AI KYC and AML for corporate service providers and TCSPs

Corporate service providers and trust and company service providers occupy a specific and demanding position in the AML framework. Corporate service provider KYC software for this sector has to solve a problem that is structurally different from investor-facing KYC: the CSP conducts CDD on behalf of regulated third parties who will rely on that work, and the quality of the compliance file directly determines whether the reliance is defensible. When a Cayman fund manager relies on the fund administrator’s CDD under the Anti-Money Laundering Regulations (2023 Revision), the fund administrator’s compliance file needs to be complete, correctly structured, and evidence-backed. The same is true for a BVI CSP providing registered office services under the Anti-Money Laundering and Terrorist Financing Code of Practice 2008, or a Singapore trust company providing trust administration under MAS Notice TCA-N03. Tarth is corporate service provider KYC software purpose-built for this reliance-based environment.

CSPs and TCSPs face a unique compliance challenge because their clients are typically legal structures — companies, foundations, trusts, partnerships — rather than natural persons. Every client engagement requires identifying the natural persons connected to the structure: UBOs, settlors, trustees, protectors, beneficiaries, signatories, directors. Tarth runs an individual screening on each of those natural persons and produces a CRA per person with cited evidence. Multi-layer corporate structure tracing, trust deed parsing, and entity-graph generation are what we’re building next.

TCSP CDD on natural persons — settlors, trustees, protectors, beneficiaries

TCSP CDD work centres on the natural persons connected to a trust or company structure. The TCSP identifies — using the trust deed, the constitutional documents, or the firm’s own client intake — who needs to be screened: the settlor, the trustees, any protector, the named beneficiaries (or the class of beneficiaries where applicable), and the authorised signatories. Once the firm has identified each of those natural persons, Tarth runs an individual screening on each one and produces a CRA with cited evidence.

The regulatory standards vary by jurisdiction. The Cayman AMLR 2023 Revision, the BVI AML and TF Code of Practice 2008, and MAS Notice TCA-N03 all require TCSPs to identify and verify the natural persons connected to a trust structure. The substantive requirement is on the TCSP to identify the right people; Tarth produces the per-person screening output the firm’s MLRO needs to sign off. Trust deed parsing — where Tarth extracts the parties to a structure directly from the deed — is what we’re building next.

CSP KYC onboarding for corporate client structures

CSP KYC onboarding for a corporate client — a company for which the CSP provides registered agent, director, or secretarial services — follows a different pathway from trust administration. The starting point is entity verification: the company’s registered status, legal form, jurisdiction of incorporation, and constitutional documents. From there, the CSP must identify the beneficial owners: the natural persons who own more than the disclosure threshold (typically 25%, though lower thresholds apply in some jurisdictions), or where no individual meets that threshold, the senior managing officials.

For companies with multi-layer ownership structures — a holding company owned by another holding company owned by a family trust — the UBO identification process must trace through each layer. Corporate service provider aml platform software needs to handle this trace systematically, requesting the corporate documentation at each level and documenting the ownership percentage at each step. Where the UBO chain passes through a jurisdiction with different disclosure norms — a BVI intermediate company that is itself owned by a Cayman foundation — Tarth applies the correct documentation standard for each entity in the chain.

Third-party CDD reliance: building compliance files that work for fund managers and banks

One of the most important functions of corporate service provider KYC software in this market is producing compliance files that downstream regulated entities can rely upon. Third-party CDD reliance is expressly provided for in the Cayman AMLR 2023 Revision, the BVI AML Code, ADGM FSRA AML Rulebook, and MAS Notice 626 in Singapore. Under each of these frameworks, a regulated entity (such as a fund manager or bank) can rely on CDD conducted by a qualifying third party (such as a regulated CSP or TCSP) — provided that the third party is subject to AML obligations equivalent to those in the relying entity’s jurisdiction, the relying entity has taken reasonable steps to verify this, and the third party will make its CDD records available on request.

This means the compliance files Tarth generates for CSP and TCSP clients are not just internal records — they are the evidence package that fund managers and banks will review when deciding whether to rely on the CSP’s work. The files need to clearly state what CDD measures were taken, under what regulatory authority, what the risk rating conclusion was, and that the underlying documentation will be made available on request. Tarth generates files structured for third-party reliance by default, not as an afterthought.

How Tarth handles CSP and TCSP client onboarding end-to-end

• Client structure classification: When a new client is onboarded, Tarth classifies the structure type — company, trust, foundation, partnership, or mixed — and routes the onboarding through the appropriate CDD workflow for that structure and jurisdiction combination.
• Per-person screening based on firm-identified parties: The firm identifies the natural persons connected to each client structure (using the trust deed, constitutional documents, or client intake). Tarth runs the screenings on each named person and produces a CRA per person. Document parsing — where Tarth extracts parties directly from the deed or charter — is coming next on our roadmap.
• Per-natural-person screening for layered structures: For complex structures with intermediate holding entities, the firm identifies the natural persons at the top of the chain (UBOs, controlling persons) and Tarth runs an individual screening on each. Multi-layer entity-graph tracing and ownership-chain visualisation are coming next on our roadmap.
• Individual CDD for identified persons: Each natural person identified as a beneficial owner, controlling person, settlor, trustee, protector, or authorised signatory is subjected to individual CDD: identity verification, PEP and sanctions screening, and risk assessment. All screening results are documented with the list version and match review outcome.
• Reliance-ready CRA output per person: Each CRA contains the regulatory basis for the CDD, the measures taken, the risk rating with cited reasoning, and the supporting evidence. Files are structured for third-party reliance — fund managers and banks reviewing the CSP’s CDD see a complete record per natural person.
• Ongoing monitoring and refresh: CSP clients have ongoing monitoring for PEP, sanctions, and adverse media changes affecting identified persons, and document expiry tracking for identity documents. When a refresh is required, Tarth generates the refresh request and tracks document receipt.

CSP and TCSP MLRO function support

CSPs and TCSPs licensed in Cayman, BVI, Singapore, ADGM, DIFC, or other major jurisdictions appoint a registered MLRO under the local regulatory framework. For mid-size CSPs, the MLRO is typically the head of compliance. For smaller firms, the role is often held by a senior partner or an outsourced fractional MLRO. Tarth’s CRA output, audit trail per Group, and continuous monitoring on every screened individual give the MLRO the program quality the regulator expects regardless of how the role is held.

Frequently asked questions about CSP and TCSP KYC and AML compliance

Related resources