Companies House UK has released guidance confirming that minors can now apply to have their information protected from becoming available to the public on the 31 August 2025.

In principle, this seems a fairly straightforward position to take and the latest update to the guidance confirming that a minor does not have to prove that the availability of that information would put them in danger but rather just that they are a minor or lack capacity, seems equally reasonable. In light of moves towards stronger protection for the more impressionable against the dangers of social media, it would be hypocritical of authorities not to take steps to protect the same people from the public access to personal information and connected assets via a government run database.

The obvious pitfall to this approach is that minors are unlikely to be aware that they are beneficiaries of a trust, let alone whether or not their information has been entered in the Register of Overseas Entities ("ROE"). And whether they will be willing to pay the £100 application fee and go through the online process of requesting the paper (yep, you read that right) application form.
It seems that some common sense has prevailed and it is now possible for these applications to be submitted on behalf of a minor or vulnerable person by trustees of a trust or by someone who lives with them. There may be measures in place to prevent duplicate applications but the £100 application fee must be paid in order for all applications to be considered. It is worth noting that even without applying to have information protected, any requests for information about a minor (or about more than one trust) will require a legitimate interest test whereby the applicant must provide evidence that they are investigating money laundering, terrorist financing, tax evasion, or avoiding the UK sanctions regime.

There are measures under the Economic Crime (Transparency and Enforcement) Act (“ECTEA”) that require each registrable person is advised before their information is submitted. The person then has one month to reply confirming their status and their personal information. Trustees must also provide information on trusts including beneficiaries within that timeframe.

Communication between trustees and beneficiaries is key but it does help matters hugely if beneficiaries know that a trust exists and trust structures are not often explained to pre A-level stage beneficiaries for a number of reasons. Having to start a trust relationship with a beneficiary by explaining the ROE could make for quite an awkward opening conversation! “You know that you’re constantly being reminded to be careful about information you share online? Funny story…”. 

As trustees, the best interests of the beneficiaries is paramount and even once a request for protection of information relating to a minor is approved, like Cinderella, that coach turns into a pumpkin at midnight of their 18th birthday so that makes for an interesting “To be opened on your 18th birthday” letter. Or private Insta reel perhaps because the intention is that they read it after all. At such a point, or for beneficiaries already “of age”, their information (and indeed any trust-related information) shall continue to not be available online via Companies House but can be requested by members of the public provided certain information is included as part of the application, including the name of the overseas entity and the name of the trust, which would effectively limit requests to persons with knowledge of the existence of the trust. Further information about the process to access trust information is still to be published at the time of writing. Protection of personal information from the request process will only be available at such a point to those individuals who can prove that they are “at risk of harm or intimidation” as a result of the information being made available to the public. Guidance on what constitutes a risk and what would suffice as evidence is not currently available but the same process is available to directors and PSCs under the Companies Act 2006 and government guidance suggests as a non-exhaustive list: a police incident number, documentary proof of a threat or attack, examples of disruption or targeting, and examples of your work for the company whose activities put you at risk. 

People understand the reasons for the measures imposed by the ECTEA and its connection with the war in Ukraine but the implementation of its objectives gives cause for concern. Trusts remain a valuable tool under common law in the protection of minors and vulnerable individuals from themselves and those who would seek to mislead or manipulate them. Why then, is it necessary for the case to be made after the fact, potentially by the very people who may not have the resources to advocate for themselves? Information to be submitted includes dates of birth and could easily include information on other risk factors so why has the legislation not built in protection of those who need more protection, a core principle of our society, at the outset? Must we sacrifice the privacy and security of the vulnerable to satisfy the curiosity of the public?