← Audit scenarios
GL Entry Review Audit Trail
Every journal entry reviewed by an AI agent: logged, hashed, and independently verifiable. Segregation of duties violations are auto-blocked. Your data stays in your environment.
The problem
PCAOB AS 2201 amendments require evidence that automated controls over financial reporting operated effectively, including AI agents that review journal entries. SOD violations caught by an agent need an immutable, independently verifiable record.
What gets logged
- Input fingerprint (SHA-256 of JE reference, account, amount, anonymized poster)
- Decision with flag subtype and severity (approve, flag, or block)
- Reliability signals: false positive rate, false negative rate, SOD detection rate
- Period attestation with SIGMODX-GL verification string
SOD violations
When the same person created and approved an entry, the agent records a segregation of duties violation and the entry is auto-blocked, regardless of agent ALLOW/LIMIT/BLOCK state. The block is hashed and verifiable at /verify.