T-Impact Limited

T-Impact AML Robotics (RPA) and Artificial Intelligence (AI) solution for Legal professionals

T-Impact’s Case opening & Anti-money laundering (AML) Solution ensures consistency and compliance with all legal matters opened, including AML regulation compliance. Leveraging Robotics Process Automation (RPA) & Artificial Intelligence (AI), data is automatically loaded into your CRM or Case management system, without changing underlying technology. Cloud or On-Premise Install


  • Uses Microsoft Azure Computer Vision cognitive service.
  • Uses UI Path Orchestrator and unattended robots .
  • Configurable to support your matter opening process.
  • Configurable to support your Anti-Money Laundering (AML) procedures.
  • Compatible with cloud or on-premise CRM or Case management Systems.
  • Easily scalable, simply buy more Robots & AI services.
  • Includes on-going support - monitoring, resolving issues and improving implementation
  • Available on Azure, IBM or Microsoft Cloud.
  • Cloud based AI means cutting edge Technology from Microsoft.


  • Improve productivity of your legal and support staff.
  • Improve accuracy of your CRM and Case Management Systems.
  • Respond quickly to new legal matters .
  • Reduce costs, 90% cheaper than UK support staff.
  • Increase productivity, reducing handling time, increase working hours.
  • Scalable, deploy in seconds, sharing processes library.
  • Data security, outsource work but keep data on site.
  • Cutting edge technology means systems gets smarter, ROI accelerates.
  • As ROI accelerates more funding available for additional projects.
  • RPA produces new ways to do more with less.


£149164 per unit per year

  • Free trial available

Service documents

G-Cloud 10


T-Impact Limited

Trevor Cole

01865 818952


Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to This solution is built using the latest Robotic Process Automation (RPA) and Artificial Intelligence capabilities from UI Path and Microsoft. The licenses subscriptions are incorporated into the New Legal matter and Anti-Money Laundering (AML) solution and can not be used for separate development projects.
Cloud deployment model Hybrid cloud
Service constraints The deliverables include:
* 1 UI Path orchestrator annual subscription
* 4 UI Path unattended Robot annual subscription
* 1 Microsoft Azure vision annual subscription (up to 1m transactions/month)
* Setup and installation of the New Legal Matter & Anti-Money Laundering solution, including configuration to work with your existing CRM or Case Management tools
* Support and maintenance to ensure the solution works in your environment
System requirements
  • 1 UI Path orchestrator annual subscription
  • 4 UI Path unattended Robot annual subscription
  • 1 Microsoft Azure vision annual subscription (up to 1m transactions/month)
  • 1 Setup and installation AML Solution.
  • 1 Configuration of existing CRM and Case Management
  • Support and maintenance to ensure compatibility your environment

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 24/7/365 response in 4 hours based on prioritisation
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 AAA
Phone support No
Web chat support Web chat
Web chat support availability 24 hours, 7 days a week
Web chat support accessibility standard WCAG 2.0 AAA
Web chat accessibility testing We support assistive technology users through Zendesk
Onsite support Yes, at extra cost
Support levels L2-L3 support is free of charge. Manpower days and T&E is chargable starting at £500 per day
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started T-Impact provides the training and documentation to support service.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction You own the data provided by the service. All data resides in your own CRM and or Case Management Systems.
End-of-contract process At the end of contract, a renewal option will be offered. If you decide not to renew the contract, then the system access will stop.

Your CRM and or Case Management tooling will continue to operate as it did before the service.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices No
Accessibility standards None or don’t know
Description of accessibility Available upon request.
Accessibility testing N/A
Customisation available Yes
Description of customisation Customisation comes as part of the initial setup and installation phase.


Independence of resources The architecture of Microsoft Azure cloud services maintains logical separation of client data. Internal rules and measures separate data processing, such as inserting, modifying, deleting, and transferring data, according to the contracted purposes.

In essence your existing CRM and or Case Management Systems are the matter of record and their performance should not be adversely affected by the automation. However as Robotic processes are 20 times faster than a human, some load balancing might be required to run processes when users are less likely to be on the system to ensure maximum performance.


Service usage metrics Yes
Metrics types All service produce log files that can be interrogated. No service metrics or
Reporting types API access


Supplier type Reseller providing extra features and support
Organisation whose services are being resold We are an Microsoft, IBM and UiPath business partner

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach The platform does not store any user data so there is no need to export.
Data export formats Other
Other data export formats No data retained within platform.
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • Legacy (mainframe, terminal screen, etc.)
  • Microsoft Office (Word, Excel, Outlook, Access)
  • ERP systems (Oracle, SAP, Microsoft Dynamics, etc.)
  • Native PDF documents
  • OCR'd documents and forms
  • Images (JPEG, GIF, PNG, etc.)
  • Web (any HTML including frames and multiple screens)
  • Chatbot (Google and Microsoft cognitive services)

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Please see the IBM documentation about the resilience of their Cloud infrastructure. https://www.ibm.com/cloud/why-ibm
Approach to resilience Available on request.
Outage reporting The UiPath Orchestrator will report any service outages and report in any way that the customer requires: dashboard, API, mobile, text or email.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels User name and password control over access to uipath products.

This can be achieved via AD or other auth mechanisms.
Access restriction testing frequency At least once a year
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 AEROQ
ISO/IEC 27001 accreditation date 30/08/2017
What the ISO/IEC 27001 doesn’t cover N/A
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards CSA CCM version 3.0
Information security policies and processes UiPath Systems, Networks and processes are reviewed annually by the Information Security Office to ensure compliance with security policies and standards. Additionally, this review is subject to audit by the Internal Audit and External Audit.

Dependent upon the Cloud platform selected for the Robotic Process container, each vendor has their own security policies and processes. More information available upon request.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Configuration & Change management is handled via Hipbath Maintenance and support agreement.

UiPath will track the UiPath RPA product components and will ensure changes are handled via a documented & agreed procedure.

From a RPA Solution perspective our change management and robot configuration is in line with the Industry Standards for Source and version control. We will work with our public customers to create the necessary Dev, Test, UAT and Live environments.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach UiPath implements all applicable security requirements reasonably needed for the protection of confidential data processed through UiPath systems while still continuing to operate its businesses effectively and efficiently.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach UiPath uses internal resources & external vendors to run assessment of potential risks & vulnerabilities.

If a risk or vulnerabilities is identified we have a internal procedure that handle them based on impact/ priority.

incidents are handled based on priority, starting from 4hrs response.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach UiPath provide incident management via support portal for its customers.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £149164 per unit per year
Discount for educational organisations No
Free trial available Yes
Description of free trial Free trial available upon request. Some consultancy and training maybe required (not free).

A community edition of RPA software is available that's limited to non-commercial use.

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Terms and conditions
Service documents
Return to top ↑