" flow.
Never share your banking password with anyone, including your bookkeeper. Every major bank has an official way to grant a second person their own login, with its own permissions, that you can revoke any time. Here is the exact path at each one.
Every major bank's online banking agreement requires you to keep your credentials confidential. When you hand your password to a bookkeeper, two things happen quietly:
A bank-issued delegate login solves both. The bookkeeper gets their own username, their own password, and only the permissions you grant. Fraud protection stays intact, and this is exactly what banks built these features for. The sections below show where each bank hides the switch.
Each card names the bank's official delegate feature and the menu path as of mid-2026. You do this once; your bookkeeper connects feeds with their own login from then on.
In Chase Business online banking, open Account Management → Access & Security Manager and choose Add authorized user. Create their user ID, set each account to View only (or Transact if they pay bills), and on the user rights screen enable the Third-party app access checkbox so their login can authorize read-only feeds like TreasuryFlow. Chase emails them a temporary password. Menus move; search Chase's help for "Access & Security Manager" if it is not where we say.
U.S. Bank business accounts include Shared Access. From online banking, add a Shared Access user and pick a role: View only (balances, activity, statements) or View and transact. View only is the right default for a bookkeeper who does not pay bills. You can review every Shared Access user's activity and change or revoke access any time. Menus move; search U.S. Bank's help for "Shared Access" if it is not where we say.
Bank of America small business online banking offers sub-users through its Account Management feature (you may need to enable it on your profile first). Add a user, assign view-only access per account, and they get their own login. One caveat: app connections sometimes need to be made at the parent (owner) account level; if your bookkeeper's sub-login cannot complete a feed connection, use the connect-link fallback below. Menus move; search Bank of America's help for "Account Management" or "sub user" if it is not where we say.
Wells Fargo's Account Access Manager lets you create a Guest User with view-only access to the accounts you choose: balances, activity, and statements. The catch: Guest Users often cannot authorize app connections, so the feed itself usually has to be connected by you. Grant the Guest User login for day-to-day visibility, then use the connect-link fallback below for the feed. Menus move; search Wells Fargo's help for "Account Access Manager" if it is not where we say.
Capital One supports adding an Account Manager, an authorized user with their own login, from your online account. Note that app connections on Capital One are often restricted to the primary account holder, so plan on the connect-link fallback below for the feed itself. Menus move; search Capital One's help for "Account Manager" or "authorized user" if it is not where we say.
In PNC online banking, go to Business Tools → Account Delegation and Add Sub User. You choose their role and which accounts and features (activity, online statements, check images) they can see. Heads up: feeds connected on PNC sometimes need periodic re-authorization by the account owner, so expect the occasional 30-second re-confirm on your side. Menus move; search PNC's help for "Account Delegation" if it is not where we say.
In Truist online banking, open Business Tools → Business Admin and use the Manage Users page to add a user. Pick View only (or Custom access to scope specific accounts). As with PNC, feeds sometimes need the owner to re-authorize periodically. Menus move; search Truist's help for "Business Admin" or "add user" if it is not where we say.
Both banks offer secondary user permissions in business online banking that generally support view-only access and app connections, though we have not pinned the exact current menu path here. Search your bank's help for "add a user" or "secondary user" from your business online banking, grant view-only, and have your bookkeeper connect with their own login. If the connection is blocked, the fallback below always works.
The business-banking fintechs make this the smoothest path of all. Relay has a Partner Portal where accountants and bookkeepers manage multiple clients from one login with scoped permissions. Mercury offers team roles and a dedicated accountant partner program. Bluevine has an Accountant Dashboard with the bookkeeper's own credentials across every client. If you bank at one of these, invite your bookkeeper from the team or accountant settings and you are done in minutes.
Some banks have no delegate feature. Others grant the login but block app connections from it. Either way, the feed still only takes 30 seconds of the owner's time.
From inside TreasuryFlow, the bookkeeper (or any teammate) sends the owner a connect link by email: the "invite the person who manages your bank access" flow.
The owner opens the link and authorizes the connection inside their own bank's login. Credentials go to the bank, never to the bookkeeper, never to us.
The link is scoped so it can only connect a bank: nothing else. It expires in 7 days and never exposes account data to whoever holds the link.
Available in every TreasuryFlow account, on every plan.
Yes. Every major bank's online banking agreement requires you to keep your credentials confidential, and sharing them can void the bank's zero-liability fraud protection: the bank treats activity under your login as authorized by you. A bank-issued secondary login keeps that protection intact.
View-only, unless they pay bills for you. View-only lets them see balances, activity, and statements, and connect read-only feeds, without the ability to move money. If they run payroll or pay vendors from your account, grant transact permissions on only the specific accounts they need.
No. Bank connections are read-only via Plaid, the same infrastructure behind Venmo, Robinhood, and 12,000+ US financial apps. Your credentials go directly to your bank during the connection; TreasuryFlow receives only a read-only token, cannot move money, and never stores or sees a banking password.
Use the connect link above. Your bookkeeper sends you a scoped link from inside TreasuryFlow; you click it, authorize inside your own bank's login, and the feed is live. The link can only connect a bank, expires in 7 days, and never exposes your data.
You, the account owner. Banks intend the owner to provision the secondary user from inside their own online banking. Your bookkeeper should never create or hold credentials on your primary login. Once their own login exists, they connect feeds with their own credentials.
Set up the delegate login once, connect the feed, and your bookkeeper works from live bank data every morning.