TRM LABS UK LTD

TRM Forensics Premium

Investigate the source and destination of crypto funds with an integrated suite of tools that support users throughout the investigative lifecycle. Rapidly explore and visualize TRM’s enriched blockchain intelligence data to attribute threats to seize funds and support victims. Handle any level of investigation, from the simple to most complex.

Features

• Coverage of 34 blockchains and 70M+ digital assets
• Largest database of VASPs and cash-out points
• Trace between entities and addresses with universal tracing
• See the source and confidence level of every attribution
• Automatically trace common programmatic tactics using Signatures
• Use multi-route pathfinding to discover all possible fund flows
• See when there are unplotted flows between graph elements
• Add off-chain data to show a complete narrative of events
• Keep records and collaborate with built-in case management
• Automated cross-chain tracing and analytics

Benefits

• Connect on-chain activity to real-world entities
• Make defensible decisions with reliable threat intelligence
• See source data to complete parallel reconstruction
• Proactively detect suspicious activity with advanced blockchain pattern recognition
• Leave no investigative angle unconsidered
• Expand your analysis beyond the blockchain
• Manage investigations from first transaction to final report

£33,272 to £41,590 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at uk-gov-gcloud@trmlabs.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

205548500859141

Contact

Philip Lear
07988500371
uk-gov-gcloud@trmlabs.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No Constraints
• System requirements:
  • Laptop with 8GB RAM and a GPU of 16GM RAM
  • Chrome, Firefox, Safari, Edge browsers,
  • Any screen size, including mobile iOS and Android devices.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The first line of support is a live chat functionality that is available 24/7 and has maintained an average response time of under two minutes to customer requests.; ; If Customer Success cannot solve an issue in Live Chat, the conversation will move to a phone call/MS Teams ; <1 hour maximum response time is expected to be 5-30 minutes on average.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We have not done personal testing. However, Slack and Messenger have done independent testing.
• Onsite support: No
• Support levels: Customer and platform support is included as part of annual recurring software charges. TRM Labs does not currently tier our support structures and offers differently priced support packages.; ; Support does include the services of a technical account manager and a cloud support engineer.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Your Customer Success Manager will assist with setting up the platform, user provisioning, basic training, service requests and escalations, product feature requests, and customized training requests.; ; A sales engineer will assist during API implementation setup, troubleshooting, and platform integration assistance.; ; Our Compliance Advisory team will help with advice and guidance on setting up your crypto compliance and AML program and teams, insights on industry best practices. This resource brings deep experience working within compliance departments for both fiat and crypto from other financial institutions.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: There's no "takeout" capability to download a user's data. However, they can export any graphs created from within the tool. TRM Users can export via CSV file, SVG file, PNG file, or TRM format.
• End-of-contract process: TRM offers our customers at no extra charge as part of their licensing subscription:; ; A dedicated customer success team comprised of a Deployment Strategist (customer success representative), sales engineer, and account manager; Product training, API configuration and troubleshooting from your customer success team during initial onboarding and throughout your lifecycle as a customer; Access to TRM Academy online courses; Access to our Global Investigations team; Access to our Compliance Advisory team

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: TRM has intentionally designed its platform and user interface to be intuitive and easy to use. ; ; From the platform home page, users can search addresses, entity names, transaction hashes, or events with a simple Google-like search bar. Every feature, from navigating between the different TRM modules to plotting transactions on a graph, is possible with point-and-click functionality. There is no coding or technical training necessary to use the platform.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We've conducted interface testing with assistive technology users to ensure accessibility. This involved collaborating with individuals who use screen readers, voice recognition software, and alternative input devices. We gathered feedback on navigation, screen reader compatibility, and keyboard accessibility to improve our interface for all users.
• API: Yes
• What users can and can't do using the API: Our platform offers robust API capabilities that facilitate easy integration with existing systems such as customer relationship management (CRM) software, compliance databases, and transaction monitoring systems. This integration ensures that our platform's relevant data and insights can seamlessly be incorporated into MTS' existing workflows and processes.; ; TRM's API can pull information around wallets, transactions, and risks to be integrated into third-party tools and custom workflows. Additionally, our API offers diverse endpoints and methods, empowering customers with extensive data retrieval, manipulation, analytics, and reporting capabilities.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: TRM recognizes the importance of customization and flexibility for our customers to take full advantage of our data. Modules include adjustable parameters and filters for better analysis of our data. ; ; TRM Forensics also includes dozens of filters to trace funds through the blockchain effectively. This consists of the date, time, transaction hash, counterparty name, USD value, asset value, direction (in/out), direct and indirect exposure, risk type, portfolio asset type, and more.

Scaling

• Independence of resources: Our infrastructure is designed to scale dynamically based on demand. ; We continuously monitor resource utilization and allocate additional resources to maintain optimal performance and responsiveness.; Load Balancing: We distribute incoming user requests across multiple servers or instances to distribute the workload evenly. This prevents any single server from becoming overloaded and ensures consistent user performance.; Performance Monitoring: We closely monitor the performance of our service in real-time to identify bottlenecks or performance issues.; Capacity Planning: We regularly assess our infrastructure capacity and performance trends to anticipate future demand and scale our resources accordingly.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide a range of service metrics to ensure transparency and performance. These metrics include:; ; Uptime: The percentage of time our platform is available and accessible to users.; ; Response time: The speed at which our platform responds to user requests. ; Scalability: We track the platform's ability to handle increasing workloads and user traffic without compromising performance. ; Error rates: We monitor and analyze the frequency of errors or disruptions users experience while interacting with our platform. ; Customer support response time: We measure the time it takes for our support team to respond to customer inquiries or issues.; ; Some reports are internal.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: TRM Users can export via CSV file, SVG file, PNG file, or TRM format. TRM format allows a customer to export and share a graph with another TRM customer by downloading from your segregated environment to share for upload to another segregated customer's environment
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: TRM provides SLAs to guarantee excellent service. According to TRM’s standard SLA, TRM guarantees 99.5% uptime per calendar month and has historically maintained 99.99% uptime on an annual basis for its API endpoints.; If TRM fails to meet the guaranteed uptime, any affected Customers will be eligible to receive a credit to their account. The formal SLA will be included in the Customer Agreement.
• Approach to resilience: TRM runs on a highly available public cloud architecture. As a result, we can quickly failover to alternative availability zones or elastically expand our server infrastructure if needed. Our data layer includes blue/green deployments, warm standbys, and continuous backups for high availability and quick recovery.
• Outage reporting: We have a real-time status at TRM Trust Site for reporting outages. If disruptive maintenance is scheduled, customers will be notified in advance via email.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access in management interfaces and support channels is restricted using Role-based Access Control (RBAC), enforcing Multi-factor Authentication (MFA), and Privileged Access Management (PAM). RBAC assigns roles and permissions based on responsibilities, limiting access. MFA adds security layers, requiring multiple verification factors. PAM tightly controls privileged access and monitors activities. Access attempts are logged and monitored for suspicious behavior. Regular access reviews ensure permissions align with current needs.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: SOC 2 Type II

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: SOC 2 Type II
• Information security policies and processes: We have information security policies that govern sensitive data handling, storage, and transmission. These policies are regularly reviewed and updated for alignment with industry best practices and compliance requirements.; Access Control: We implement access controls to restrict access to sensitive information based on the principle of least privilege. Access rights are granted only to authorized individuals and are regularly reviewed and revoked as necessary.; Data Encryption: We employ encryption technologies to secure data both in transit and at rest. This includes encrypting communication channels, databases, and storage devices to prevent unauthorized access or interception.; Incident Response Plan: We have an incident response plan to address security incidents. This includes procedures for detecting, analyzing, mitigating, and notifying of security breaches, ; Employee Training and Awareness: We provide regular training and awareness programs to educate employees about information security best practices and their roles and responsibilities in safeguarding company data. ; Compliance and Auditing: We undergo regular internal and external audits to assess compliance with relevant regulatory requirements and industry standards. This includes compliance with GDPR and any other applicable regulations.; We continuously monitor and evaluate our information security posture to for improvement and implement proactive measures to enhance our security controls and processes.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: TRM employs a traditional Software Development Life Cycle (SDLC) to assemble its SaaS solution, ensuring timely updates. Changes are communicated through verbal, email, and ticketing systems, tracked via Jira. Each stage, from identifying needs to deployment, is managed meticulously. Updates undergo iterative testing in development and testing environments before deployment to production. A robust change management process also assesses potential security impacts, ensuring compliance with policies and regulations. This comprehensive approach guarantees the reliability, security, and integrity of TRM's services throughout their lifecycle.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: At TRM Labs, we employ a comprehensive vulnerability management process to standardize the identification, assessment, and remediation of vulnerabilities and security misconfigurations throughout our software development lifecycle, combining automated scanning and manual review at various stages, including proactive code security checks, continuous scans for cloud environment vulnerabilities, and annual third-party penetration testing. Our security team then evaluates and contextualizes these findings, adjusting risk assessments as needed, and tracks and manages the remediation process meticulously through a specialized Jira project and a dedicated vulnerability management dashboard.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our protective monitoring processes swiftly identify potential compromises through advanced tools and continuous system monitoring. Upon detection, our security team initiates incident response procedures, isolating affected systems and collecting forensic data. We collaborate with stakeholders and escalate as necessary. Our goal is to acknowledge and address incidents within minutes, aiming for resolution within hours, depending on severity.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our incident management processes at TRM are comprehensive and transparent. We maintain pre-defined processes for common events, supported by a robust logging and alerting system tethered to an on-call system for core platform engineering teams. Users can report incidents through various channels, including in-app notifications for service disruptions. Upon notification, our dedicated response team swiftly investigates incidents, ensuring regulatory compliance while mitigating their impact. We provide detailed incident reports outlining the nature of the event, actions taken, and preventive measures implemented.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  As a SaaS company, we are deeply committed to combating climate change through a range of impactful initiatives:; ; Carbon footprint reduction: We prioritize energy-efficient infrastructure and data centers, optimizing resource usage to minimize carbon emissions. Our carbon footprint is rigorously measured by external resources, ensuring accountability and progress tracking.; Remote-first approach: Embracing a remote-first culture reduces commuting, significantly lowering carbon emissions. Virtual collaboration tools empower our team to work efficiently from anywhere, further reducing our environmental impact.; Renewable energy advocacy: We encourage our employees to power their homes with renewable energy sources like solar or wind power, promoting sustainability beyond our operations.; Green partnerships: Collaborating with eco-conscious suppliers and service providers amplifies our commitment to sustainability, fostering a greener supply chain.; Carbon offset initiatives: We invest in projects that neutralize our remaining carbon footprint, supporting endeavors such as reforestation, renewable energy development, and community-based sustainability projects.

  Covid-19 recovery

  We demonstrate our support for COVID-19 recovery through various initiatives:; ; Community assistance: We provide financial support or resources to communities affected by the pandemic, helping them rebuild and recover.; Employee support: We offer flexible work arrangements, mental health resources, and financial assistance to employees impacted by COVID-19, ensuring their well-being and stability during recovery.; Healthcare partnerships: We collaborate with healthcare organizations or initiatives to support vaccination efforts, provide medical supplies, or offer technology solutions to enhance healthcare delivery during recovery.; Educational support: We invest in educational programs or initiatives to address learning loss, support educators, and ensure students have access to quality education as part of the recovery process.

  Tackling economic inequality

  We address economic inequality through various initiatives aimed at leveling the playing field and empowering underserved communities:; Skills development programs: We provide training programs, workshops, or educational resources to equip individuals from marginalized communities with the skills and knowledge needed to thrive in the workforce.; Community partnerships: We collaborate with local organizations, non-profits, or government agencies to support economic development initiatives, job training programs, or entrepreneurship opportunities in underserved areas.; Diversity and inclusion initiatives: We prioritize diversity and inclusion within our organization and industry, advocating for equal opportunities and fair representation for all individuals, regardless of background or identity.; Impact investing: We allocate resources towards impact investing or social responsibility initiatives that address economic disparities and create positive change in disadvantaged communities.

  Equal opportunity

  We demonstrate our commitment to equal opportunity through concrete actions and initiatives:; ; Recruitment and hiring practices: We employ fair and unbiased recruitment processes, ensuring that job opportunities are accessible to individuals from diverse backgrounds. We actively seek to attract candidates from underrepresented groups and provide equal consideration for all applicants.; Diversity and inclusion initiatives: We foster a culture of diversity and inclusion within our organization, promoting awareness, understanding, and acceptance of differences. We provide training and resources to employees to cultivate an inclusive work environment where everyone feels valued and respected.; Equal pay policies: We maintain transparent and equitable compensation practices, ensuring that all employees receive fair and equal pay for equal work. We regularly review and adjust salary structures to address any disparities and promote wage parity across genders and demographic groups.; Professional development opportunities: We provide access to training, mentorship, and career advancement programs to support the growth and development of all employees, regardless of background or identity. We prioritize promoting from within and provide opportunities for skill-building and career progression.; Community engagement: We engage with local communities and organizations to support initiatives that promote equal opportunity, such as job training programs, educational outreach, and mentorship initiatives for underrepresented groups.

  Wellbeing

  To address employee wellbeing, we prioritize several key initiatives:; ; Mental health support: We offer resources such as counseling services, mental health workshops, and employee assistance programs to support the emotional wellbeing of our team.; Work-life balance: We promote flexible work arrangements, encourage time off, and provide tools for time management to help employees maintain a healthy balance between work and personal life.; Physical health initiatives: We offer wellness programs, fitness challenges, and access to gym facilities or virtual fitness classes to support employees in maintaining their physical health.; Social connection: We foster a supportive and inclusive workplace culture through team-building activities, social events, and opportunities for collaboration and connection among colleagues.; Recognition and appreciation: We celebrate achievements, recognize hard work, and provide opportunities for feedback and growth to foster a positive work environment where employees feel valued and appreciated.

Pricing

• Price: £33,272 to £41,590 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Two weeks trial access to TRM Forensics Premium for appropriately accredited UK clients.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at uk-gov-gcloud@trmlabs.com. Tell them what format you need. It will help if you say what assistive technology you use.