anonym.legal
United Kingdom — UK GDPR & DPA 2018

Pseudonymising TCSP Client Files for Compliance Review – UK GDPR-compliant anonymisation per Money Laundering Regulations 2017

Trust and company service provider (TCSP) client files contain layered personal data — trustees, settlors, protectors, beneficiaries, and UBOs — that require enhanced due diligence under the Money Laundering Regulations 2017. anonym.legal pseudonymises these individuals across the client file so compliance reviewers can assess TCSP onboarding quality and ongoing monitoring adequacy without processing the named parties' data.

When this applies

This task applies when TCSP client files are reviewed by compliance quality-assurance teams, internal audit, or external assurance providers assessing the firm's TCSP-specific AML procedures, and those reviewers require the procedural and structural record rather than the identities of the named individuals.

How anonym.legal handles it

  1. Upload the TCSP client file, including the trust deed or constitutional documents, UBO register, and EDD decision record.
  2. The engine identifies all named natural persons: trustees, settlors, protectors, named beneficiaries, and connected UBOs.
  3. Each individual is pseudonymised with a distinct, consistent pseudonym; structural roles (e.g. 'Trustee', 'Protector') and the relationship between roles are preserved.
  4. EDD risk rating, approval authority record, and ongoing-monitoring schedule remain in clear text.
  5. A reversible mapping table is produced with UK/EU data residency.
  6. Release the pseudonymised file for compliance review; restore originals before regulatory submission.

What you provide

  • Trust deed or company constitutional documents (for structural context)
  • UBO register or beneficial-ownership declaration
  • EDD decision record and approval sign-off
  • Ongoing-monitoring schedule

Limitations & cautions

  • TCSP client files often contain highly sensitive personal data; restrict access to the pseudonymised file to those with a legitimate review purpose.
  • Trust deeds may contain discretionary beneficiary classes rather than named individuals; class descriptions are preserved, and only named individuals are pseudonymised.
  • The tool does not assess whether the TCSP-specific EDD procedure meets the heightened standard required by the Money Laundering Regulations 2017.

FAQ

How are discretionary beneficiaries handled if they are not individually named?

Beneficiary class descriptions (e.g. 'children and remoter issue of the Settlor') are preserved without pseudonymisation. Only named individuals are pseudonymised.

Can I process TCSP files for multiple client trusts in a single batch?

Yes. Upload all client files in a batch. The engine tracks individuals who appear across multiple client files and applies consistent pseudonyms throughout.

Does the tool handle offshore trust structures with non-UK trustees?

Yes. Named individuals are pseudonymised regardless of their nationality or the jurisdiction of the trust. The structural relationship to the UK corporate customer is preserved.

Related tasks

Financial Services Compliance

About this page

We update this page when our platform or the law changes.

Read our founder note for how we work.

Each change shows up in the timestamp at the top.

Related reading

We follow these rules

  • GDPR (EU 2016/679).
  • ISO/IEC 27001:2022.
  • NIS2 (EU 2022/2555).
  • HIPAA safe harbor under 45 CFR § 164.514(b)(2).

Our promise

We do not sell your data.

We do not train models on your text.

We store your files in Germany.

You can delete your account at any time.

You own your work.

Where we run

Our servers live in Falkenstein, Germany.

We use Hetzner. They hold ISO 27001 certification.

All data stays in the EU.

Backups run every day.

Need help?

Email support@anonym.legal.

We reply within one business day.

How we test

We run a full check suite on every release.

Each surface gets its own sweep script and report.

Human reviewers spot-check the output each week.

We track recall and precision on a labelled set.

Bad runs block the deploy.

What we never do

  • We never sell your information to third parties.
  • We never train models on what you upload.
  • We never keep your work after you delete it.
  • We never share keys with any outside firm.
  • We never run ads inside the product.

Plans in plain words

We sell credits, not seats.

One credit covers one short job.

Long jobs use a few credits each.

You can top up at any time.

Unused credits roll over each month.

Read the plans page for current rates.

Who built this

A small team of engineers and lawyers built this.

We ship from Europe and work in the open.

Our founder note spells out why we started.

Where to start

How the parts fit

A browser add-on cleans text inside Chrome.

A Word plug-in handles drafts in Office.

A small desktop tool works on whole folders.

An agent protocol link feeds large models safely.

All four share one core engine and one rule set.

Words from our team

We started this work after a lunch about cookies.

One friend kept getting odd ads on her phone.

We asked why a court file leaked through a draft.

We sketched the first build on a napkin that week.

By month three we had a tiny demo for a friend.

She used it on her first case the next day.

Common questions we hear

Can the tool read scanned PDFs? Yes, with OCR.

Does it work on long files? Yes, in small chunks.

Can I roll my own rule set? Yes, save it as a preset.

Does it run offline? The desktop build runs offline.

Do you keep my files? No, the cloud build wipes after each run.

Will it learn from my work? No, we never train on inputs.

A short tour of the workflow

Upload a file or paste a snippet of prose.

Pick the entities you want gone from the draft.

Choose a method: replace, mask, hash, encrypt, or redact.

Press run and watch the side panel show each hit.

Skim the result and tweak any rule that misfired.

Save the cleaned file or send it to a teammate.