For Saudi audit, law & professional firms

What does SOCPA's client-confidentiality duty mean for using AI on client data?

Ithbat guide·Arabic-first·Built in Saudi Arabia
Quick answer

SOCPA-licensed accountants carry a professional duty to keep client information confidential, and that duty applies to AI tools just as it applies to any other disclosure. Pasting client financials into a public AI service hands the data to a third party outside your control. The safer approach: treat AI like any other third-party disclosure, keep sensitive data on systems you control, and keep evidence of how you handled it.

The confidentiality duty every SOCPA-licensed accountant carries

SOCPA-licensed accountants and auditors carry a professional confidentiality duty over the information they obtain during client engagements — financial statements, working papers, payroll data, ownership structures, and anything else a client shares to get their books audited or their taxes filed. This is one of the core obligations of practicing under a SOCPA license, alongside independence and technical competence. In general terms, the duty means client information is used only for the purpose the client shared it for, and disclosed only to people who need it to do the work — not shared, exposed, or handed to outside parties without the client's knowledge or a clear professional basis for doing so. The duty was written before generative AI existed, but it doesn't carry a carve-out for it. It applies to how a firm handles client data, full stop, regardless of the tool involved.

Why pasting client data into a public AI tool is a problem

When someone at a firm pastes a client's trial balance, a draft financial statement, or a working paper into a public AI chat tool to save time, the client's information leaves the firm's control and goes to a third party the client never agreed to. Even if the AI vendor's terms promise not to misuse the data, the firm no longer knows exactly where the data is processed, how long it is retained, or who at the vendor — or which of the vendor's own subprocessors — could access it. In substance, that is a disclosure to a third party, not so different from mailing client files to an unrelated company. It may be entirely well-intentioned, since the accountant just wanted a faster way to summarize a report, but good intentions don't change what actually happened to the data.

This is also why the real question isn't whether AI is good or bad. Most firms have entirely legitimate, low-risk uses for AI: drafting an internal memo, summarizing public regulatory updates, writing routine email text. The confidentiality duty is only in tension with the narrow slice of AI use that touches actual client data.

The real distinction: keeping control vs. handing data to a third party

The confidentiality duty isn't a blanket ban on technology. Firms already use cloud accounting software, email, and outsourced IT support, all of which involve some third party touching client data under contract. What matters is whether the firm keeps control of the data and can account for where it went, or whether the data left the firm's control with no way to track or restrict it.

Two questions worth asking before any client data touches an AI tool:

A firm that runs AI on infrastructure it owns and controls, with records of what happened, is in a materially different position than a firm pasting client files into a public chatbot with no logging and no contract governing that specific use.

Practical steps a SOCPA-licensed firm can take

Confidentiality evidence: turning a duty into a demonstrable practice

The confidentiality duty is something firms have always had to satisfy quietly, largely on trust. AI changes that calculus because it introduces a new, fast-moving category of third-party data handling that clients increasingly ask about directly. Firms that can show — matter by matter, not just as a general policy statement — what happened to a client's data are in a stronger position than firms that can only assert it happened.

That's why a record kept at the point of use matters: not a policy document describing intentions, but an actual account of each time client data was processed and where. Producing that kind of evidence on request is one of the more concrete ways a firm can demonstrate diligence to a client, to a partner reviewing a file, or to a professional-standards reviewer — and it protects the firm's own licence and reputation, not just the client's data.

Protecting client confidentiality when adopting AI isn't primarily a regulatory exercise — it's how a firm protects its own licence, its client relationships, and its reputation in a market where client trust is the entire product.

How Ithbat fits in

Ithbat is built around exactly this distinction. It installs on hardware the firm already owns and classifies every prompt before processing it for Saudi-specific sensitive data — national ID/Iqama numbers, IBANs, VAT and commercial-registration numbers, client financial details, and related Arabic and English keywords. Prompts that touch sensitive data are kept and processed on the firm's own hardware and are never offered to any cloud AI provider. Prompts that don't touch sensitive data can still be routed to a frontier cloud AI, such as Claude or ChatGPT, on the firm's own account — so everyday AI use isn't cut off; only the confidential slice of it stays local.

Every inference, local or cloud-routed, produces a tamper-evident, hash-chained record, and only that record's metadata — never the prompt or response content, never API keys — reaches the firm's dashboard. That record is what turns "we handled your data carefully" into something a firm can actually show, matter by matter, which is the practical core of meeting a confidentiality duty rather than just intending to.

Frequently asked questions

Does SOCPA prohibit accountants from using AI tools?
No. The confidentiality duty doesn't ban AI, but it does mean firms need to be deliberate about what data goes into which tool, and keep the client's confidential information under the firm's control.
Is it a confidentiality breach to use ChatGPT for client work?
It depends on what's pasted in. Drafting a generic email is very different from pasting a client's trial balance. Uploading identifiable client financial data to a public AI tool with no way to control or account for where it went sits uneasily with the confidentiality duty a SOCPA-licensed accountant carries.
What counts as client data under the confidentiality duty?
In general terms, any information obtained during a client engagement that isn't already public: draft financial statements, working papers, payroll and ownership data, personal identifiers such as national ID/Iqama numbers or IBANs, and anything else the client shared for the purpose of the engagement.
Can a firm still use cloud AI at all?
Yes, for work that doesn't touch confidential client data, such as internal drafting, public research, or general correspondence. The tension is specifically with sending confidential client information into a cloud service the firm can't control or account for.
How can a firm prove it protected client confidentiality if a client asks?
By keeping a record, at the point AI was used, of what was processed and where, not just a written policy. A per-matter evidence trail lets a firm answer specifically, rather than relying on a general assurance.

See where your firm stands — in 60 seconds

Take the free self-check to see your client-confidentiality exposure band instantly. No sign-up needed to see your result.