Palantir Technologies UK, Ltd.

Tax Compliance Investigative Platform

Palantir's enterprise data management platform facilitates the detection and prevention of tax fraud across all types of tax avoidance and evasion. Powerful big data integration tools allow different types of users to collaborate across an organisation, optimising compliance and investigation efficiency at any degree of complexity or scale.

Features

• Centralised, flexible asset for all structured or unstructured tax data
• Management of data security and access permissions at dataset level
• Unified infrastructure enriches data for analysis across disparate data systems
• Secure collaboration enables analysis sharing internally or with partner agencies
• Accelerated development and deployment of machine learning and artificial intelligence
• Configurable, automated alert feeds based on priority searches
• Automated audit logging of user actions and data lineage tracking
• Filter-based alerting capability for tracking open investigations and risk profiles
• Custom dashboard and report building tools
• Distributed microservices model for seamless release of upgrades and security

Benefits

• Improve compliance by empowering non-technical users with intuitive analytics tools
• Share complex workflows between Risk, Intelligence, Fraud and Investigation services
• Reduce manual processing through automated data ingestion and streamlined cleansing
• Guard against data misuse by ensuring data protection law compliance
• Reduce foreign and domestic investigation times and improve compliance figures
• Analyse big data and accommodate increasing data with horizon scaling
• Drive collaboration between users and partners through the shared environment
• Leverage third-party and open source data to enrich existing datasets
• Rapid identification of suspicious activity and people, and associated linkages
• Secure sharing of visualisations between analysts and decision makers

£3,000,000.00 a licence

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@palantir.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

799621786204439

Contact

Palantir Technologies UK, Ltd.
+44 203 856 8404
gcloud@palantir.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: The Palantir platform requires regular updates, which typically occur every month. If the platform is blocked from being updated, it will be considered an 'unsupported' version, which Palantir will be unable to support. If a problem (i.e., security or bug issue) is discovered on an 'unsupported' version of the platform, the only course of action will be to upgrade the platform to the latest version.
• System requirements:
  • Windows capable of running provided JRE and JXBrowser software
  • MacOS, Microsoft Windows or unix-based operating system
  • 4 Physical Cores, 16 GB RAM, 250GB Hard disk

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Varies upon the severity of the issue, but generally a 24/7/365 response is available.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Varying levels of implementation engineering support services are included in our Capability-Based Licences. For additional support costs, please see the Pricing document. Further information can also be found in the Service Definition Document and our standard form Service Level Agreements (SLAs) can be provided on request.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The Palantir platform as a commercial software, is intuitive and can be used by technical and non-technical users alike. To help users learn to use the platforms, Palantir can design training plans and training materials based on its proven training curriculum. Curriculums include options for e-learning, and in-application help and support. At a high level, we can provide: (a) in-person, instructor-led training; specific training sessions held at customer locations tailored according to the user profile, specific contract requirements, and project stage; (b) internet webinars; available on a variety of topics, based on ongoing assessments of end user needs, allowing flexible scheduling as well as varying user adoption rates and location; and (c) self-guided learning; self-paced training through our web-based video training application that includes features such as videos and documentation. Additional information available on request.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Palantir can export all existing data in its platform into raw formats. Palantir’s software platforms have been purposefully designed to prevent vendor lock-in. As such, they have an open, pluggable architecture with publicly documented APIs at every tier of the software. All data in the platform can be securely exported in non-proprietary formats for use in other databases or systems. Palantir will work with the customer to determine the best export format(s) for customer datasets and their destination systems. Additional information available on request.
• End-of-contract process: Palantir commits to purge and destroy customer data from any computers, storage devices, and storage media that are to be retained by Palantir after the end of the contract period and the subsequent extraction of customer data (if requested by the customer). This service is included in the price of the contract. Additional information available on request.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Palantir platform is accessible on Android and iOS mobile devices. Full functionality will not be available, as not all features will be supported. Additional information available on request.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The Palantir platform uses a web based GUI for human users.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: The Palantir platform can be configured to conform with Section 508 and WCAG 2.1 level AA standards for navigation, operational controls, readability, help and documentation. Palantir has been approved to operate in environments where certain accessibility standards are required.
• API: Yes
• What users can and can't do using the API: The Palantir platform provides numerous APIs at all layers of its platform, including the analytics layer, allowing users to perform custom analytics within the platform through SQL, Java, Scala, Python, R and others. Users can customise both the results and the content of analyses, and third parties can consume both raw and derived datasets from the platform for further analysis. API documentation and advice on best practices for API usage can be provided upon request.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The Palantir platform integrates common data sources (including but not limited to HDFS, JDBC, SQL databases, flat files etc.) out of the box and can be configured to support other source systems or legacy technologies. It is designed it to be modular, configurable and scalable in order to meet the needs of a wide range of organisations.

Scaling

• Independence of resources: The Palantir platform uses DNS routing, gateways and elastic load balancing to ensure availability. Dedicated accounts and virtual resources are used on a per customer basis.

Analytics

• Service usage metrics: Yes
• Metrics types: The Palantir platform provides hundreds of metrics. Some common examples are average session length, drop-off rate, number of logins per user, number of accounts and search speed.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can export data from the Palantir platform in a variety of open formats including but not limited to HTML, Microsoft Office (PPT, DOC, XLS) and ArcGIS (SHP) .
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Pxml
  • JSON
  • Parquet in the GUI
  • Standard REST APIs
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • Flat files
  • HDFS
  • JDBC
  • JSON
  • SQL databases

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: The Palantir platform requires communication to be encrypted in transit and supports a variety HTTPS/SSL encryption ciphers for encrypting data in transit that prioritise security but allows for compatibility of browsers. The system prioritises TLS 1.2 256 with PFS. The ciphers can be modified to meet customer requirements.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Level of availability varies depending on the specific project. Our standard form Service Level Agreements (SLAs) can be provided on request.
• Approach to resilience: Information is available on request.
• Outage reporting: Various options available, including email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: The Palantir platform supports and prefers to use the customer's SAML 2.0 Single Sign-On solution to manage, review and authenticate users, where applicable.
• Access restrictions in management interfaces and support channels: Palantir employee access to the platform is approved by designated Palantir team leads following Palantir's annually updated and management approved access control policy/processes. Palantir's access control policy and procedures are based on the principles of least privilege and need to know. They include requirements for the verification of identity, regular verification of users and access, and procedures for new user access requests, changing access, and updating and deleting users upon termination or when responsibilities change. Only members of the Palantir team authorised and onboarded to the customer project may have access to customer data and administrative access to the platform.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Schellman and Company LLC
• ISO/IEC 27001 accreditation date: 04/02/2021
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • FedRamp Moderate
  • ISAE 3000 SOC 2 Type II
  • SSAE18 SOC 2 Type II
  • ISO 27017
  • ISO 27018
  • ISO 9001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Palantir's platform has a robust and effective information security program compliant with SSAE18 SOC 2 Type II, ISAE 3000 SOC 2 Type II, FedRamp Moderate, ISO 27001, 27017, 27018 and Cyber Essentials. For some specific UK Government requirements, Palantir adheres to the Cabinet Office Security Policy Framework and its derivatives.
• Information security policies and processes: For some specific UK Government requirements, Palantir adheres to the Cabinet Office Security Policy Framework and its derivatives. Further, Palantir's Information Security Program consists of the high-level policies and the standards, guidelines and procedures that support them. Palantir's Information Security policies are written to establish corporate information security intentions which align to ISO/IEC 27001/2, ISO/IEC 27018, NIST 800-53 and TSCP (Trust Service Criteria and Principles) industry accepted Information Security Management Systems (ISMS). The CISO together with the Information Security, Legal and Compliance teams are responsible for overseeing the development, implementation, enforcement and maintenance of all information security policies. Palantir's policies are reviewed annually, or whenever significant changes have been made in the operating or business environment. They are hosted on internal intranet pages and communicated to Palantir personnel during onboarding and through yearly acknowledgment. Additional information available on request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Palantir's platform follows a continuous deployment methodology enabling security and support engineers to patch, remediate, and upgrade services with little to no downtime or system-wide effects. Palantir’s Change Management Policy sets standards for upgrading capabilities, responding to threats, adhering to laws/regulations and contractual compliance, while limiting impact and ensuring adequate messaging. All changes to systems must be submitted as a “Change Request”. The relevant teams review the request, prioritise and develop a plan for implementation. Changes are tested and authorised users must approve changes in accordance with Palantir policies, with Customers notified of any major changes per agreed upon processes.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Palantir’s InfoSec Team operates an industry-standard vulnerability management process. This includes vulnerability scanning, deployment reporting, third-party penetration testing and monitoring external sources for vulnerabilities. Palantir maintains full-time Application Security (AppSec) and Computer Incident Response Teams (CIRT). The AppSec Team monitors software for security weaknesses. The CIRT is responsible for threat modelling and conducting threat intelligence. Palantir contracts third parties to perform vulnerability and penetration testing at least annually. Findings are prioritised based on criticality, severity, impact and tracked through tickets. Patches and configuration changes are pushed to Palantir Deployment Teams who push these updates to customer solutions using agreed procedures.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: The Palantir platform implements a broad spectrum of technical and operational controls that provide protection and detection of cyber-attacks, malicious intrusions and malware. Endpoints are deployed with host-based intrusion detection systems and all network traffic is processed through network-based intrusion detection systems. Anomaly detection occurs through detection, alerting and enrichment strategies implemented by threat intelligence engineers. Alerts are escalated to our Computer Incident Response Team, which provide 24/7 response capabilities across all Palantir assets. The Palantir Information Security Team provides incident detection and response capabilities across the entirety of Palantir's network.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: The Palantir platform has an incident management process for events that may affect the security, availability or confidentiality of Palantir systems. This process specifies courses of action, procedures for notification, escalation, mitigation and documentation. The policy is available to all employees. To help ensure timely resolution of incidents, the Incident Response Team is available 24/7 to employees and customers. When an infosec incident occurs, staff respond by logging and prioritising the incident according to severity. Events that directly impact customers receive the highest priority. An individual/team is dedicated to remediating the problem, enlisting the help of product/subject experts as appropriate.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Other
• Other public sector networks: MoDNet

Social Value

• Fighting climate change:

  Fighting climate change

  Palantir is committed to fighting climate change through effective stewardship of the environment. Palantir recognises the threat posed to our civilisation by unchecked climate change, and commit to play our part by conducting our company operations sustainably and by supporting our customers’ efforts to do likewise. We project that our carbon emissions will decrease to 3,790 tCO2e or lower by 2025. This is a reduction of 23% from 2019. We are working with the Science-Based Targets Initiative (SBTi) to make our commitment public, align with best-in-class standards for climate pledges, and help keep us on track as we work towards Net Zero. As part of this we: (a) seek to reduce emissions across Scopes 1, 2, and 3; (b) will offset any remaining emissions, where reducing emissions is not possible today; and (c) will report updates, review our actions and publish our progress on an annual basis. We have already rolled-out the following initiatives to fight climate change. (1) The Foundry Carbon Module, which provides an enterprise-wide picture of our largest emissions sources including electricity usage, business travel, and compute power. This includes the most granular available emissions factors that are automatically recomputed as new data is ingested. (2) Partnering with leading organisations pursuing Net Zero efforts. We have partnered with some of the world’s leading organisations to decarbonise the global materials supply chain, power renewable energy, and accelerate the roll-out of e-mobility (EV networks and air travel). (3) Reducing carbon impact of travel. Travel has historically been the biggest driver of our carbon footprint. Alongside global support for working-from-home, we are a participant in the EcoSkies Alliance. EcoSkies member companies will together pre-purchase 3.4 million gallons of sustainable aviation fuel - enough to eliminate ~31,000 metric tons of greenhouse gas emissions - worth over 220 million miles.
• Covid-19 recovery:

  Covid-19 recovery

  Palantir is committed to supporting the UK’s COVID-19 Recovery. Since the beginning of the COVID-19 pandemic, our software has played a key role in mitigating the impact of the COVID-19 outbreak across the UK. As an example, our software has been instrumental in helping the NHS manage the COVID-19 response. We see ourselves as contributing to this effort in two ways: (i) through supporting employment, re-training, and return to work initiatives; and (ii) providing secure workplace conditions. We create training opportunities for those who face employment barriers in the wider community by partnering with organisations like Bright Network and CodeFirst Girls, and through initiatives like our Bootcamp for Secondary School students. We seek to ensure all opportunities available for people located in deprived areas. We do this by: (a) providing travel and accommodation for all student programmes; (b) removing unnecessary educational qualification requirements from job descriptions; and (c) expanding our list of UK-based target universities.; We work with a diverse range of smaller businesses across the UK to increase supply chain resilience. When partnering with organisations on contracts, we actively employ measures to support smaller businesses’ involvement in our consortia. These include requiring no minimum revenue thresholds from our partners/subcontractors and establishing partnership teams to engage with and support smaller businesses throughout a contract’s journey. To support the British startup ecosystem, we have made our software available at reduced rates through our Apollo/Foundry for Builders programmes. Palantir commits to ensuring secure workplace conditions with regards to COVID-19 recovery, including through: (1) COVID-19 screening that is available for everyone entering our offices; (2) implementing effective social distancing measures on-site, including PPE provision and specialist cleaning; and (3) ensuring remote working options are available to all staff, where possible.
• Tackling economic inequality:

  Tackling economic inequality

  Palantir tackles economic inequality by supporting new businesses and offering programmes that teach new skills and provide employment opportunities to underrepresented groups. We support new businesses through our Foundry for Builders programme. Foundry for Builders makes our world class software platforms available to early-stage companies in industries ranging from health to entertainment. The programme allows new and emerging businesses to fully leverage our solutions at speed and at an affordable cost. Our Spring Insight Week, “Launch”, and our internship programme, “Palantir Path”, are designed to reach students who may not have had exposure to technical opportunities before college, especially those from underrepresented groups. It bridges the gap between what’s taught in school and what’s necessary to solve real-world problems, and offers tech industry work experience. As of 2021, 50% of our intern class was from the Palantir Path programme. In addition, Palantir offers scholarships to students from underrepresented groups in Science, Technology, Engineering, and Mathematics (STEM). These scholarships, up to £8,000 each, encourage students to pursue careers in STEM. Since 2010, scholarships worth in excess of £1,000,000 have been awarded through our 3 programmes (Future Fellowship, Women in Tech Scholarship and Global Impact Scholarship) to 187 students from 20 countries. We also offer training opportunities for those in the wider community here in the UK who face barriers to employment. This includes CodeFirstGirls and our Bootcamp for Secondary School students. These programmes lay the foundation for participants to obtain employment in high-growth sectors within the tech industry.
• Equal opportunity:

  Equal opportunity

  Palantir is committed to promoting values of diversity, equity, and inclusion at our company, with our clients, and across the broader tech community. We know it takes active effort to build an inclusive and equitable world where all voices are heard, and we’re dedicated to being part of the change. The pay gap is one of the most pervasive barriers to equal opportunity. We tackle inequality in pay by: (i) standardising pay across our entry-level roles to reduce pay gaps; (ii) publishing our UK Gender Pay Gap annually; (iii) mandating unconscious bias training for leads to ensure each employee has access to growth and career progression; and (iv) making anti-discrimination workshops mandatory, including Anti-Harassment Training. The skills gap is another deep-rooted barrier to equal opportunity. We have multiple programmes dedicated to helping people, including those from disadvantaged or minority groups, to move into higher paid work by developing new skills, including: (1) our Community Intersections Programme, which works to reduce digital skills gaps for our 9 Affinity Groups for disadvantaged/minority groups; (2) Learning Labs, which provide all members with up-skilling resources, including Microlearning Paths and Self-Guided Modules relevant to careers in cloud-based software and services; (3) Peer Mentorship, which offers mentorship and networking opportunities by pairing individuals with varying seniority levels and roles; (4) Palantir Launch Programme, a Spring Week for students from underrepresented groups in tech; (5) job descriptions which are reviewed for inclusive and neutral language; and (6) internship and scholarship programmes (see “Tackling Economic Inequality” for more details). In addition, we partner with a range of organisations that help connect underrepresented communities in tech with high-paying employment opportunities. These include Rewriting the Code (RTC), BreakLine, National Society of Black Engineers (NSBE), STEMWomen and CodeFirstGirls.
• Wellbeing:

  Wellbeing

  Palantir aims to promote the holistic health and well-being of our employees through our benefits and offerings programs. Parallel to this, we seek to improve community integration by promoting strong, integrated communities. All of our UK-based employees receive the following: (i) mental health support via multiple virtual and in-person offerings, such as fitness subscriptions, guided meditations and 24/7 confidential counselling and therapeutic support service, (ii) stress management resources, including a 24/7 hotline for veterans and their families; (iii) health screenings, on an annual basis as minimum; (iv) child and pet care services, to alleviate the stress of finding these services and support a productive work-life balance; and (v) a ‘take what you need’ time off policy, to ensure each individual employee takes sufficient rest time for their role, which is essential for both their mental health and ability to be productive. We understand that employee well-being also stems from active contribution to causes they believe in. To aid in this endeavour, we also promote community engagement through various volunteering programs. (1) Our environmental volunteering and advocacy interest group has over 300 members (which is 10% of our global staff), drawn from over 15 cities worldwide. (2) Our outreach with CodeFirstGirls provided women from Palantir with the opportunity to teach other girls coding. (3) Our Bootcamp for Secondary School Students, provides our employees with the opportunity to give final year secondary school students, with an interest in STEM, an insight into working at a software company.

Pricing

• Price: £3,000,000.00 a licence
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Based on customer requirements. Additional information available on request.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@palantir.com. Tell them what format you need. It will help if you say what assistive technology you use.