The model
First Mile Labs uses Anthropic Claude Opus 4.5 (model identifier claude-opus-4-5) via the official Anthropic API for every AI feature on the platform — document classification and extraction, AI case review, screening hit triage, and email drafting. We do not run any in-house large language models, and we do not send your data to any other LLM provider.
We may change the underlying model or model vendor over time — for example, to adopt a newer Claude release as it ships. When we do, we notify customers in advance and update this page so the answer to “which model do you use?” remains current.
Where AI shows up on the platform
Six AI surfaces. Each one is invoked only on data inside the case the analyst is working on, inside the tenant they belong to. None of them run autonomously on data outside that scope.
Document classification & extraction
What it sees: Customer-uploaded corporate documents (incorporation certificates, registers, IDs, proof of address, financials).
What it does: Classifies the document type and extracts structured fields (company name, registration number, directors, UBOs, etc.) so analysts do not retype them.
AI case review
What it sees: The structured case record — extracted document data, application form, screening hits, registry results.
What it does: Produces a draft compliance summary and risk narrative for the analyst to review and accept, edit, or reject.
Screening hit triage
What it sees: Sanctions, PEP, and adverse media hits returned by the screening provider, plus the case identity context needed to adjudicate them.
What it does: Suggests a true-match / no-match recommendation per hit with a written rationale, which the analyst confirms.
Document request email drafting
What it sees: The list of missing or rejected documents on a case and the customer’s name.
What it does: Drafts a follow-up email asking the customer for the specific missing items. The analyst reviews and sends.
Website description summarisation
What it sees: Text content fetched from the customer’s public-facing website.
What it does: Produces a short, factual business description to assist the analyst in understanding the nature of the business.
IDV document OCR (Didit)
What it sees: Identity documents submitted through the integrated IDV flow.
What it does: Reads the document and returns structured identity fields back to the case.
Data-handling posture
The short version: your customer data is not used to train third-party models, it is encrypted at rest, it is tenant-isolated, and you can turn any AI feature off.
Model
Anthropic Claude Opus 4.5 (model identifier claude-opus-4-5), accessed via the official Anthropic API.
Training on your data
Customer data is not used to train Anthropic’s models. We send prompts via the standard Anthropic API, which is contractually excluded from model training.
Processing region
Requests are routed to Anthropic’s API. Our application infrastructure runs in the United Kingdom / European region.
Retention at the model vendor
We do not store prompts at Anthropic beyond the short operational retention windows defined in the Anthropic API terms; no fine-tuning, no long-term retention on the vendor side.
Retention on our platform
Inputs (documents, application data) and AI outputs (extracted fields, draft summaries, triage suggestions) are stored alongside the case so analysts have a complete audit trail. They live for the life of the tenant’s case record under the customer’s own retention policy.
Encryption at rest
Personally-identifiable fields — names, dates of birth, nationalities, identity-document numbers, addresses, and the corresponding sub-keys inside extracted-document and application-form JSON — are encrypted at the application layer with AES-256-GCM before being written to the database.
Tenant isolation
Every authenticated API call is org-scoped: data belonging to another tenant returns 404. The AI features only ever see data from the case they are invoked on, inside the calling tenant.
Model vendor changes
We may change the underlying model or model vendor over time (for example, to upgrade to a newer Claude release). When we do, customers are notified in advance through their account and via this page.
You can switch any AI feature off
Each of the six AI surfaces above is independently controllable per tenant. If your compliance committee wants AI off for a particular surface — say, draft case summaries — your tenant administrator can disable it under Compliance Configuration → AI Capabilities. The corresponding part of the analyst UI degrades to manual mode; nothing is silently re-enabled.
A “manual mode” preset disables every AI surface in one click for customers who want to operate the platform with no AI involvement at all. All toggle changes are recorded in an audit trail with the actor, timestamp, and the previous value.
Connect your own AI
This page covers the inbound AI story — the models we run on your behalf. There is also an outbound story: your analysts can connect Claude.ai to First Mile Labs as a Custom Connector and ask plain-English questions about their cases (“which cases are awaiting EDD?”, “summarise the screening hits on Acme Holdings”). Claude pulls live data through our read-only Public API under your own analyst credentials, with consent and revocation in your hands.
Full setup, scopes, and revocation steps live in section 10 of the Public API guide → Connect with Claude.
What this page is, and what it isn’t
This is a plain-English summary written for compliance, security, and procurement teams. It is not a substitute for a formal trust centre with downloadable SOC 2 / ISO reports — that lives in our security documentation pack, which we share under NDA on request. For anything not covered here, write to [email protected].
Got a security questionnaire to fill in?
Send it over — most AI and data-handling questions are answered above, and our team will turn the rest around quickly.