← Audit scenarios

GL Entry Review Audit Trail

Every journal entry reviewed by an AI agent: logged, hashed, and independently verifiable. Segregation of duties violations are auto-blocked. Your data stays in your environment.

The problem

PCAOB AS 2201 amendments require evidence that automated controls over financial reporting operated effectively, including AI agents that review journal entries. SOD violations caught by an agent need an immutable, independently verifiable record.

What gets logged

  • Input fingerprint (SHA-256 of JE reference, account, amount, anonymized poster)
  • Decision with flag subtype and severity (approve, flag, or block)
  • Reliability signals: false positive rate, false negative rate, SOD detection rate
  • Period attestation with SIGMODX-GL verification string

SOD violations

When the same person created and approved an entry, the agent records a segregation of duties violation and the entry is auto-blocked, regardless of agent ALLOW/LIMIT/BLOCK state. The block is hashed and verifiable at /verify.

Integration

Available for Q3 2026 pilot