SOX Evidence Mapping for AI Agents

Name: Veto
Availability: InStock
Author: Veto

An AI agent that posts a journal entry, reconciles a ledger, or affects revenue recognition is part of internal control over financial reporting. Sections 302 and 404 of Sarbanes-Oxley demand maker-checker controls, segregation of duties, and a reviewable decision record. Veto records each governed agent action as a reviewable control event.

Last updated: May 20, 2026

What is Sarbanes-Oxley?

The Sarbanes-Oxley Act of 2002 (Public Law 107-204) was enacted by the U.S. Congress on July 30, 2002, in response to Enron, WorldCom, and Tyco. Section 302 makes CEOs and CFOs personally responsible for the accuracy and completeness of financial reports. Section 404 requires management to establish, maintain, and assess the effectiveness of internal control over financial reporting (ICFR). The SEC enforces SOX; the PCAOB issues auditing standards. For AI agents, the practical issue is whether financially relevant actions have approval evidence and change history.

Why it applies to AI agents

Any AI agent that touches a financial process may be in scope. That includes order-to-cash agents, procure-to-pay agents, journal-entry automation, intercompany reconciliation, accrual calculation, and agents drafting parts of the close. The COSO Internal Control Framework, commonly used for SOX assessments, organizes ICFR around five components: control environment, risk assessment, control activities, information and communication, monitoring activities. Each component needs different evidence when the actor is non-human.

Segregation of duties is one of the most important SOX control patterns. SOX implementations rely on maker-checker patterns to prevent any single party from initiating and approving the same transaction. An AI agent that can both create and approve a journal entry collapses that segregation. Runtime authorization with approval workflows restores it by routing an agent-initiated transaction to a separate approver before commit.

Control mapping: SOX/ICFR to Veto features

The table maps the SOX provisions and COSO/PCAOB control activities most directly engaged by AI agents in financial workflows.

Control area	Requirement	Veto feature
Section 302	CEO/CFO certify disclosure controls and procedures are evaluated and effective	Decision record evidence supports the 302 evaluation memo for AI agent systems
Section 404(a)	Management annual assessment of ICFR effectiveness	Policy-as-code documents control design; decision records document operating effectiveness
Section 404(b)	External auditor attestation on ICFR for accelerated filers	Exportable decision records for auditor sampling
COSO CA	Control activities: segregation of duties (maker-checker)	Approval workflow routes agent-initiated transactions to independent reviewer before commit
COSO CA	Authorization and approval of transactions	Per-tool approval thresholds in policy YAML (e.g., journal entries above $X require approval)
ITGC	General IT controls: change management for systems supporting financial reporting	Policy diffs in git with reviewer approval and policy validation where configured
ITGC	Logical access controls: provisioning and deprovisioning of access	API key issuance, rotation, revocation with change history; per-agent scoping
AS 2201	Auditor obtains evidence of design and operating effectiveness	Policy files (design) + decision records (operating effectiveness) usable for auditor sampling
Monitoring	Ongoing monitoring and periodic evaluation of controls	Workspace with policy violation rates; alerts on unusual patterns; trend reports
Decision record	Decision record for transactions affecting financial reporting	Append-only decision record with agent ID, tool, arguments, policy version, outcome, reviewer
Section 802	Retention of audit records related to financial reporting	Configurable retention to support customer-defined financial-record retention policies
Exception review	Documented issue review and escalation procedures	Reviewer comments and rejection reasons captured in decision record for follow-up

Evidence Veto provides

SOX assessments produce two kinds of evidence: control design narratives and control operating-effectiveness samples. Veto outputs can support both.

Control narratives

Policy YAML files document control activities at the tool level. Reviewable in walkthrough sessions with internal and external auditors.

Operating effectiveness samples

Decision record entries support AS 2201 sample testing. Auditor selects N transactions; the log shows agent ID, tool, policy version, approver, outcome.

Maker-checker evidence

Approval queue records document segregation of duties: agent initiated, independent reviewer approved, both recorded with timestamps and identities.

Change management trail

Git pull request history with reviewer approvals, validation runs where configured, and signed commits documents ITGC change controls for the audit.

Implementation timeline

July 30, 2002Sarbanes-Oxley Act of 2002 (Public Law 107-204) enacted

2004SEC requires Section 404 ICFR assessments for accelerated filers

2007PCAOB Auditing Standard AS 5 (now AS 2201) issued for ICFR audits

AnnuallySection 302 quarterly and annual CEO/CFO certifications; Section 404(a) annual management assessment

AnnuallySection 404(b) external auditor ICFR attestation for accelerated and large accelerated filers

SOX exposure is not only legal. Material weakness disclosure can trigger audit scrutiny, remediation work, and investor trust loss. Veto's role is to preserve approval evidence and policy history for financially relevant agent actions.

Frequently asked questions

Does SOX apply to AI agents?

Yes, when AI agents touch any process that contributes to financial reporting. The Sarbanes-Oxley Act of 2002 (Public Law 107-204) imposes responsibility on CEOs and CFOs for the accuracy of financial statements (Section 302) and requires assessment of internal control over financial reporting (Section 404). If an AI agent reconciles transactions, posts journal entries, manages accruals, or affects revenue recognition, the agent is part of ICFR and must be assessed accordingly.

What is a maker-checker control and why does it matter for AI agents?

Maker-checker is segregation of duties at the action level: one party initiates a transaction, a different party approves it before it commits. SOX implementations rely on maker-checker as a key control. When an AI agent is the maker, the checker must be either another agent with documented independence or, more commonly, a human reviewer. Veto supports maker-checker by routing the agent's tool call to an approver before execution, with reviewer identity recorded in the decision record.

What does PCAOB AS 2201 require for IT-dependent controls?

PCAOB Auditing Standard 2201 (formerly AS 5) governs audits of internal control over financial reporting. For IT-dependent controls, AS 2201 requires the external auditor to test design and operating effectiveness, including general IT controls and application controls. AI agent authorization decisions can be treated as application-level IT control evidence; decision records can support the operating-effectiveness samples the auditor reviews.

How does Veto support SOX Section 404 management assessment?

Section 404(a) requires management to assess ICFR effectiveness annually. Section 404(b) requires external auditor attestation for accelerated and large accelerated filers. Veto provides artifacts both assessments need: policy-as-code documents the control design, decision records document operating effectiveness, approval queue records document segregation of duties, and policy version history documents change management.

Related evidence resources

SR 11-7 and OCC 2011-12

Model risk management for financial institutions

PCI DSS 4.0

Payment card security for agents in CDE

Financial Agents

Maker-checker patterns for financial agent workflows

When an agent posts a journal entry, the auditor still needs evidence. Make it inevitable.