Implementation Guide: Produce financial narratives and management commentary for monthly close packages
Step-by-step implementation guide for deploying AI to produce financial narratives and management commentary for monthly close packages for Accounting & Bookkeeping clients.
Hardware Procurement
Dual Monitor for Side-by-Side Narrative Review
$220 per unit MSP cost / $285 suggested resale (includes mount and cabling)
Enables accountants to view AI-generated narratives on one screen and source financials (trial balance, P&L, balance sheet) on the other during the mandatory human review step. Significantly accelerates the review-and-edit workflow compared to single-monitor alt-tabbing.
USB Headset for Training & Support Calls
$100 per unit MSP cost / $135 suggested resale
For virtual training sessions, onboarding calls with Fathom/Reach Reporting support, and ongoing MSP support calls. Noise-canceling mic ensures clear communication during knowledge transfer.
Software Procurement
Fathom Pro (with Commentary Writer)
$44–$575/month depending on plan tier and number of company files. Pro plan at $192/month covers up to 20 companies. Commentary Writer AI is included at no extra cost.
Primary AI narrative generation engine. Connects directly to QuickBooks Online, Xero, or MYOB. Commentary Writer generates client-specific financial narratives with click-through verification of every cited number. Produces formatted management report PDFs with narrative sections.
Microsoft 365 Business Standard
$12.50/user/month via CSP (Pax8/Sherweb). Resale at $15–$18/user/month.
Foundation platform providing Excel, Outlook, Teams, SharePoint, and OneDrive. Required prerequisite for Copilot for Finance add-on. Provides document storage, collaboration, and communication infrastructure for the close process.
Microsoft 365 Copilot for Finance
$30/user/month add-on via CSP. MSP margin 10–20% depending on volume tier. Resale at $35–$40/user/month.
In-Excel AI assistant that performs variance analysis between actuals and forecast/budget, identifies anomalies in financial performance, and drafts natural-language explanations of key drivers. Complements Fathom by providing real-time analytical capabilities within the spreadsheet environment.
OpenAI API (GPT-5.4 Mini)
$0.15 per million input tokens / $0.60 per million output tokens. Estimated $20–$70/month for a 10-client accounting practice generating monthly narratives.
Powers the custom n8n narrative pipeline for firms requiring advanced customization beyond Fathom's built-in commentary. Used for generating tailored management commentary, board-ready executive summaries, and industry-specific narrative templates.
n8n Cloud (Pro Plan)
$50/month (10,000 workflow executions). Self-hosted Community Edition is free if MSP prefers on-prem.
Workflow orchestration platform that connects accounting platform APIs to the OpenAI API, applies prompt templates, routes generated narratives for review, and delivers final output. Provides the automation backbone for the custom narrative pipeline.
ChatGPT Team Plan
$30/user/month (monthly billing) or $25/user/month (annual). Recommended for 2–3 review staff seats.
Provides a private, secure workspace for accountants to interactively refine AI-generated narratives, ask follow-up questions about financial data, and iterate on management commentary. Business data is contractually excluded from model training.
Prerequisites
- Active QuickBooks Online (Plus or Advanced), Xero (Standard or Premium), or Sage Intacct subscription with admin-level API access credentials
- Minimum 12 months of historical financial data loaded in the accounting platform for meaningful comparative and variance analysis
- Budget and/or forecast data loaded into the accounting platform or available in Excel format for variance commentary generation
- Clean, well-structured Chart of Accounts with consistent naming conventions and proper account categorization (revenue, COGS, operating expenses, etc.)
- Microsoft 365 Business Standard or higher licenses assigned to all users who will use Copilot for Finance (minimum 2–3 seats for typical small firm)
- Microsoft Entra ID (Azure AD) tenant configured with user accounts for SSO across all SaaS platforms
- Stable business internet connection with minimum 25 Mbps download speed
- Modern web browser (Chrome 120+, Edge 120+, or Safari 17+) on all workstations
- Designated 'AI Narrative Review Lead' — a licensed CPA or senior accountant who will own the human review and approval workflow
- Written engagement letter language approved by the firm's managing partner addressing AI tool usage in client deliverables
- Credit card or payment method on file for OpenAI API account (only if implementing custom n8n pipeline)
- SharePoint Online or OneDrive for Business document library created for storing generated narrative reports and maintaining version history
Installation Steps
Step 1: Establish Fathom Account and Connect Accounting Platform
Create the Fathom organization account, configure SSO, and connect the firm's accounting platform (QuickBooks Online or Xero). This establishes the data pipeline that feeds the AI narrative engine. Select the Fathom Pro plan which supports up to 20 company connections and includes the Commentary Writer feature at no additional cost.
Fathom offers a free trial period — use this for the pilot phase before committing to paid plan. Ensure the person authenticating the QBO/Xero connection has full admin rights. Data sync imports up to 10 years of historical data automatically. If the firm uses Sage Intacct, Fathom does not have a native connector — you'll need the custom n8n pipeline approach instead (see Step 10).
Step 2: Configure Chart of Accounts Mapping and KPI Definitions in Fathom
Map the client's chart of accounts to Fathom's standardized financial categories. Define non-financial KPIs that should be referenced in management commentary (headcount, units sold, etc.). This step is critical because the AI Commentary Writer uses these mappings to generate accurate, contextual narratives.
Spend extra time here — garbage in, garbage out. The AI Commentary Writer will reference these categories and KPIs directly in its narratives. A miscategorized account will produce misleading commentary. Review with the client's lead accountant before proceeding. Budget data can be manually entered in Fathom or imported from QBO/Xero if budgets are maintained there.
Step 3: Enable and Configure Commentary Writer AI Feature
Activate Fathom's Commentary Writer within the report builder. Configure narrative preferences including tone, detail level, and specific metrics to highlight. Generate initial test narratives to establish a quality baseline.
Commentary Writer generates narratives specific to each company's actual data — not generic boilerplate. Every number cited is clickable and traceable back to the source GL data. The first generation may need editing to match the firm's preferred style. Refine the template over 2-3 iterations before using with clients. Save the finalized template so it can be applied across all connected companies.
Step 4: Deploy Microsoft 365 Copilot for Finance Licenses
Assign Microsoft 365 Copilot licenses to the designated finance users via the Microsoft 365 Admin Center. This enables in-Excel AI-powered variance analysis and narrative drafting that complements Fathom's report-level commentary with granular spreadsheet-level analysis.
Copilot for Finance requires Microsoft 365 Business Standard or higher as a base license. Activation can take up to 24 hours after license assignment. Copilot for Finance works best when financial data is in structured Excel tables with clear headers. Train users to use the Copilot sidebar for prompts like 'Explain the top 3 expense variances this month compared to budget' — these outputs can be copy-pasted into close packages or used as review aids alongside Fathom narratives.
Step 5: Configure SharePoint Document Library for Narrative Storage and Version Control
Create a structured SharePoint Online document library to store AI-generated narratives, maintain version history, and support the review/approval workflow. This provides the audit trail required for compliance.
Version control is non-negotiable for compliance. The audit trail of draft → reviewed → approved states satisfies both SOX internal control documentation requirements (for public company clients) and AICPA professional standards. Set retention policy to 7 years minimum for financial working papers. Consider enabling Microsoft Purview Information Protection labels if handling sensitive financial data.
Step 6: Create OpenAI API Account and Configure API Keys
Set up the OpenAI platform account that will power the custom n8n narrative pipeline. Configure API keys with appropriate usage limits and security controls. This step is only required if implementing the advanced custom pipeline (Steps 10-12).
Use GPT-5.4 Mini for cost efficiency — it produces excellent financial narrative quality at 1/17th the cost of GPT-5.4. Set hard billing limits to prevent runaway costs during development. The API key is a sensitive credential — treat it like a password. Enable organization-level 2FA on the OpenAI account. If the client requires data residency guarantees, verify OpenAI's data processing regions in their DPA (available at https://openai.com/policies/data-processing-addendum).
Step 7: Deploy n8n Workflow Orchestration Platform
Deploy n8n as the workflow automation backbone that connects the accounting platform API, OpenAI API, and output delivery channels. Choose between n8n Cloud (recommended for simplicity) or self-hosted Community Edition (for maximum data control).
# OPTION A: n8n Cloud (Recommended)
# Navigate to https://app.n8n.cloud/register
# Select Pro plan ($50/month, 10,000 executions)
# Complete registration and access the workflow editor
# OPTION B: Self-Hosted via Docker (For data sovereignty requirements)
# On a Linux VM (Ubuntu 22.04 LTS, 4 vCPU, 8GB RAM):
sudo apt update && sudo apt install -y docker.io docker-compose
mkdir -p /opt/n8n && cd /opt/n8n
cat > docker-compose.yml << 'EOF'
version: '3.8'
services:
n8n:
image: n8nio/n8n:latest
restart: always
ports:
- '5678:5678'
environment:
- N8N_BASIC_AUTH_ACTIVE=true
- N8N_BASIC_AUTH_USER=admin
- N8N_BASIC_AUTH_PASSWORD=CHANGE_THIS_STRONG_PASSWORD
- N8N_ENCRYPTION_KEY=GENERATE_A_RANDOM_32_CHAR_KEY
- WEBHOOK_URL=https://n8n.yourmspdomain.com/
- DB_TYPE=postgresdb
- DB_POSTGRESDB_HOST=postgres
- DB_POSTGRESDB_PORT=5432
- DB_POSTGRESDB_DATABASE=n8n
- DB_POSTGRESDB_USER=n8n
- DB_POSTGRESDB_PASSWORD=CHANGE_THIS_DB_PASSWORD
volumes:
- n8n_data:/home/node/.n8n
depends_on:
- postgres
postgres:
image: postgres:16
restart: always
environment:
- POSTGRES_USER=n8n
- POSTGRES_PASSWORD=CHANGE_THIS_DB_PASSWORD
- POSTGRES_DB=n8n
volumes:
- postgres_data:/var/lib/postgresql/data
volumes:
n8n_data:
postgres_data:
EOF
docker-compose up -d
# Verify n8n is running:
curl -s http://localhost:5678/healthzn8n Cloud is strongly recommended for MSPs without dedicated DevOps staff — it eliminates infrastructure management. If self-hosting, place behind a reverse proxy (nginx or Caddy) with SSL/TLS. The Community Edition is free and fully functional with 400+ integrations. Generate the N8N_ENCRYPTION_KEY with: openssl rand -hex 16. Ensure the VM is in a region compliant with the client's data residency requirements.
Step 8: Configure Identity, SSO, and Access Controls
Set up Single Sign-On using Microsoft Entra ID across all platforms (Fathom, n8n, ChatGPT Team). Configure role-based access controls to enforce the principle of least privilege. This is essential for compliance with GLBA Safeguards Rule and firm data security policies.
SSO enforcement via Entra ID provides centralized access management and audit logging. Conditional Access with MFA is a compliance requirement — GLBA Safeguards Rule mandates multi-factor authentication for access to customer financial data. If Fathom doesn't support SAML/OIDC on the selected plan tier, use Entra ID password-based SSO as a fallback. Document all access grants in the compliance audit trail.
Step 9: Build the Review and Approval Workflow
Establish the human-in-the-loop review and approval process that ensures every AI-generated narrative is verified by a qualified professional before inclusion in client deliverables. This is the most critical compliance step — AI-generated content in financial close packages MUST be reviewed by a CPA or senior accountant.
This is not optional — AICPA standards and SOX compliance (for public company clients) require documented human review of all material financial commentary. The Power Automate flow creates an auditable approval record. Set SLA expectations: reviewers should approve/reject within 4 business hours during close periods. Consider adding a secondary reviewer for high-value or public-company clients. The approval record in Power Automate is retained and searchable for audit purposes.
Step 10: Build Custom n8n Narrative Generation Workflow
Create the advanced n8n workflow that pulls financial data from the accounting platform API, applies structured prompt templates, sends data to GPT-5.4 Mini for narrative generation, and routes the output for review. This provides maximum customization beyond what Fathom's built-in Commentary Writer offers.
This workflow is the advanced/custom option — Fathom Commentary Writer handles this automatically for most use cases. Only build this if the client needs: (a) custom narrative templates beyond Fathom's capabilities, (b) integration with non-supported accounting platforms, (c) specialized industry commentary, or (d) the firm wants MSP-managed prompt engineering. The QBO OAuth2 credentials require a registered Intuit Developer app — set this up at https://developer.intuit.com. Token refresh is handled automatically by n8n's OAuth2 credential type.
Step 11: Configure Prompt Templates and Narrative Styles
Deploy the carefully engineered prompt templates that guide the LLM to produce accurate, professional financial narratives. These templates are the core intellectual property of the implementation and should be version-controlled.
Prompt templates are the most important tunable element of the system. Plan for 2-3 iterations during the pilot phase. Keep a log of what changes were made and why. Never edit prompts in production without testing on sample data first. Store the 'golden' prompt versions in SharePoint with version history enabled. The prompts provided in custom_ai_components have been engineered for accounting-specific accuracy including proper treatment of debits/credits, percentage calculations, and materiality thresholds.
Step 12: Pilot Testing with 2-3 Client Companies
Run the AI narrative generation system in parallel with the firm's existing manual narrative process for 2-3 selected pilot clients. Compare AI output quality, accuracy, and completeness against manually written commentary. This dual-run approach validates the system before full rollout.
The pilot phase is critical — do not skip it. Expect the first round of AI narratives to be 70-80% usable with editing needed. By the second or third iteration of prompt refinement, quality typically reaches 90-95%. Never send AI-generated narratives to clients without completing this pilot phase. Track time savings: measure how long the manual process takes vs. AI generation + human review time. This data is essential for demonstrating ROI during client handoff.
Step 13: Production Rollout and Monthly Close Process Integration
Expand the AI narrative system to the full client base. Integrate narrative generation into the firm's existing monthly close workflow and checklist. Establish the production cadence and standard operating procedures.
Stagger the rollout — don't switch all clients at once. Roll out in batches of 5-10 clients per close cycle. This allows the review team to build confidence and identify any edge cases. Maintain the manual process as a backup for the first 2 full close cycles after go-live. After 2 successful cycles with AI narratives, the manual process can be retired. Document the final SOP and store in SharePoint.
Step 14: Compliance Documentation and Audit Trail Setup
Finalize all compliance documentation including the AI governance policy, updated engagement letters, data processing agreements, and audit trail procedures. This step ensures the firm meets AICPA, SOX, GLBA, and applicable privacy law requirements.
Compliance documentation is what protects both the firm and the MSP in the event of an audit or regulatory inquiry. The AI governance policy should be reviewed and signed by the firm's managing partner. Update engagement letters for all active clients — not just new ones. If the firm serves public company audit clients, consult with the audit team about PCAOB implications before deploying. GLBA Safeguards Rule requires a written information security plan that now must address AI tools handling customer financial data.
Custom AI Components
Financial Narrative System Prompt
Type: prompt
The master system prompt that instructs GPT-5.4 Mini to generate professional financial narratives from structured accounting data. This prompt enforces accuracy, appropriate tone, materiality thresholds, and accounting-specific language conventions. It is the core intellectual property of the custom narrative pipeline.
Implementation:
You are a senior financial analyst and CPA preparing management commentary for monthly close packages. You generate professional, accurate financial narratives based exclusively on the structured financial data provided to you.CRITICAL RULES
OUTPUT FORMAT
Return the narrative in clean markdown with the following sections:
- ### Executive Summary
- ### Revenue & Gross Margin Analysis
- ### Operating Expense Analysis
- ### Balance Sheet Highlights
- ### Cash Flow & Liquidity
- ### Items Requiring Management Attention
Do not include any preamble, disclaimers about being an AI, or meta-commentary. Output only the narrative text.
Financial Data Transformation Function
Type: integration n8n Code node that transforms raw QuickBooks Online API JSON responses into a structured, LLM-friendly text format. This function extracts key financial metrics, calculates variances against prior period and budget, and assembles a data summary that serves as the user prompt for the narrative LLM.
Implementation:
// n8n Code Node: Transform QBO Financial Data for LLM Narrative Generation
// Input: Items from QBO P&L and Balance Sheet HTTP Request nodes
// Output: Structured text summary for LLM prompt
const pnlData = $('Fetch QBO PnL').item.json;
const bsData = $('Fetch QBO Balance Sheet').item.json;
// Helper function to extract row value from QBO report JSON
function getRowValue(report, rowName) {
if (!report || !report.Rows || !report.Rows.Row) return null;
for (const row of report.Rows.Row) {
if (row.Summary && row.Summary.ColData) {
if (row.Summary.ColData[0].value === rowName) {
return row.Summary.ColData.map((col, idx) => idx === 0 ? col.value : parseFloat(col.value) || 0);
}
}
if (row.Rows && row.Rows.Row) {
for (const subRow of row.Rows.Row) {
if (subRow.ColData && subRow.ColData[0].value === rowName) {
return subRow.ColData.map((col, idx) => idx === 0 ? col.value : parseFloat(col.value) || 0);
}
}
}
}
return null;
}
// Extract P&L columns (Current Month, Prior Month, Budget if available)
const columns = pnlData.Columns.Column.map(c => c.ColTitle);
// Build structured summary sections
let sections = [];
sections.push('# FINANCIAL DATA FOR NARRATIVE GENERATION');
sections.push(`## Report Period: ${pnlData.Header.StartPeriod} to ${pnlData.Header.EndPeriod}`);
sections.push(`## Company: ${pnlData.Header.ReportName}`);
sections.push(`## Columns: ${columns.join(' | ')}`);
sections.push('');
// Extract all P&L rows recursively
function extractRows(rows, indent = 0) {
let results = [];
if (!rows || !rows.Row) return results;
for (const row of rows.Row) {
if (row.ColData) {
const label = row.ColData[0].value;
const values = row.ColData.slice(1).map(c => c.value || '0');
results.push(`${' '.repeat(indent)}${label}: ${values.join(' | ')}`);
}
if (row.Header && row.Header.ColData) {
results.push(`${' '.repeat(indent)}**${row.Header.ColData[0].value}**`);
}
if (row.Rows) {
results = results.concat(extractRows(row.Rows, indent + 1));
}
if (row.Summary && row.Summary.ColData) {
const label = row.Summary.ColData[0].value;
const values = row.Summary.ColData.slice(1).map(c => c.value || '0');
results.push(`${' '.repeat(indent)}**${label}: ${values.join(' | ')}**`);
}
}
return results;
}
sections.push('## PROFIT & LOSS STATEMENT');
sections = sections.concat(extractRows(pnlData.Rows));
sections.push('');
sections.push('## BALANCE SHEET');
sections = sections.concat(extractRows(bsData.Rows));
sections.push('');
sections.push('## INSTRUCTIONS');
sections.push('Generate a management commentary narrative for this financial data following your system prompt guidelines.');
sections.push('Compare current period to prior period. Flag all material variances (>5% AND >$1,000).');
sections.push('If budget column is present, also compare actuals to budget.');
return [{ json: { prompt_text: sections.join('\n'), generated_at: new Date().toISOString() } }];Monthly Narrative Generation Workflow
Type: workflow Complete n8n workflow definition that orchestrates the end-to-end monthly narrative generation process: scheduled trigger → data fetch from QBO → data transformation → LLM narrative generation → quality checks → SharePoint storage → Teams notification. This is exported as n8n JSON for direct import.
Implementation:
{
"name": "Monthly Financial Narrative Generator",
"nodes": [
{
"parameters": { "rule": { "interval": [{ "field": "cronExpression", "expression": "0 9 5 * *" }] } },
"name": "Monthly Schedule Trigger",
"type": "n8n-nodes-base.scheduleTrigger",
"position": [250, 300]
},
{
"parameters": { "url": "https://quickbooks.api.intuit.com/v3/company/{{$json.companyId}}/reports/ProfitAndLoss", "authentication": "oAuth2", "method": "GET", "queryParameters": { "parameters": [{ "name": "start_date", "value": "={{$now.minus({months:1}).startOf('month').toFormat('yyyy-MM-dd')}}" }, { "name": "end_date", "value": "={{$now.minus({months:1}).endOf('month').toFormat('yyyy-MM-dd')}}" }, { "name": "accounting_method", "value": "Accrual" }] } },
"name": "Fetch QBO PnL",
"type": "n8n-nodes-base.httpRequest",
"position": [470, 300]
},
{
"parameters": { "url": "https://quickbooks.api.intuit.com/v3/company/{{$json.companyId}}/reports/BalanceSheet", "authentication": "oAuth2", "method": "GET", "queryParameters": { "parameters": [{ "name": "as_of", "value": "={{$now.minus({months:1}).endOf('month').toFormat('yyyy-MM-dd')}}" }] } },
"name": "Fetch QBO Balance Sheet",
"type": "n8n-nodes-base.httpRequest",
"position": [470, 500]
},
{
"parameters": { "jsCode": "// See Financial Data Transformation Function component for full code" },
"name": "Transform Financial Data",
"type": "n8n-nodes-base.code",
"position": [690, 400]
},
{
"parameters": { "model": "gpt-5.4-mini", "messages": { "values": [{ "role": "system", "content": "={{ $('Load System Prompt').item.json.prompt }}" }, { "role": "user", "content": "={{ $json.prompt_text }}" }] }, "options": { "temperature": 0.3, "maxTokens": 2500 } },
"name": "Generate Narrative via GPT-5.4 Mini",
"type": "@n8n/n8n-nodes-langchain.openAi",
"position": [910, 400]
},
{
"parameters": { "jsCode": "// Post-processing: validate no hallucinated numbers\nconst narrative = $input.first().json.message.content;\nconst sourceData = $('Transform Financial Data').first().json.prompt_text;\n\n// Extract all dollar amounts from narrative\nconst narrativeNumbers = narrative.match(/\\$[\\d,]+\\.?\\d*/g) || [];\n\n// Flag any numbers not found in source data\nlet warnings = [];\nfor (const num of narrativeNumbers) {\n const cleanNum = num.replace(/[$,]/g, '');\n if (!sourceData.includes(cleanNum) && parseFloat(cleanNum) > 100) {\n warnings.push(`WARNING: ${num} cited in narrative but not found in source data`);\n }\n}\n\nreturn [{ json: { narrative, warnings, has_warnings: warnings.length > 0, generated_at: new Date().toISOString() } }];" },
"name": "Validate Narrative Accuracy",
"type": "n8n-nodes-base.code",
"position": [1130, 400]
},
{
"parameters": { "resource": "file", "operation": "upload", "siteId": "YOUR_SHAREPOINT_SITE_ID", "folderId": "YOUR_DRAFT_FOLDER_ID", "fileName": "={{$now.minus({months:1}).toFormat('yyyy-MM')}}-narrative-draft.md", "fileContent": "={{ $json.narrative }}" },
"name": "Save to SharePoint",
"type": "n8n-nodes-base.microsoftSharePoint",
"position": [1350, 400]
},
{
"parameters": { "resource": "chatMessage", "operation": "create", "teamId": "YOUR_TEAMS_TEAM_ID", "channelId": "YOUR_CHANNEL_ID", "message": "=📊 **AI Narrative Draft Ready for Review**\n\nPeriod: {{$now.minus({months:1}).toFormat('MMMM yyyy')}}\nWarnings: {{$json.has_warnings ? $json.warnings.join('; ') : 'None — all figures verified'}}\n\nPlease review and approve in SharePoint." },
"name": "Notify Reviewer via Teams",
"type": "n8n-nodes-base.microsoftTeams",
"position": [1570, 400]
}
],
"connections": {
"Monthly Schedule Trigger": { "main": [[{ "node": "Fetch QBO PnL" }, { "node": "Fetch QBO Balance Sheet" }]] },
"Fetch QBO PnL": { "main": [[{ "node": "Transform Financial Data" }]] },
"Fetch QBO Balance Sheet": { "main": [[{ "node": "Transform Financial Data" }]] },
"Transform Financial Data": { "main": [[{ "node": "Generate Narrative via GPT-5.4 Mini" }]] },
"Generate Narrative via GPT-5.4 Mini": { "main": [[{ "node": "Validate Narrative Accuracy" }]] },
"Validate Narrative Accuracy": { "main": [[{ "node": "Save to SharePoint" }]] },
"Save to SharePoint": { "main": [[{ "node": "Notify Reviewer via Teams" }]] }
}
}AI Governance Policy Template
Type: prompt A comprehensive AI governance policy document template tailored for accounting firms deploying AI-generated financial narratives. This document satisfies AICPA, GLBA, and SOX compliance requirements and should be customized and signed by the firm's managing partner.
Implementation:
# AI GOVERNANCE POLICY — [FIRM NAME]Effective Date: [DATE] | Version: 1.0 | Approved by: [MANAGING PARTNER NAME]
1. PURPOSE
This policy governs the use of artificial intelligence tools in the preparation of client financial deliverables at [Firm Name]. It ensures all AI-assisted work products meet professional standards, protect client confidentiality, and comply with applicable regulations.
2. SCOPE
This policy applies to all firm personnel, contractors, and managed service providers who use AI tools in connection with client engagements, specifically:
- AI-generated financial narratives and management commentary
- AI-assisted variance analysis and trend identification
- AI-powered report generation and formatting
3. APPROVED AI TOOLS
The following AI tools are approved for use with client financial data:
Fathom Commentary Writer
Narrative generation from connected GL data. SOC 2 Type 1, ISO 27001 certified. Data not used for model training.
Microsoft 365 Copilot for Finance
In-Excel variance analysis and draft narratives. Enterprise DPA. Data processed within Microsoft tenant boundary.
OpenAI API (GPT-5.4 Mini)
Custom narrative pipeline via n8n workflow. Enterprise API — data not used for training per API Terms. DPA executed.
ChatGPT Team
Interactive narrative refinement. Private workspace. Data excluded from training per Team Terms.
PROHIBITED: Free-tier ChatGPT, Google Gemini free tier, any consumer AI tool, any AI tool not listed above. Firm personnel must NEVER paste client financial data into non-approved AI tools.
4. HUMAN REVIEW MANDATE
All AI-generated content intended for client deliverables MUST be reviewed and approved by a qualified professional (CPA, CMA, or senior accountant with 3+ years of experience) before delivery. AI output is a DRAFT until human-reviewed. Specific requirements:
- Reviewer must verify all cited figures against source GL data
- Reviewer must assess narrative accuracy, completeness, and appropriateness of conclusions
- Reviewer must document their review via the SharePoint approval workflow
- Reviewer's name and date must be recorded in the engagement file
5. DATA HANDLING
- Client financial data may only be processed through approved tools with executed DPAs
- No client data may be stored on personal devices or non-approved cloud services
- All AI-processed data must comply with GLBA Safeguards Rule requirements
- For EU-resident client data, GDPR data residency requirements must be verified
6. AUDIT TRAIL
The following records must be maintained for every AI-generated narrative:
- Input data snapshot (what financial data was provided to the AI)
- AI tool and model version used
- Complete AI output (unedited)
- Reviewer identity and approval/rejection decision
- Final edited version delivered to client
- Retention period: 7 years minimum
7. CLIENT DISCLOSURE
[Firm Name] will include the following language in all engagement letters: 'Our firm utilizes AI-assisted tools to support the preparation of financial analyses and management commentary. All AI-generated content is reviewed and approved by qualified professionals before delivery. Your data is processed only through enterprise-grade platforms with appropriate security certifications and data processing agreements.'
8. INCIDENT RESPONSE
If an AI tool produces materially incorrect content that is delivered to a client:
9. REVIEW CYCLE
This policy will be reviewed quarterly and updated as needed. Next review date: [DATE + 90 DAYS].
Signature: _________________________ Date: _____________ [MANAGING PARTNER NAME], [FIRM NAME]
Narrative Quality Scoring Agent
Type: agent
A quality assurance agent that evaluates AI-generated financial narratives against a scoring rubric before they reach the human reviewer. It catches common LLM errors like hallucinated numbers, incorrect percentage calculations, missing material variances, and inappropriate forward-looking statements. Runs as a second LLM call in the n8n pipeline.
Implementation:
// n8n Code Node: Quality Scoring Agent
// This node takes the generated narrative and source data, sends them to a second LLM call
// for quality assurance scoring, and flags issues for the human reviewer.
const narrative = $('Generate Narrative via GPT-5.4 Mini').first().json.message.content;
const sourceData = $('Transform Financial Data').first().json.prompt_text;
// QA System Prompt
const qaSystemPrompt = `You are a financial narrative quality assurance auditor. You receive two inputs:
1. SOURCE DATA: The raw financial data that was provided to the narrative generator
2. GENERATED NARRATIVE: The AI-generated management commentary
Your job is to score the narrative on the following rubric and flag any issues:SCORING RUBRIC (1-5 scale for each)
OUTPUT FORMAT
Return ONLY a JSON object (no markdown fences):
{
"scores": {
"numerical_accuracy": <1-5>,
"completeness": <1-5>,
"professional_tone": <1-5>,
"objectivity": <1-5>,
"structure": <1-5>
},
"overall_score": <average of above, rounded to 1 decimal>,
"pass": <true if overall >= 3.5, false otherwise>,
"issues": [
{"severity": "critical|warning|info", "description": "<specific issue description>", "location": "<which section>"}
],
"suggested_edits": ["<specific suggested edit 1>", "<specific suggested edit 2>"]
}const qaUserPrompt = `## SOURCE DATA\n${sourceData}\n\n## GENERATED NARRATIVE\n${narrative}`;
// Return the QA prompt for the next OpenAI node
return [{
json: {
qa_system_prompt: qaSystemPrompt,
qa_user_prompt: qaUserPrompt,
original_narrative: narrative
}
}];
// After this Code node, add another OpenAI Chat node:
// Model: gpt-5.4-mini
// System: {{ $json.qa_system_prompt }}
// User: {{ $json.qa_user_prompt }}
// Temperature: 0.1 (maximum consistency for QA)
// Max Tokens: 1000
//
// Then add a Code node to parse the QA JSON response:
// const qaResult = JSON.parse($input.first().json.message.content);
// const narrative = $('Quality Scoring Agent').first().json.original_narrative;
// if (!qaResult.pass) {
// // Route to 'Needs Revision' path — regenerate with issue context
// return [{ json: { ...qaResult, narrative, action: 'revise' } }];
// }
// return [{ json: { ...qaResult, narrative, action: 'approve' } }];Testing & Validation
- NUMERICAL ACCURACY TEST: Generate a narrative for a pilot client. Independently calculate the top 5 variance percentages from the raw GL data using a calculator or Excel. Compare each percentage cited in the AI narrative — all must match within 0.1 percentage points. If any figure is wrong, check the data transformation function and prompt instructions.
- COMPLETENESS TEST: Review the source P&L for the pilot month. Identify all line items with variances exceeding 5% AND $1,000 (the defined materiality threshold). Verify that every material item appears in the AI narrative. Count: AI should discuss at least 90% of material variances.
- HALLUCINATION TEST: Search the AI-generated narrative for every dollar amount cited. Cross-reference each amount against the raw QBO/Xero data export. Flag any amount that cannot be traced to the source data. Zero hallucinated numbers is the passing threshold.
- TONE AND COMPLIANCE TEST: Have a CPA read the narrative and flag any instances of: (a) forward-looking statements or predictions, (b) investment advice, (c) casual or unprofessional language, (d) AI self-references ('As an AI...'), (e) unsupported opinions about business strategy. The narrative must contain zero instances of any of these.
- INTEGRATION TEST — FATHOM: In Fathom, disconnect and reconnect a test company. Generate Commentary Writer output. Verify that the narrative accurately reflects the most recent month's data and that prior period comparisons use the correct time frame. Click through every cited figure to verify it traces back to the GL.
- INTEGRATION TEST — QBO API: In n8n, manually trigger the workflow for a test company. Verify the HTTP Request nodes return 200 status codes. Verify the P&L date range parameters correctly target the prior month. Verify the Balance Sheet as-of date is the last day of the prior month.
- INTEGRATION TEST — SHAREPOINT: Verify that generated narrative documents appear in the correct SharePoint folder path (/Clients/{ClientName}/{Year}/{Month}/Draft-Narratives/). Verify version history is enabled and captures each upload. Verify the Power Automate approval flow triggers automatically when a new file is created.
- INTEGRATION TEST — TEAMS NOTIFICATION: After a narrative is saved to SharePoint, verify that a notification appears in the #narrative-review Teams channel within 5 minutes. Verify the notification includes the correct client name, period, and a clickable link to the SharePoint document.
- QUALITY SCORING AGENT TEST: Feed the QA agent a narrative with an intentionally wrong percentage (e.g., change a 12% increase to 22%). Verify the agent catches it and returns a 'critical' severity issue with numerical_accuracy score below 3. Then feed it a correct narrative and verify it passes with overall score >= 3.5.
- END-TO-END TIMING TEST: Measure the complete cycle time from workflow trigger to Teams notification for 3 different clients. The entire automated pipeline should complete in under 5 minutes per client. Fathom Commentary Writer should generate in under 30 seconds.
- PARALLEL COMPARISON TEST: For each pilot client, generate the AI narrative AND have the firm produce their traditional manual narrative. Present both (anonymized) to the lead CPA and ask them to rate quality on a 1-10 scale. The AI narrative should score within 2 points of the manual narrative to pass.
- SECURITY TEST: Verify that the OpenAI API key is not visible in any n8n workflow export, log file, or SharePoint document. Verify it is stored only in n8n's encrypted credentials store or Azure Key Vault. Attempt to access the n8n instance without SSO credentials — access should be denied.
Client Handoff
The client handoff meeting should be a 90-minute session with the firm's managing partner, senior accountants (narrative reviewers), and any staff who will interact with the AI tools. Cover the following topics in order:
Maintenance
Monthly Maintenance Tasks (MSP Responsibility):
- Review n8n workflow execution logs for errors or anomalies. Check that all scheduled runs completed successfully. Investigate and resolve any failed executions within 4 business hours during close periods (1st-10th of each month).
- Monitor OpenAI API usage and costs via the OpenAI dashboard. Verify costs are within the expected $20-70/month range for a 10-client practice. Alert the client if costs exceed 150% of baseline.
- Verify Fathom data sync status for all connected companies. Re-authenticate OAuth connections if any have expired (QBO tokens expire every 100 days).
- Export and archive n8n execution logs to SharePoint for long-term compliance retention (n8n Cloud only retains 30 days by default).
Quarterly Maintenance Tasks (MSP Responsibility):
- Prompt Optimization Review: Sample 5-10 generated narratives from the quarter. Assess quality trends. Refine prompt templates based on recurring reviewer edits. Document all prompt changes with version numbers and rationale.
- Compliance Audit: Sample 3-5 random client narratives and verify: (a) documented human review approval exists, (b) AI engine identification metadata is present, (c) SharePoint version history is intact, (d) all vendor DPAs are current. Produce a 1-page quarterly compliance summary.
- Software Update Review: Check for Fathom feature updates, n8n version updates, and OpenAI model changes. Test any updates in a non-production environment before deploying. GPT-5.4 Mini model updates may change output characteristics — always re-test prompts after model updates.
- Client Satisfaction Check: Brief survey or conversation with the lead reviewer — are narratives meeting quality expectations? Are there new report types or narrative sections they'd like to add?
Semi-Annual Tasks:
- AI Governance Policy Review: Update the policy document to reflect any new tools, regulatory changes, or lessons learned. Obtain managing partner re-approval if material changes are made.
- Engagement Letter Audit: Verify all active client engagement letters include the AI usage disclosure addendum.
- Security Review: Rotate API keys (OpenAI, QBO OAuth). Review access permissions across all platforms. Remove access for any departed staff. Verify MFA enforcement.
Model Retraining / Update Triggers:
- OpenAI announces a new GPT-5.4 Mini version → test all prompt templates against new model, compare output quality, update n8n model parameter if quality is maintained or improved.
- Client adds a new service line or significant chart of accounts changes → update KPI definitions and prompt context.
- Fathom releases Commentary Writer updates → test new features, update SOPs and training materials.
- Regulatory changes (new AICPA guidance on AI, PCAOB requirements) → update governance policy and compliance procedures.
SLA Considerations:
- During monthly close period (business days 1-10): 4-hour response time for critical issues (workflow failures, data sync errors), 8-hour response for non-critical.
- Outside close period: Next business day response.
- Severity 1 (narrative pipeline completely down): 2-hour response, 8-hour resolution target. Fallback: manual narrative process.
- Severity 2 (quality degradation, partial functionality): 4-hour response, 24-hour resolution.
- Severity 3 (cosmetic issues, feature requests): Next business day acknowledgment, scheduled for next quarterly optimization cycle.
Escalation Path:
Want early access to the full toolkit?