Finance’s Synthetic Revolution

Finance is about to get a new workforce.

Artificial intelligence agents are moving fast from “helpful assistant” to “digital staff member”.

AI agents are software – synthetic – “workers” that can take a goal you give them, break it into steps and then carry those steps out by using tools – apps, databases, email, ERP screens – much like a person would.

Instead of just answering questions or generating text, an agent can plan, make choices, ask for missing information and act (for example, create a ticket, pull data, update a record, draft a message or trigger a workflow) then check whether the result worked and adjust its next move.

You’re not just automating a task anymore – you’re delegating a piece of work to something that can operate semi-independently, at speed, across multiple systems.

The widespread introduction of agents into Finance is inevitable. 

Not because someone declares it, but because the economics are irresistible: agents can chase down missing inputs, clear exceptions, draft reconciliations, run scenarios and keep work moving while people sleep.

In Finance, that means month-end close, AP/AR, FP&A and routine compliance work will be the first to feel different. The work won’t just be quicker. It will be re-shaped – more continuous, more automated and harder to see with the naked eye.

The upside is clear: agents turn Finance from a set of monthly sprints into something closer to a rolling, always-on engine.

The close speeds up because reconciliations and variance checks happen continuously instead of piling up in a spreadsheet rush.

Forecasts sharpen because scenarios are refreshed as conditions change, not when the calendar says it’s time.

Cash improves because collections and disputes move every day with consistent follow-through, not in bursts when someone has capacity.

And compliance shifts from a last-minute scramble to a state of readiness – evidence gathered as work happens, not reconstructed after the fact.

Any CFO should be keen to take that trade.

In doing so one needs to be very aware of the risks associated.

Every finance team has errors; the difference with agents is that small errors can repeat thousands of times before anyone notices.

The most common failure mode won’t be dramatic fraud or a big outage. It will be slow, quiet drift: the agent does one extra thing “to be helpful”, someone gets used to it, then it becomes normal operations.

Authority drift is the first problem. An agent starts by preparing journals, then it posts the small ones, then someone lifts the threshold, then it starts resolving exceptions, then it’s effectively performing part of a finance manager role without the normal challenge process.

Segregation of duties is the second problem. Agents often need broad access to be useful and broad access is exactly how segregation of duties collapses. If one agent can create a vendor, change bank details and trigger payment release, you’ve recreated the classic control failure – just faster and less visible.

Evidence quality is the third problem. Agents can produce polished commentary, neat reconciliations and plausible explanations. That’s useful right up until the organisation starts accepting “sounds right” as a substitute for “tied to the record”. In financial reporting, the gap between those two standards is where reputational and regulatory pain lives.

Finally, there’s manipulation risk through everyday channels. Finance is fed by emails, invoices, attachments, service tickets and Slack and Teams messages. If an agent reads that content and also has permission to act, you must assume some of that input will be misleading – accidentally or deliberately. The pathway for bad outcomes is no longer “someone clicked a link”; it can be “the agent took the bait”.

The practical answer isn’t to slow down adoption.

It’s to make sure autonomy grows inside boundaries you can defend. The simplest place to start is a Finance Agent Register – one page per agent that states: what it does, who owns it, what systems it can access, what decisions it can make versus recommend, what thresholds apply and what happens when it fails. Most organisations will skip this and then discover they can’t even list their agents, let alone control them.

Next, put hard gates around “danger actions”. In Finance, these are well known: creating or changing vendor master data, changing bank details, releasing payments, posting journals, modifying approval rules and sending messages that create external commitments. The safeguard has to be designed into the workflow: dual approvals, out-of-band verification, threshold limits and independent checks.

Then insist on traceability. When something goes wrong, you’ll be asked five questions: what happened, why, what data was used, who approved it and what else might be impacted? If you can’t answer quickly and cleanly, trust evaporates. That means logging that captures inputs, actions taken, records touched, approvals and exceptions. Think “flight recorder” for finance operations.

And finally, test the ugly scenarios before real life does. Fake supplier bank-change requests. Tricky invoice exceptions. Cut-off edge cases. Contradictory policy instructions. If those tests fail, that’s not a reason to abandon agents – it’s a reason to tighten boundaries and monitoring until failures are detectable and containable.

This is where one relationship gets more valuable than most CFOs realise: Internal Audit.

Not as a compliance policeman, but as the one function designed to give you independent confidence when your operational reality becomes too complex to “eyeball”.

As agents spread, the CFO’s accountability doesn’t change – you still own reporting integrity, payment hygiene, compliance posture and operational resilience.

What changes is visibility.

Work gets done through chains of tool calls, permissions, system interaction and vendor components that don’t show up neatly in a spreadsheet review.

Internal Audit is built to bridge exactly that gap: they test whether the environment is behaving the way you think it is, not the way people claim it is.

They also protect you from comforting stories.

“There’s a human in the loop” can be meaningless if that human is rubber-stamping 200 exceptions at 6pm on day two of close.

“The vendor says it’s secure” can be irrelevant if your configuration breaks segregation of duties.

“It’s logged somewhere” isn’t helpful unless the logs can reconstruct who did what, when and why.

Internal Audit turns those vague assurances into specific tests: access and segregation of duties checks, walkthroughs of approval gates, sampling of agent actions back to source records, stress-testing exception handling and verifying that controls still operate under pressure.

And crucially, they help you speak to the Board in a language that lands.

In the agentic era Boards don’t want “we have policies”.

They want to know that someone independent has tested the controls, that failures are surfaced and contained and that management can prove how outcomes were produced.

In an agentic finance function, that kind of proof becomes a strategic asset.

In the agentic era, the CFO’s biggest exposure isn’t that an agent makes a bad decision – it’s that the organisation can’t prove how a decision was made or reconstruct what happened after the fact.

You are just about to invite – perhaps already have invited – a synthetic workforce into the beating heart of Finance.

You as the CFO cannot govern it with hope, policy statements or vendor brochures.

You need to govern it with boundaries that bite, evidence that holds and oversight that does not blink.

This is the moment to enlist Internal Audit not as a critic at the edge, but as the ally at your shoulder – testing, tracing and proving that what is happening in the machine is what you believe is happening in the business.

If Finance get this right, agents will not erode control; they will harden it.

And Finance will not merely move faster; it will move with confidence – because in a world of speed and scale, only what can be proven can be trusted.