Harnessing Real-Time Analytics for Public Accountability: The Digital Evolution of Supreme Audit Institutions

Author: Emmanouil Kalaintzis

I. From Slow Scrutiny to Instant Vigilance

Classic financial audits arrive long after the money has moved. By the time ledgers are reconciled and reports are tabled, fraudulent transfers may be laundered beyond recovery. Government data, however, now travels through digital highways—treasury platforms, tax APIs, banking gateways, platforms, even the cloud —where each transaction leaves a time-stamped footprint. 

When Supreme Audit Institutions (SAIs) input those streams into analytical engines, they compress the audit cycle from months to minutes. Moreover, machine learning can be trained by accumulating the data to aggregate and adapt into locating patterns¹. Suspicious patterns then can emerge and be detected almost as soon as they form, and auditors gain a chance to act while public funds are still within reach. As government finances become fully digital, classic auditing needs to adapt quickly, otherwise risks can be deemed anachronistic. 

Today the same application-programming interfaces that power treasury, procurement, tax and banking systems can feed a continuous stream of transactions to SAIs through interoperability. By mining those flows for statistical anomalies, auditors can spot illicit enrichment patterns virtually as they emerge, shrinking the window in which funds can be hidden or laundered. Data visualizations, live dashboards, and automated alerts allow SAIs to share insights more immediately with stakeholders and, in some cases, with the public itself. This contributes to a more open audit process and empowers civil society to monitor public sector performance in a dynamic, data-driven environment. As the OECD (2024) observes, real-time systems enhance both the assurance function and the external legitimacy of public oversight by improving visibility and enabling more timely interventions².

A real-time detection system is built in layers. Secure pipelines first ingest banking, procurement, customs and tax feeds. It is a layered ecosystem in which raw data are ingested, aliases are resolved, risk signals are engineered, models assign scores, alerts are triaged and every decision is logged for evidentiary integrity. Many variants can also be detected, holding companies and beneficial owners, based on the chain of transaction which is broken down and chartered, to disclose the bank transfers, tax declarations, customs declarations and other dealings that complete the big picture. Raw numbers can be easily “interpreted” into behavioural signals—unusual growth rates, atypical peer-group ratios, emergent payment networks. Machine-learning models or expertly crafted rule sets score each event, ranking it by risk. Finally, a case-management module routes the highest-risk items to human auditors, signaling the risk areas with accuracy in order to accurately construct the audit plan. Auditors, of course, have the oversight using their power to dismiss an alert or follow up, thus allowing data science and professional judgment to reinforce one another. 

II. Legal challenges : Re-wiring the Audit Process

Despite advantages, the deployment of algorithms raises complex legal and ethical questions. Powerful analytics can overwhelm or mislead if left unchecked – without human oversight³. Excessive false alarms exhaust staff; hidden data gaps skew models; black-box algorithms risk uneven treatment; issues pertinent to the protection of personal data arise.  Mitigation of risks begins with transparency: every alert should display the evidence that triggered it. Review responsibility must be tiered, and logs must record who accessed what and when, preserving the chain of command. 

Many SAIs lack the technical infrastructure or expertise to implement sophisticated artificial intelligence (AI) auditing frameworks. Moreover, tensions often arise between the need for transparency and the protection of commercial confidentiality or intellectual property, especially when auditing private-sector contractors or embedded algorithms in public systems. To address these limitations, SAIs must develop robust digital governance strategies, invest in cross-disciplinary capacity-building, and adopt ethical-by-design principles when deploying real-time analytical tools. The digital evolution of SAIs will depend not only on technological readiness but also on institutional commitment to upholding integrity, independence, and citizens’ rights in a rapidly changing oversight landscape.

The European Union Artificial Intelligence Act (EU AI Act), adopted in July 2024, establishes a harmonized legal framework for the development, deployment, and use of artificial intelligence systems across Member States. Grounded in a risk-based approach, the Act categorizes AI systems into four tiers—unacceptable, high, limited, and minimal risk—each associated with specific compliance obligations. Systems considered high-risk, such as those used in law enforcement, financial services, and healthcare, must meet rigorous requirements concerning transparency, human oversight, risk management, and data governance⁴.

While the Act does not explicitly mandate AI audits by providers or deployers, it strongly aligns with audit-related practices by emphasizing principles such as fairness, human oversight, accuracy, and transparency. Furthermore, provisions like Article 9 (risk management) and Article 11 (technical documentation) imply procedural and operational needs that may be fulfilled through structured auditing practices⁵.

III. Greek SAI’s Example of modernization

SAIs may be called upon to audit the public sector’s use of AI systems, particularly in areas such as automated decision-making or AI-assisted resource allocation, but they must also ensure that their own use of AI-based analytics respects data protection laws, procedural fairness, and the principle of explainability. The Hellenic Court of Audit of Greece offers a contribution on addressing both sides of the same coin. According to the Greek Constitution, the Hellenic Court of Audit (Elegktiko Synedrio) is the Supreme Financial Court of the Hellenic Republic, functioning as the Supreme Audit Institution of the state, auditing the use of public funds. 

Currently, the Hellenic Court of Audit is entering a new era of digital transformation through the implementation of its Integrated Information System (IIS), a flagship reform initiative funded by the Recovery and Resilience Facility of the European Union. The project is designed to modernize the Court’s operational and judicial functions by embedding cutting-edge digital technologies and artificial intelligence tools into its daily workflow.

The new system introduces functionalities such as the digitization of extensive judicial archives, automated document processing, and the development of an electronic case file to centralize all procedural elements in a single digital environment. Crucially, the system includes AI-based components, such as automatic anonymization of decisions, thematic case classification, and the real-time suggestion of relevant case law and legislation to support the adjudicating judge. These features aim not only to accelerate adjudication processes and reduce backlog, but also to enhance the quality, consistency, and accountability of judicial outcomes. The tools are intended to assist, not replace, judicial discretion, thereby preserving the independence and integrity of adjudication.

Furthermore, the IIS will be interoperable with other public administration and judicial platforms, significantly reducing procedural redundancies and enabling a more streamlined, data-driven approach to justice. The new digital portal of the Court, launching officially on 16 September 2025, will also improve accessibility and provide citizen-facing services, reflecting a broader shift towards institutional transparency and civic engagement.

In this context, the digital evolution of the Hellenic Court of Audit strengthens the performance of its competences, both judicial and auditing. The integration of intelligent systems facilitates more timely and effective oversight, while ensuring alignment with principles of legality, proportionality, and respect for fundamental rights. It marks a decisive step toward a more modern, efficient, and accountable justice system.

Finally – given the EU AI Act’s emphasis on fundamental rights, transparency, and human oversight—particularly in high-risk AI systems—it may be reasonably expected that a Court of Audit vested with jurisdictional powers could exercise its competence to review acts of imputation involving AI systems. In such cases, the Court would be entitled to assess whether the deployment of the AI system respected applicable human rights standards, including safeguards against discrimination, the right to due process, and data protection principles. This oversight aligns with the broader objective of the AI Act to ensure that AI technologies operate in accordance with the Union’s foundational rights framework, thereby reinforcing the legitimacy and accountability of automated public decision-making. In the case of the Court of Audit, liability is minimum to zero as it functions as a Supreme Financial Court, vested with all necessary powers of impartiality and independence and employed with judges empowered to ensure the necessary overview of the requisite legal soundness. Its new Statute (law No. 4820/2021) and constitutional vetting immunizes the Hellenic Court of Audit and empowers it to deal effectively with those threats.  

Turning now to auditing of AI systems utilized by audited bodies, the Hellenic Court of Audit is currently reviewing the national asset-declaration regime—a system that requires hundreds of thousands of office-holders to disclose income, property and liabilities each year. The system of asset declarations was recently revised, including a modern, fully digital filing platform became recently fully operational. It is designed to draw information from tax, land-registry and banking databases, creating the technical basis for transaction analytics. The Hellenic Court of Audit has audited the functioning of this system, that is considered by the Organization for Economic Cooperation and Development (OECD) a prime tool fighting corruption in the public sector. The outcome is soon to be published within this year, 2025. 

IV. Conclusion

Many jurisdictions have digitized oversight—e-invoicing, electronic declarations—yet still rely on labor-intensive sampling to test integrity and enforce accountability. Continuous transaction analytics closes that gap. A shared library of open-source red-flag models—conflict-of-interest detection, procurement-collusion mapping, VAT-carousel tracing—would let resource-constrained SAIs leapfrog years of experimentation. Transaction analytics does not replace professional skepticism or judicial overview; it amplifies it. By converting a torrent of digital exhaust into credible red flags, SAIs can move from manual risk identification to vigilant guardianship. 

The lesson is universal: secure the legal powers, open the data flows, blend audit craft with data science and iterate quickly under strong ethical guard-rails and exchange, or even better, pool best practices and information technology (IT) expertise. The reward is a rise in both deterrence and detection—long before the ink dries on the audit report. Any SAI contemplating the journey begins with the upgrading and shielding the mandate to ensure due process. 

1. INTOSAI Development Initiative (IDI) (2023). Understanding the use of Artificial Intelligence in Public Sector Auditing. ↩︎
2. OECD. (2024). Governing with Artificial Intelligence: Are governments ready? OECD AI Papers, No. 20. https://doi.org/10.1787/26324bc2-en ↩︎
3. Papapanagiotou, A., & Zachou, C. (2024, October). AI and machine learning in public sector auditing: Perspectives from the Hellenic Court of Audit – A jurisdictional SAI. ASOSAI Journal. ↩︎
4. European Parliamentary Research Service. (2021). Artificial Intelligence Act: Risk-Based Approach and Regulatory Framework ↩︎
5. European Parliamentary Research Service. (2021). Artificial Intelligence Act: Initial Appraisal of the Commission’s Impact Assessment. ↩︎