Anonymising Beneficial-Ownership Files for AML Review – UK GDPR-compliant anonymisation per Money Laundering Regulations 2017

Beneficial-ownership identification files trace the natural persons who ultimately own or control a corporate customer, recording names, nationalities, ownership percentages, and control mechanisms. anonym.legal pseudonymises those personal identifiers — preserving the ownership structure and control-tracing methodology — so compliance teams can review the adequacy of UBO identification without processing the named individuals' data.

When this applies

This task applies when beneficial-ownership files are reviewed by second-line compliance, quality assurance, or external audit functions assessing whether the firm has adequately identified and verified all persons with significant ownership or control, and those reviewers require the structural methodology rather than individual identities.

How anonym.legal handles it

Upload the beneficial-ownership declaration, UBO register extract, and any supporting corporate structure chart.
The engine identifies named UBOs, their nationalities, dates of birth, addresses, and ownership or control percentages.
Each UBO and associated individual is pseudonymised consistently; ownership percentage thresholds, control mechanisms, and the tracing methodology are preserved.
Verification-outcome records and any unexplained-ownership flags are preserved in clear text.
A reversible mapping table is produced with UK/EU data residency.
Release the pseudonymised file for compliance review; restore originals before any regulatory submission or counterparty disclosure.

What you provide

Beneficial-ownership declaration or UBO register extract
Corporate structure chart (if separate from the declaration)
Compliance officer's UBO-verification notes

Limitations & cautions

Beneficial-ownership information submitted to regulators or correspondent banks must contain the real identities; the pseudonymised file is for internal review only.
The tool does not verify whether the UBO identification methodology meets the threshold requirements of the Money Laundering Regulations 2017.
Complex multi-tier ownership structures should be reviewed post-processing to confirm that the pseudonymisation has not disrupted the structural narrative.

FAQ

Does the tool handle nominee shareholder arrangements?

Named nominees and the beneficial owners on whose behalf they act are each pseudonymised individually with distinct pseudonyms, preserving the nominee/beneficial-owner relationship structure.

Are trust structures covered as well as corporate ownership chains?

Yes. Named trustees, settlors, and identified beneficiaries in trust structures are detected and pseudonymised. The trust's structural relationship to the corporate customer is preserved.

Can a pseudonymised UBO file be used to train staff on complex ownership structures?

Yes. Pseudonymised UBO files that preserve the ownership percentages, control mechanisms, and tracing methodology are valuable training materials for demonstrating how to work through complex structures.

Financial Services Compliance

About this page

We update this page when our platform or the law changes.

Read our founder note for how we work.

Each change shows up in the timestamp at the top.

We follow these rules

GDPR (EU 2016/679).
ISO/IEC 27001:2022.
NIS2 (EU 2022/2555).
HIPAA safe harbor under 45 CFR § 164.514(b)(2).

Our promise

We do not sell your data.

We do not train models on your text.

We store your files in Germany.

You can delete your account at any time.

You own your work.

Where we run

Our servers live in Falkenstein, Germany.

We use Hetzner. They hold ISO 27001 certification.

All data stays in the EU.

Backups run every day.

Need help?

Email support@anonym.legal.

We reply within one business day.

How we test

We run a full check suite on every release.

Each surface gets its own sweep script and report.

Human reviewers spot-check the output each week.

We track recall and precision on a labelled set.

Bad runs block the deploy.

What we never do

We never sell your information to third parties.
We never train models on what you upload.
We never keep your work after you delete it.
We never share keys with any outside firm.
We never run ads inside the product.

Plans in plain words

We sell credits, not seats.

One credit covers one short job.

Long jobs use a few credits each.

You can top up at any time.

Unused credits roll over each month.

Read the plans page for current rates.

Who built this

A small team of engineers and lawyers built this.

We ship from Europe and work in the open.

Our founder note spells out why we started.

Where to start

How the parts fit

A browser add-on cleans text inside Chrome.

A Word plug-in handles drafts in Office.

A small desktop tool works on whole folders.

An agent protocol link feeds large models safely.

All four share one core engine and one rule set.

Words from our team

We started this work after a lunch about cookies.

One friend kept getting odd ads on her phone.

We asked why a court file leaked through a draft.

We sketched the first build on a napkin that week.

By month three we had a tiny demo for a friend.

She used it on her first case the next day.

Common questions we hear

Can the tool read scanned PDFs? Yes, with OCR.

Does it work on long files? Yes, in small chunks.

Can I roll my own rule set? Yes, save it as a preset.

Does it run offline? The desktop build runs offline.

Do you keep my files? No, the cloud build wipes after each run.

Will it learn from my work? No, we never train on inputs.

A short tour of the workflow

Upload a file or paste a snippet of prose.

Pick the entities you want gone from the draft.

Choose a method: replace, mask, hash, encrypt, or redact.

Press run and watch the side panel show each hit.

Skim the result and tweak any rule that misfired.

Save the cleaned file or send it to a teammate.