1. Objective
The objective of this regulation is to ensure that AI-based systems used for detecting accounting errors in financial reporting operate with high accuracy, transparency, and auditability, while upholding ethical standards and minimizing systemic risk to financial markets.
2. Scope
This regulation applies to all financial institutions, corporate entities, and accounting service providers that deploy AI or machine learning systems for:
- Detection of anomalies in financial statements.
- Fraud detection or anti-fraud controls.
- Validation of compliance with accounting standards (local and international).
- Real-time monitoring of transactional data for errors or irregularities.
3. Regulatory Principles
3.1 Accuracy and Reliability
- AI systems must be trained on high-quality, representative accounting datasets.
- Accuracy thresholds must be defined, with mandatory reporting of false positive and false negative rates.
- Models must undergo continuous validation and recalibration to reflect changes in accounting standards or business operations.
3.2 Transparency and Explainability
- Systems must provide clear explanations for flagged errors, including the rationale for anomaly detection.
- Outputs must be interpretable by accounting professionals and auditors.
- Documentation of model architecture, feature selection, and decision logic is required.
3.3 Auditability
- AI systems must maintain immutable logs of all transactions analyzed and anomalies flagged.
- Auditors must have access to both AI outputs and the underlying reasoning to verify system performance.
- Version control of AI models, including retraining history, must be maintained.
3.4 Governance and Accountability
- Entities deploying AI systems must appoint a responsible officer for AI oversight.
- Governance frameworks must include internal audits, ethical reviews, and risk assessment procedures.
- Third-party AI providers must comply with the same regulatory requirements as end-user organizations.
3.5 Data Privacy and Security
- Systems must comply with applicable data protection laws.
- Sensitive financial data must be encrypted, with access limited to authorized personnel.
- AI models should not store personally identifiable information beyond operational necessity.
3.6 Risk Management
- Entities must conduct impact assessments to identify potential errors, systemic risks, or biases introduced by AI models.
- Contingency procedures should be established for AI failures, including fallback to manual review.
4. Reporting Requirements
- Annual reports must include:
- Performance metrics of AI detection systems.
- Significant errors detected and remediation measures taken.
- Updates to AI models and validation outcomes.
- Material incidents of AI failure must be reported to Neftaly within 30 days.
5. Enforcement and Compliance
- Non-compliance may result in sanctions, fines, or restrictions on AI system deployment.
- Neftaly may conduct audits, inspections, and model performance assessments.
- Entities must remediate deficiencies within regulatory timelines.
6. Standards and Certification
- Neftaly will develop certified guidelines for AI accounting error detection systems, including benchmark datasets, model performance standards, and audit protocols.
- Certified systems will be recognized for regulatory compliance, providing assurance to stakeholders and auditors.
7. Continuous Improvement
- Entities are encouraged to contribute to industry-wide knowledge sharing on AI error detection performance.
- Neftaly will periodically review and update guidelines to align with technological advances, emerging risks, and international best practices.