The short version
Every conversation about AI in accounting eventually reaches the same nervous question: if this thing makes a mistake, who’s on the hook? It’s a fair fear, and the answer is unglamorous. Liability didn’t move. It never left the desk of the person who signs.
A tool cannot be a professional. It cannot be admitted to a provincial body, it cannot be disciplined, and it cannot stand behind an opinion. When you sign a financial statement, a return, or an engagement, you are asserting that you exercised due care — not that your software did. Introducing AI into the workflow changes how the work gets done. It does not change who is answerable for it.
So the real question isn’t “who’s liable?” It’s the more uncomfortable one: given that you’re liable, can you actually see what the AI did before you put your name to it?
Why the black box doesn’t protect you
Most AI reaching accounting desks today is a black box. You type a prompt, a confident answer comes back, and there is no visible trail from the source document to the number on the page. It looks finished. It reads authoritatively. And that polish is precisely the danger.
“The AI told me so” is not a defence a regulator recognises. If you sign work you couldn’t verify, you haven’t reduced your risk — you’ve concentrated it, because you’ve accepted accountability for a conclusion you could not trace. An opaque tool that’s right most of the time still leaves you personally exposed the one time it isn’t, and you won’t know which time that is.
This is the quiet crisis in firms right now. Not that AI is being used — but that it’s being used invisibly, off to the side, with no record of what it touched.
Ungoverned AI already running inside a firm — staff pasting client data into consumer chatbots, unvetted tools drafting work that gets signed, with no policy, no audit trail, and no review. The problem isn’t that firms adopted AI. It’s that 91% of firms have no written AI policy, so the AI arrived anyway — through the side door, unsupervised.
What the standards actually say
No standard yet says “thou shalt not use AI.” But the duties that already govern professional work apply cleanly to AI-assisted work — and they point the same direction: the human stays responsible for care, confidentiality and competence. This is general information for practitioners, not legal advice; read each source in full and consult your own body.
AICPA Code of Professional Conduct — ET 1.700 (Confidential Client Information). A member must not disclose confidential client information without consent. Feeding client data into a tool that may retain or train on it is a disclosure question, not a convenience question.
IRS Circular 230 — due-diligence obligations. Practitioners must exercise due diligence in preparing and filing, and in the correctness of representations. Due diligence is an act of the practitioner; it cannot be outsourced to an unverifiable output.
CPA Ontario — Rules of Professional Conduct. Members must maintain professional competence and due care, and safeguard confidentiality. Using a tool doesn’t lower that bar — the member remains responsible for meeting it.
Read together, these aren’t obstacles to AI. They’re a description of what “responsible use” has always meant: know what you’re signing, protect what your client entrusted to you, and be able to show your work. A governed AI helps you meet those duties. An ungoverned one quietly puts them at risk.
The three questions to ask before you sign
- Can I trace it? For any figure the AI produced, can I follow it back to a source document and see how it got there — or am I trusting a number with no lineage?
- Did it tell me where it’s unsure? Does the tool flag its own low-confidence work and open questions, or does it present everything with the same smooth certainty?
- Would this survive a review? If a regulator, a peer reviewer, or opposing counsel asked me to defend this number, do I have the trail to do it?
If the answer to any of these is no, you don’t have an AI problem. You have a governance problem — and it has your signature on it.
AI you can sign for isn’t AI you trust blindly. It’s AI that shows its work, flags its own doubt, and hands you a file you can defend — so the judgment, and the accountability, stay human.
What “signable” AI looks like
The alternative to a black box is a glass box. Signable AI doesn’t ask for your trust — it earns your review. Three things make the difference:
- It’s traceable. Every conclusion carries its provenance: which document, which figure, which reasoning. You can open any number and see its origin, so review is verification, not faith.
- It flags its own doubt. Instead of smoothing over uncertainty, it surfaces it — marking low-confidence items and open questions for a human to resolve before anything is finalised.
- It keeps a human in the loop by design. Nothing is signed until a professional reviews it. The AI drafts and flags; the CPA decides and signs. That’s not a limitation — it’s the whole point.
This is why Lejjors is one governed stack — Pages, then Books, then Binder — rather than a pile of disconnected chatbots. Work that’s prepared inside a single traceable system is work you can actually stand behind. Patent-pending.
The firms that will win the next decade aren’t the ones that avoided AI, and they’re not the ones that adopted it recklessly. They’re the ones that governed it — who kept the glass box, kept a human on the signature line, and could always answer the only question that ever mattered: can you defend this?
Is AI-generated work covered by my professional liability insurance?
It depends on your specific policy, and many were written before generative AI was common in practice. Most policies cover the professional service you sign for rather than the tool you used to prepare it — but exclusions, disclosure duties and “reasonable care” conditions vary widely. Ask your broker to confirm, in writing, how your policy treats AI-assisted work before you rely on it.
Can I delegate the review to staff?
You can delegate the work of review, but not the responsibility for it. Whoever signs remains accountable for the result. Delegation only genuinely reduces risk when the reviewer can see and trace what the AI produced — the source, the reasoning and the figures — rather than rubber-stamping an output nobody can actually check.
Does using AI need to be disclosed to clients?
There’s no single universal rule, but your confidentiality and candour obligations still apply. Feeding client data into a tool that may store or train on it can raise duties under confidentiality standards such as AICPA ET 1.700. Being transparent with clients about how their data is handled is both prudent and, increasingly, expected. When in doubt, consult your provincial body.
What’s the difference between assistive and autonomous AI here?
Assistive AI drafts, flags and traces — a human reviews every conclusion before it’s signed. Autonomous AI acts and finalises on its own. For liability, the distinction is everything: assistive AI keeps a professional in the loop where the standards expect one; autonomous AI doesn’t remove your liability, it only removes your visibility into what you’re signing.