I use a local LLM to scrub my bank statements before they ever reach ChatGPT


Popular AI chatbots such as Claude, Gemini, and ChatGPT can analyze data from spreadsheets and other uploaded files. You can upload spreadsheets and ask them to create summaries, find patterns, and more. I wanted to use ChatGPT to analyze my spending to see if it could find ways to save money, but I didn’t want to upload my personal information to the cloud. Using a PII-detection tool and a local LLM, I was able to strip away the personal information before I uploaded my files.

Your bank statements reveal more than you think

Obvious identifiers are only part of the risk

Photo of a woman looking at illustrations of various graphs and charts. Credit: Shutterstock.com/Blue Planet Studio

There are some obvious details on a bank or credit card statement that I didn’t want to upload to the cloud. My bank account number, name and address, and even partial card numbers are all pieces of information that I didn’t want to be sharing unnecessarily. None of this information is needed to analyze my spending.

Beyond these obvious identifiers, however, financial statements contain many other details that can reveal information about you. For example, the details of normal transactions can potentially reveal where I shop, where I live, which doctor I visit, where my kids go to school, when I’m away from home and where I go, and the names of individuals I send payments to or receive payments from.

Uploading a bank statement with just the obvious details obscured may not be enough. If I want to maintain my privacy, I need to strip out a lot more. The good news is that I can do exactly that with a privacy tool and a local LLM running on a modest mini PC.

Presidio can strip out the details that are easy to spot

The first pass handles names, contact details, and financial identifiers

A CURL request to Presidio Analyze running on a mini PC, with text containing PII and the analysis explanation.

Presidio is an open-source framework for identifying and anonymizing personally identifiable information (PII). It can analyze extracted text for names, phone numbers, email addresses, locations, credit card numbers, and more. The detected text can then be replaced with placeholders such as [PERSON] or [PHONE_NUMBER] using Presidio’s Anonymizer.

You can add custom recognizers directly as part of your request so that Presidio can also redact information that it might otherwise leave untouched. For example, you can add specific account reference formats so that matching references can also be replaced.

I set up Presidio in a container on my mini PC. The Presidio processing takes place locally on that machine, so the data does not need to be sent to a third-party service.

Transaction descriptions can give away a lot of information

The most revealing details don’t always look like PII

A fake bank statement with transaction descriptions that reveal personal information.

The problem with using Presidio alone is that it may not catch everything. Presidio’s recognizers can miss things they have not been configured or trained to identify, but which could still expose personal or sensitive information.

For example, a payment reference for a school trip may inadvertently expose the name of my children’s school, while the name of a local club might be unique enough to reveal my location.

Presidio can’t understand the document in the same way an LLM can. It relies on configured recognizers, including pattern matching and contextual rules, to identify text that may contain PII. If something falls outside those patterns, it won’t be touched, even if it very obviously contains personal information.

A local LLM can catch what Presidio leaves behind

Clues to your identity can be replaced with useful labels

This is where a local LLM can help. LLMs can use context to spot potentially revealing text that Presidio might otherwise miss. For my use case, I could also prompt the model to replace sensitive text with useful placeholders.

For example, if a transaction description includes the name of my dental practice, that could expose my location. However, if the payee is simply replaced with “PAYEE,” this isn’t helpful when I want to analyze my spending. The most powerful AI in the world is going to struggle to give me useful spending advice if it can’t tell what the money is actually being spent on.

Using an LLM, I can replace the name of my dental practice with “dentist” or the name of my kids’ school with “school.” This gives ChatGPT enough information to work with, without exposing anything identifiable.

With a small local model running in Ollama on my mini PC and a carefully written prompt, I can identify and replace additional potentially identifying information before uploading the data to ChatGPT. This is where a local LLM really shines; you can upload sensitive data without worrying about where it might end up. It takes some time to run on my hardware, but it’s not something that needs to work instantly.

Two privacy filters may still not be enough

I always check the results myself

Closeup of financial papers spread out on a desktop next to a laptop. Credit: ANDRANIK HAKOBYAN/Shutterstock.com

The local LLM is there to catch details that have slipped past Presidio, but it can miss things, too. Even after running both passes, there’s no guarantee that all of the PII has been stripped from my data.

That’s why once my data has run through both Presidio and my local LLM, I go over it myself, looking for anything that has been missed. Only once I’ve checked the data personally am I comfortable that the risk of overlooked PII is low enough for me to upload the document to ChatGPT.

Checking manually doesn’t take too long, as I’m not uploading hundreds of documents at a time; when I analyze my spending, I’m usually only uploading one month’s statements. Since most of the PII has already been caught, I usually only need to edit one or two things here and there to remove additional personal information.


ChatGPT doesn’t need to know where I shop

AI chatbots are incredibly useful, but it’s easy to upload anything and everything to them without really thinking about it. I don’t want sensitive financial data ending up on third-party servers, and while OpenAI already holds account and payment information that includes my name and contact details, it really doesn’t need to know where I shop.



Source link

Leave a Reply

Subscribe to Our Newsletter

Get our latest articles delivered straight to your inbox. No spam, we promise.

Recent Reviews


YouTube has an AI slop problem, and its crackdown is catching legitimate creators in the crossfire. Faceless channels, where no human host ever appears on screen, have existed for years and are not inherently AI-generated.

Many are run by solo creators who simply prefer to stay anonymous. The problem is that AI tools made it easy to flood the platform with low-effort faceless content at scale, and YouTube’s algorithm is now penalizing the format as a whole.

How bad is the AI slop problem on YouTube?

A Kapwing study found that roughly 21% of the first 500 videos recommended to a new YouTube account were classified as AI slop, while 33% fell into a broader brainrot category. The problem extends to children, too, as more than 40% of YouTube Shorts recommended to kids in a 15-minute session contained low-quality AI content.

YouTube’s response has been to tweak its algorithm to favor videos with real human faces on camera, which is hitting faceless creators even when their content is entirely human-made.

How is YouTube tackling its AI slop problem?

YouTube is now testing a new pop-up on mobile that asks viewers to rate whether a video feels like AI slop, on a scale from “not at all” to “extremely.” The idea sounds reasonable, but crowdsourcing AI detection has real problems. People are bad at spotting AI content, and they are getting worse at it as AI capabilities continue to improve.

There are also legitimate concerns that YouTube could use this viewer feedback as training data for its own AI models, potentially making future AI-generated content even harder to spot.

🚨 Did you just see what YouTube did?

YouTube isn’t banning AI slop.. They’re making you label it so they can train their next model to not look like slop.

Read that again…

You flag the bad AI content. YouTube collects it. Google feeds it into Veo 4… Then next year their… https://t.co/8UC2J3mjjv pic.twitter.com/mIrTChqC1b

— Tuki (@TukiFromKL) March 17, 2026

Meanwhile, faceless creators are scrambling to adapt. According to The Hollywood Reporter, some are hiring cheap on-camera hosts through platforms like Fiverr and Upwork. Others are doubling down on niche educational content, which has held up better than broad content farms.

The AI text-to-video space is still valued at enormous sums, with Higgsfield AI alone sitting at $1 billion, but on YouTube, the math for faceless creators is getting harder to work out every month.



Source link