Trust & security

Client financial data, handled properly

ItsAllDone handles sensitive client financial data. The architecture is built around two commitments: numbers you can defend, and data that never leaves the boundary in the clear.

Defensible numbers

Every figure on the accounts and the CT600 is deterministic Python applying explicit UK tax rules, reproducible and auditable. No number is generated by a language model.

Protected data

The engine and the AI work from a token, not your client's name. Every prompt to a model passes a PII-safety check before it is sent, so real client names and identifiers don't reach the AI.

Data boundary

Your client's identity stays in the application

The company name and identifying details live in the application, not in the files the engine works from. The engine computes from a short token, and the AI is the one place where a PII-safety check guards every request.

  • Token-only engine: it works from a short token, never your client's display name.
  • Every prompt to a model passes a PII-safety check before it is sent.
  • The real name is restored only when your documents are produced.
Where identity lives
ApplicationClient name & identifiers
EngineWorks from a token
Model promptsPII-checked
Your documentsReal name restored
Immutable audit log
Phase / task4.5 · S455
Engine recommendationCharge 33.75%
Partner's choiceConfirmed
ReasonUnrepaid at 9m
Decided byA. Partner
Timestamprecorded
Accountability

Every decision, on the record

The engine surfaces each judgement it detects as a decision gate. The partner confirms or amends it, and the engine's recommendation, the partner's choice, the reason, who decided and when are all written to an append-only audit log.

That register is carried into the senior review pack, so a reviewer can scan every decision in one place and drill down where a number looks wrong.

Security practices

Built with security in, not bolted on

Client financial data is handled with controls designed in from the start, not added later.

Encryption

Encryption at rest and in transit. TLS enforced everywhere.

MFA everywhere

Multi-factor authentication required for every user account.

Least privilege

Per-role access with row-level isolation between firms. No wildcard permissions.

Malware scanning

Uploads scanned on the way in; account-level threat detection.

Audit logging

Application and infrastructure audit trails retained and reviewable.

Testing & patching

Regular vulnerability scanning and testing; managed services kept current.

ItsAllDone runs in a dedicated, isolated UK/EU cloud environment with its own keys and access controls.

Want the detail?

We're happy to walk your IT or compliance lead through the architecture and data handling.