Create an Agreement against a KYC-trusted account holder's bank account.

The calling account must be flagged as kyc_trusted. If it is not, a 400 Bad Request will be returned with must_be_kyc_trusted.

When the optional bank connection attributes (basiq_user_id, basiq_connection_id, proviso_reference, credit_sense_app_id) are provided, the Agreement is created in the unverified state and bank connection verification is queued asynchronously. When verification succeeds the Agreement transitions to accepted; when it fails the Agreement transitions to declined and the failure reason is recorded on status_reason. The verification outcome is not reflected in this endpoint's response - listen for the corresponding agreement.accepted or agreement.declined webhook to observe the final state.

When no bank connection attributes are provided, the Agreement is auto-accepted before the response is returned.