From SAI20 to AI Audits: Can CAG Deliver Ground-Level Results?
PM Narendra Modi with PMs of Australia and Canada on sidelines of G20 Summit (Image Mark Carney on X)
India’s top auditor has embraced AI and global audit diplomacy—but the real question is: has it changed anything on the ground?
By P. SESH KUMAR
New Delhi, April 30, 2026 — The CAG of India’s leadership of the SAI20 during India’s G20 Presidency was a significant reputational and agenda-setting moment. It placed two modern audit themes-Responsible Artificial Intelligence and Blue Economyon the global public audit table, and projected the CAG as a Supreme Audit Institution (SAI) willing to move beyond traditional voucher-checking into technology-enabled, outcome-oriented oversight. But the harder question is not whether the conferences sounded impressive; it is whether they have already produced stronger domestic audit reports, sharper audit methods, faster audit resolution, better use of data, and visible value at the level of ministries, states, schemes and citizens.
The answer is mixed. The initiatives do not appear to be empty rhetoric, because they have produced compendiums, training efforts, an AI Strategy Framework, work on CAG-LLM, data analytics cells, remote audit plans, and at least one visibly relevant Blue Economy-linked audit product such as the CAG’s 2025 report on Indian National Centre for Ocean Information Services (INCOIS). Yet the transformation is still in its early institutional stage. The public record does not yet show a large stream of domestic audit reports whose findings are demonstrably AI-generated, data-analytics-driven, or directly traceable to the SAI20 Responsible AI and Blue Economy agenda.
The SAI20 initiative gave CAG India global visibility and a modern vocabulary. The real test now is whether that vocabulary becomes audit evidence, audit algorithms, sharper sampling, fraud detection, predictive risk flags, ministry-wise dashboards, faster settlement of inspection reports, and Parliament-facing audit reports that unmistakably show how technology changed the audit conclusion.
The SAI20 initiative under India’s G20 Presidency was, in many ways, a well-timed intervention. Public audit across the world is struggling with the same paradox: governments are becoming more digital, more data-rich and more algorithm-driven, while many audit institutions still work with methods designed for paper files, post-facto examination and fragmented departmental records. Against this background, the CAG of India, as Chair of the SAI20 Engagement Group in 2023, proposed Blue Economy and Responsible Artificial Intelligence as priority themes. The PIB release of 11 June 2023 records that the CAG chaired the SAI20 Engagement Group, hosted the Goa Summit, and placed these two themes before participating SAIs; it also stated that SAI India would present compendiums on Blue Economy and Responsible AI to guide future audits.
This was not an insignificant diplomatic exercise. For an audit institution often judged domestically by the number and sharpness of its reports, SAI20 allowed CAG India to occupy a broader intellectual space: not merely as an auditor of expenditure already incurred, but as a convener of global audit thinking on emerging risks. The CAG’s 2024 SAI20-related press release, issued during the Brazil presidency, continued this line by noting that CAG participated as part of the SAI20 Troika and urged audit strategies that leverage data analytics and technology for more targeted and outcome-oriented recommendations. This is important because it shows continuity beyond the ceremonial moment of India’s G20 year. The language was no longer only about international cooperation; it was about changing audit strategy itself.
The Blue Economy theme was particularly relevant for India. India’s coastline, fisheries, ports, ocean data systems, disaster warning architecture, offshore energy, coastal ecology and marine livelihoods make ocean governance a natural subject for performance and compliance audit. The SAI20 discussion therefore had a credible domestic policy base.
India’s APA Programme: CAG, Tax Certainty & Fiscal Accountability
The later CAG Report No. 8 of 2025 on the activities of the Indian National Centre for Ocean Information Services is a notable example of a domestic audit product in this broad area. The report records that India’s 7,517 km coastline supports millions of fishermen and coastal communities, that Blue Economy is vital to national growth, and that the audit examined INCOIS services such as Ocean State Forecast, Potential Fishing Zones, Data Services and Tsunami Early Warning. This report is not merely decorative. It identifies project delays, weak project management, shortage of high-performance computing capacity, human-resource limitations and shortfalls against project targets. In substance, therefore, it does what a good Blue Economy audit should do: it moves from slogan to systems, from ocean romance to project governance.
But one must be careful before overstating the link between SAI20 and that INCOIS report. The audit covered the period 2017–2022 and appears to have arisen from regular audit planning rather than being publicly shown as a direct product of the SAI20 Blue Economy compendium. Thus, it is fair to say that CAG has produced a relevant domestic audit in the Blue Economy space, but it is not yet fully demonstrated from the public record that the SAI20 initiative itself caused a new generation of Blue Economy audits across coastal states, ports, fisheries, ocean research bodies, marine pollution control and coastal livelihood schemes. A single INCOIS audit is a useful beginning; it is not yet an audit movement.
There is no publicly available evidence (as of now) that the CAG’s Report No. 8 of 2025 on INCOIS has yet been taken up, examined, or reported upon by the Public Accounts Committee of India (PAC). Given the well-known time lag between tabling of CAG reports and PAC examination, this is not unusual-but it does mean that no PAC recommendations are currently available in the public domain. In the absence of PAC scrutiny, the audit remains at the stage of diagnostic observation rather than enforced accountability.
Now to the more substantive and uncomfortable question-is this a landmark, internationally laudable audit, or a modest, even apologetic effort?
The INCOIS audit certainly has conceptual merit. It aligns neatly with the Blue Economy narrative championed during India’s G20 Presidency and under SAI20. It identifies a strategically important sector-ocean information systems-with clear public relevance: fishermen safety, disaster warning, climate resilience, and marine resource optimisation. It also moves beyond mere financial compliance into performance dimensions-project delays, capacity gaps, technology constraints, and service delivery effectiveness. In that sense, it is not a routine audit; it shows an attempt to enter a new domain.
But that is where the praise must pause-and the critique must begin.
For an audit to be considered “landmark” internationally, it must demonstrate at least three things: methodological innovation, depth of systems analysis, and measurable policy impact. On these counts, the INCOIS report appears incremental rather than transformational.
The audit does not visibly deploy advanced data analytics, satellite data validation, predictive modelling, or real-time system testing, which would have been natural in a technology-heavy domain like ocean services. Nor does it appear to benchmark India’s systems rigorously against global best practices (e.g., NOAA, ECMWF, Japan Meteorological Agency) in a structured, evidence-backed manner. The findings-while relevant-remain largely within the familiar terrain of delays, capacity shortages, and implementation gaps, which could apply to many government programmes.
More importantly, the audit does not yet demonstrate clear downstream impact: no evidence of policy redesign, funding restructuring, institutional overhaul, or measurable service improvement traceable to the audit. Without PAC follow-up, the enforcement chain is incomplete.
So where does that leave us?
National Geospatial Policy 2022: Gaps & the Case for CAG Audit
It would be unfair-and analytically incorrect-to dismiss the report as a “poor apology.” It is a credible first step into Blue Economy auditing, and it signals intent. But it would be equally overstated to project it as a globally path-breaking audit product. At present, it sits somewhere in the middle: a thematically aligned, technically competent audit that has not yet crossed the threshold into high-impact, technology-driven, internationally benchmarked performance auditing.
In blunt terms: Good beginning, but not yet a benchmark.
The real test will lie ahead. If future audits in this domain begin to show deep data integration, cross-country benchmarking, real-time analytics, and demonstrable policy correction, then this INCOIS audit may be remembered as the first stepping stone. If not, it risks remaining what many such reports become-well-written, well-intentioned, but ultimately absorbed into the archive without systemic transformation.
The Responsible AI initiative is even more ambitious, but also more difficult to judge. The PIB release rightly noted that with AI entering governance, SAIs must prepare to audit AI-based governance systems and also use AI to improve their own audit techniques. This distinction is crucial. Auditing AI and using AI for audit are two different challenges. The first asks whether government AI systems are fair, lawful, transparent, explainable, secure and accountable. The second asks whether auditors can use AI to detect anomalies, select samples, read large volumes of documents, identify risk patterns and produce sharper audit insights. CAG’s later Artificial Intelligence Strategy Framework, issued in April 2025, attempts to address both sides by providing structured guidance for adoption of AI tools across the audit lifecycle and by referring to smarter data analysis, anomaly detection, risk assessment, predictive insights, ethical use, data privacy, model governance and capacity building.
This framework is a serious institutional step. It is no longer conference prose alone. It gives the department a formal internal reference point. It tells field offices that AI is not a fashionable toy but an audit capability that must be governed, trained, tested and used responsibly. It also acknowledges that the Government of India is increasingly using AI in various platforms and that the audit institution must have the capacity to audit such systems. That is exactly where a modern SAI should be positioned. If welfare delivery, tax administration, procurement, policing, healthcare targeting, education platforms, digital identity-linked schemes and citizen-service systems increasingly depend on algorithms, the public auditor cannot remain a manual reviewer of files.
The question, however, is whether this has already become visible in domestic audit products. Here the evidence is thinner. The public material available so far shows a framework, training, announcements and systems under development, but not yet a body of tabled audit reports clearly saying: this finding emerged from AI-assisted anomaly detection; this risk universe was built through machine learning; this procurement red flag was identified through pattern analysis; this beneficiary fraud was detected by entity resolution; this scheme leakage was mapped through predictive analytics.
The September 2025 CAG press release on remote auditing and digital transformation states that the proposed CAG-Connect Portal would provide nearly 10 lakh auditee entities a unified digital interface to respond to audit queries and that CAG-LLM was under development to help auditors access decades of institutional knowledge, analyse large datasets and inspection reports, identify patterns and risks, and prepare more incisive audit insights. This is promising, but the operative words are important: “soon-to-be-launched” and “under development.” The promise is large; the publicly verifiable outcome is still limited.
The international conference held in September 2025 further confirms that CAG India is trying to build an AI ecosystem around audit. SAI India, in collaboration with IIT Madras, presented an initiative to develop a Large Language Model (LLM) trained on audit and inspection reports, and a nine-month AI/ML certification programme was announced for other SAIs as well. This is valuable for capacity building. It also gives CAG India a chance to become a supplier of audit knowledge, not merely a consumer of foreign models. But here again, the ground test is not whether an LLM was announced. The test is whether the LLM reduces audit cycle time, improves the quality of draft paragraphs, detects repeated irregularities across states, reduces weak observations, improves follow-up on inspection reports, and gives Parliament and State Legislatures better evidence. Those results are not yet visible in the public domain. Of course, these take time.
CAG’s international strategy document for 2025–2029 is also revealing. It says that OIOS has been deployed across 130 audit offices and 29 A&E offices and has stabilised, and it proposes internationalisation of OIOS as a customised audit management solution for other SAIs. This is perhaps the most concrete systems-level achievement among the broader technology initiatives. OIOS can standardise audit workflow, improve planning, preserve evidence, track observations and create institutional memory. But even here, the public record still needs stronger performance disclosure. Has OIOS reduced the time from audit planning to report finalisation? Has it improved the quality of risk-based audit selection? Has it reduced repetitive audit objections? Has it improved compliance follow-up? Has it helped PACs receive better, timelier material? Unless such metrics are disclosed, OIOS remains a potentially powerful platform whose value addition may be internally plausible but externally under-demonstrated.
The same caution applies to training and capacity building. The ICISA material records that customised AI and machine-learning training programmes have been developed with institutions such as IIT Madras and IIT Delhi, focusing on real audit use cases including anomaly detection, predictive analytics and natural language processing. This is an encouraging sign.
Auditing the Invisible State: Can CAG Expose Faceless Tax Power?
Audit transformation cannot happen merely by buying software. It requires auditors who understand data quality, algorithmic bias, false positives, model explainability and evidentiary standards. But training is an input, not an outcome. The real outcome will be visible only when field audit teams use these skills in concrete reports that stand scrutiny from ministries, legislatures and the public.
The strongest criticism, therefore, is not that these initiatives are just symbolic . They are not. The criticism is that CAG has so far been much stronger in announcing, convening, framing and training than in publicly demonstrating a pipeline of AI-enabled audit products. In audit, credibility comes not from strategic vocabulary but from audit evidence. “Responsible AI,” “Blue Economy,” “data analytics,” “remote audit,” “LLM,” and “digital transformation” are powerful phrases; but unless they change the audit product, they can quickly become conference ornaments. The domestic stakeholder-the PAC member, the departmental secretary, the state finance secretary, the citizen affected by a failed scheme-does not benefit from an elegant PowerPoint. He benefits when audit identifies leakage faster, proves systemic failure better, recommends practical correction, and follows up until the correction happens.
There is also a deeper institutional issue. CAG’s traditional strength has been post-facto assurance backed by constitutional independence. AI and data analytics require a more continuous relationship with live databases, system logs, APIs, digital platforms and scheme dashboards. That creates both opportunity and risk. The opportunity is that CAG can move from sample-based audit to population-level analysis in areas like GST, DBT, procurement, pensions, social welfare beneficiaries, public works, mineral receipts and municipal services. The risk is that without clear protocols, data access can be delayed, denied, fragmented or politically sensitive. Therefore, the real success of the AI strategy will depend not only on CAG’s internal enthusiasm but also on whether ministries, states and public bodies provide clean, machine-readable, timely and auditable data.
A fair assessment would therefore be this: the SAI20, AI strategy, Blue Economy compendium, international conferences, OIOS, CAG-LLM and training initiatives have created an enabling architecture. They have improved CAG’s global profile and given the institution a future-facing reform agenda. But they have not yet, at least from the visible public record, matured into a broad and demonstrable domestic audit revolution. The INCOIS report shows that CAG can translate a Blue Economy theme into a somewhat serious audit product. The AI Strategy Framework shows that CAG understands the audit implications of artificial intelligence. The remote audit and CAG-LLM announcements show institutional ambition. Yet the ground-level evidence is still scattered, early and insufficiently measured.
The way forward should be brutally practical. CAG should publish an annual “Technology in Audit Outcomes” statement showing how many audits used data analytics, what datasets were accessed, what methods were applied, how much audit time was saved, what additional recoveries or systemic findings emerged, and how many audit recommendations were accepted because of stronger digital evidence. It should identify five or six flagship AI/data analytics audits every year in areas of high public importance, such as GST, DBT, health insurance, public procurement, mining royalties, urban local bodies and infrastructure contracts. It should also publish methodology notes explaining how AI-assisted findings were validated, because audit cannot rely on black-box results. Finally, PACs and audited entities must be brought into the loop, because a technologically brilliant audit that does not lead to correction is still only half an audit.
In conclusion, the CAG’s SAI20 and AI initiatives are neither mere hot air nor yet a fully realised transformation. They are a promising bridge, but a bridge must be crossed. The CAG has acquired the language, the platforms, the partnerships and the global stage. It must now produce the unmistakable domestic audit dividend: sharper reports, faster audit cycles, stronger evidence, better follow-up, and visible correction in public systems. Until then, these initiatives will remain impressive beginnings-useful for conferences, credible as strategy, but still awaiting the hard proof that India’s public audit has truly entered the age of intelligent accountability.
Q: Has CAG’s AI and SAI20 initiative improved audits in India?
CAG’s AI and SAI20 initiatives have created frameworks and global visibility, but there is limited public evidence so far of large-scale AI-driven audit outcomes in India.
(This is an opinion piece. Views expressed are the author’s own.)
Follow The Raisina Hills on WhatsApp, Instagram, YouTube, Facebook, and LinkedIn
About The Author
