If an algorithm cannot show its working, it has no business on a signed file. Most platforms handle that discomfort with a thin layer of “explainable AI” branding and hope nobody asks hard questions.
Monsoon was built the other way round. The Verification Framework is not a reassurance paragraph. It is the architecture the product runs on.
Every finding carries a receipt. Source data, source system, timestamp, rule applied. Nothing leaves the system without one.
When a regulator asks “how did you arrive at this conclusion,” the answer is not a conversation. It is a link. Click, read, defend.
On the file: One tap on any flagged anomaly opens the receipt. Machine-generated, immutable, export-ready in the format the regulator asks for.
Every working paper shows its state. Green for verified and signed off. Amber for verified and awaiting human review. Grey for out of scope with a named reason.
The sampling-era question was “did you test this?” The full-population question is “which of these did you test, and to what depth?” Verification Marks answer the second question before it is asked.
Checkpoints the machine cannot pass without a named human. Going-concern judgements, related-party classifications, final sign-off. Monsoon flags, assembles the evidence, and hands the file to the right person with the right seniority.
Partner liability does not move because you bought software. The gate log makes the split between machine work and human judgement explicit in the audit trail itself.
A £142,000 purchase posting lands in the ledger. Monsoon ingests it.
The knowledge base checks it against the client’s authority matrix. Department threshold is £75,000. Flag raised.
Supporting documents pulled. Invoice, PO and approval email cross-checked against the authority register. The approver named on the email is not authorised for this spend category. Second flag raised.
Evidence Receipt generated. Verification Mark set to amber. Routed to the Accountability Gate.
A named senior auditor reviews, decides it is material, raises with the client, signs off. Mark goes green.
The file carries the receipt, the mark, the gate log and the auditor’s name.
Machine time: four seconds. Auditor time: eleven minutes, not three hours. Same rigour. Full chain of custody.
If the agent produces a wrong answer, who carries the risk? You do. Same as today. That is the design.
How do I know the receipts are not retro-fitted? Generated at the point of the test. Written to an immutable log. A retrospective rewrite shows as an amendment with its own entry.
What about the parts Monsoon cannot test? Marked out-of-scope with a named reason. An engagement that is 94% tested and 6% sampled is labelled as such. Not rounded up.
Thirty minutes. Your data. You ask the awkward questions.
See your files run through it.
