USING AI FOR AUDIT TECHNIQUES

Print

REFERENCE TO UPSC SYLLABUS: GS 2: POLITY: AUDIT MECHANISM IN INDIA; ARTIFICIAL INTELLIGENCE.

 THE CONTEXT: The Supreme Audit Institutions of G20 nation in a conference emphasised the need for a common international audit framework relating to Artificial Intelligence.

ABOUT AUDIT MECHANISM IN INDIA

Audit mechanism for businesses:

• • India’s audit regulations require businesses to comply with various types of audits, governed under different laws.
  • The most common audits are statutory audits, internal audits, secretarial and cost audits under the Companies Act, 2013, and tax audits under Section 44AB of the Income-Tax Act, 1961.
  • Since the commencement of the Goods and Services Tax (GST) law in 2017, businesses and entrepreneurs in India are also required to conduct GST audit each year.

Audit mechanism of government bodies:

• • Comptroller and Auditor General of India is the apex authority under Article 148 responsible for external and internal audits of the expenses of the National and state governments.
  • The CAG conducts financial audits, compliance audits, and performance audits.

WHAT IS ARTIFICIAL INTELLIGENCE?

• • Artificial intelligence (AI) is a wide-ranging branch of computer science concerned with building smart machines capable of performing tasks that typically require human intelligence.
  • While AI is an interdisciplinary science with multiple approaches, advancements in machine learning and deep learning, in particular, are creating a paradigm shift in virtually every sector of the tech industry.
  • Specific applications of AI include expert systems, natural language processing, speech recognition and machine vision.

AI REGULATION IN INDIA

India is experiencing a significant technological transformation that presents a tremendous opportunity to leverage innovation for economic growth but there has not been any stringent regulation taken so far.

However, some of the developments are:

• • According to the CAG, a web enabled IT application ‘One Indian Audit and Accounts Department One System’ is being developed. It is going to support multiple languages, offline functionality, and a mobile app, enabling complete digitalisation of the audit process from April 1, 2023. It will have only one exception, the defence audit, because of security dimensions.
  • NITI Aayog has circulated three discussion papers which touch upon AI. In each of these, there are references only to the AI regulations in the EU, the United States, Canada, the United Kingdom, and Australia. The time has come for India to have regulations in a manner that is consistent with the Indian ethos, by and for Indians.
  • There is a new consultation paper floated by the Telecom Regulatory Authority of India (TRAI) which said that the Centre should set up a domestic statutory authority to regulate AI in India through the lens of a “risk-based framework”. It also called for collaborations with international agencies and governments of other countries for forming a global agency for the “responsible use” of AI.
  • Also, tech major Microsoft, which has a stake in OpenAI, had floated a blueprint for AI governance in India titled “Governing AI: A Blueprint for India”. The paper proposed regulations prescribing safety and security requirements, then chart out deployment for permitted uses in a licensed Al data centre with post-deployment safety and security monitoring and protection.

GLOBAL INITIATIVES

• • Global organisations have developed many AI auditing frameworks. These include the COBIT framework for AI audit, the US Government Accountability Office framework, and the COSO ERM Framework.
  • European Union: EU have taken a predictably tougher stance by proposing to bring in a new AI Act that segregates artificial intelligence as per use case scenarios, based broadly on the degree of invasiveness and risk.
  • USA: USA is now setting the stage for defining an AI regulation rulebook by kicking off public consultations earlier this year on how to regulate artificial intelligence tools. This ostensibly builds on a move by the White House Office of Science and Technology Policy in October 2022 to unveil a Blueprint for an AI Bill of Rights.
  • China too has released its own set of measures to regulate AI.

SIGNIFICANCE OF USING AI IN AUDIT

• • Sampling Will Become Easier: Currently, auditors often manually audit an enterprise, and rely on statistical sampling to review hundreds of documents. But with the help of AI entire sets of documents can be scanned and reviewed.
  • Evidence Can Be Auto-Verified: With the help of Artificial intelligence, capabilities to sense, detect, and recognize data can increase which can help in auto verification. For example, biometric IDs control entry into data centres, while face-recognition software monitors personnel movement within the data center.
  • More Data Points Will Be Treated as Evidence: Auditors typically focus on the limited evidence that auditees share with them. On the other hand, machine learning and AI-capable systems can extract large amounts of data quickly from textual information, images, voice recordings, etc. Therefore, auditors will no longer need to limit themselves to the evidence provided by auditees and more data can be treated as evidence.
  • Continuous Auditing Will Be a Reality: As new data arrives, the AI system can immediately analyze it, and turn it into actionable information which can help in continuous auditing. An AI-based continuous control monitoring system could examine complete sets of records, and identify control violations.

ISSUES IN USING AI IN AUDIT

• • Issue in standardisation of data: One of critical issue in auditing AI systems is data standardization since the data for various government entities are taken from different sources and stored in multiple divergent platforms. Therefore, data integration and cross-referencing become cumbersome as Audits cannot be based on big data from unauthorised sources.
  • Ethical concerns: The fusion of technological progress and ethical considerations poses significant challenges. The Comptroller and Auditor General of India (CAG) warned that absolute dependence on Artificial Intelligence (AI) for auditing purposes may lead to ethical concerns.
  • Inaccuracy: Ensuring the accuracy of vast Internet data mines is a challenge. AI audit can pose challenge related to higher inaccuracy.
  • Legal issues: Addressing legal implications relating to content ownership is a formidable task in AI regulation. The content generated by AI systems may lead to potential copyright infringement issues, violating intellectual property rights.
  • Transparency and Objectivity: There is issue related to transparency and objectivity in these audits. There is risk of AI bias which is an inherent risk originating from the human bias that is added to the data sets of machine learning.

THE WAY FORWARD:

• • Synchronisation of data platform: The data platforms of all entities must be synchronised through the government’s IT policies for maximum and efficient use. There need to be capacity building of auditors in varied aspects of the AI technology landscape so that they are familiar with AI frameworks, tools, and software.
  • Address ethical concern: There is need to address ethical concerns related to AI models as only ethical AI can add credibility, trust, and scalability to the CAG audit and make it more inclusive. The existing definitions and taxonomies of AI must be examined to adopt what is legally acceptable.
  • Fairness and Avoiding Bias: A multifaceted approach is required to mitigate bias and ensure the safety and accuracy of AI models. Elon Musk wants to address these concerns by developing ‘Truth GPT’, a “maximum truth-seeking AI”.
  • Accurate and relevant: Data sets must be complete, gathered on time, accurate, available, and relevant. Accurate and relevant audit findings is necessary for ensuring integrity of the data fields.
  • Extra vigilant: The AI auditor must be extra-vigilant about the risk of inherent AI data bias if data are taken from unauthorised sources like social media, where data manipulation and fabrication are common.
  • Stakeholder consultation: As there are limited precedents for AI use, the national audit institution needs to communicate with all the stakeholders. AI audit assignments may require consultation with data scientists, data engineers, data architects, programmers, and AI specialists.

THE CONCLUSION

The need of the hour is that India should also to take a cue from the global initiatives and make appropriate legislation about the use of AI systems. With few frameworks available for auditing AI, auditors will be able focus on the risks, control and governance structures for efficient working of Audit system.

SOURCE: https://www.thehindu.com/opinion/op-ed/using-ai-for-audit-techniques/article67376003.ece

PREVIOUS YEAR QUESTIONS

1. 1. Exercise of CAG’s powers in relation to the accounts of the Union and the States is derived from Article 149 of the Indian Constitution. Discuss whether an audit of the Government’s policy implementation could amount to overstepping its own (CAG) jurisdiction. (2016)
   2. How is science interwoven deeply with our lives? What are the striking changes in agriculture triggered off by science-based technologies? (2020)

MAINS PRACTICE QUESTIONS

1. 1. What are the concerns related to use of Artificial Intelligence in audit mechanisms? What steps can be taken to address the issues?
   2. Discuss the current status of AI regulation in India. How it can be used efficiently for promoting transparent and effective auditing of various entities in India?