Onyrisanitize
All articles
Guide6 min read

Accountants: use AI without exposing your clients' financial data

Statements, bank details, payroll, company IDs: firms handle sensitive financial data. How to anonymize it before ChatGPT, Claude or Gemini without losing accuracy.

By Pierre de ONYRI

An accounting firm handles some of a company's most sensitive data: bank details (IBAN, BIC), amounts, tax identifiers, company registration numbers, salaries. Before asking AI to explain an entry, summarize a balance sheet or draft a note, replace these elements with tokens. The model reasons over intact figures and structure, detached from any identity — and nothing leaves the browser.

Why accounting data demands an anonymization reflex

An accountant's professional confidentiality covers the information clients entrust to them. Pasting it into a consumer assistant means handing it to a third party, often outside the European Union, with no framework. The risk doesn't come from the AI itself but from copy-paste: bank details, a revenue figure or a payroll total ending up in a prompt.

  • Bank details: IBAN, BIC, account numbers.
  • Company identifiers: registration numbers, VAT numbers.
  • Tax identifiers and social-security numbers (payroll).
  • Amounts: revenue, margins, salaries, balances.
Diagram: an invoice whose IBAN and amounts are replaced by tokens, next to a safe symbolizing accounting confidentiality.
Bank details, amounts and identifiers become tokens before sending; the client's books stay at the firm.

What to mask before any prompt

  1. 1Full bank details: IBAN, BIC, account numbers.
  2. 2Identity of the company and people: named entities, directors, employees.
  3. 3Identifiers: company registration, VAT, tax ID, social-security number.
  4. 4Confidential amounts when they identify or disclose the client's situation.

A flow compatible with professional confidentiality

  1. 1Detection: the engine spots bank details, company IDs, tax identifiers and salaries.
  2. 2Tokenization: each element becomes a neutral token, kept in local memory.
  3. 3Sending: only the anonymized text goes to the AI — no client data transits.
  4. 4Restoration: the answer is de-tokenized in your browser, ready to add to the file.

ONYRI Sanitize detects financial and company data — bank details, company IDs, tax identifiers, salaries — and restores the answer in your browser. The firm gets AI's help to analyze, explain or draft, without ever exposing a client's books or identity.

Frequently asked questions

Can an accountant use ChatGPT for client files?
Yes, provided no data covered by professional confidentiality is sent. Anonymize bank details, identifiers and identifying amounts before sending: AI works on a neutral structure, and you restore the answer in the browser. Responsibility for the deliverable stays with the professional.
Should amounts be masked?
Not all amounts are sensitive, but those that reveal a client's situation (revenue, payroll, balances) are. When in doubt, tokenize them: AI keeps calculations consistent thanks to stable tokens, without knowing the real values.
Are bank details personal data?
Tied to a person, yes: they are personal data, and their disclosure is intrusive. Bank details must therefore be anonymized before any send to a third-party tool, just like identity.

Sources & references

Keep your sensitive data in your browser

ONYRI Sanitize detects and masks your sensitive data before it reaches the AI, then restores the answer — from names to API keys.

Anonymize my prompt

Read next