A regional bank with a large and growing loan portfolio has begun bringing AI into one of its most demanding compliance obligations, internal audit, while keeping its auditors' judgment at the center of how the technology is used. What started as a single use case, the control testing of loan transactions, is becoming a template the bank intends to extend across the rest of its audit program, with AI agents taking on the slow, evidence-heavy work that once consumed entire days.
A Mandatory Process That Doesn't Scale
The bank processes on the order of ten thousand loan transactions a year. No team can review them all by hand, so auditors do what auditors everywhere do: they sample. In practice that meant testing a handful transactions per quarterly cycle: a thin slice of a population that, realistically, warranted far more scrutiny.
Supporting documentation for a single loan could run past hundreds of pages across multiple files: tabular ledgers, signed agreements, and other records. To prove that a control passed, an auditor had to locate the exact field buried inside that stack (a marital status on page 173, a disbursement on a particular date) and place a visual tick mark on it as evidence. This tick-marking is slow, repetitive, and easy to get wrong, and because internal audit is built on reviews of reviews, the resulting workpapers were then checked all over again by someone else. A conservative internal estimate put the effort at two to three hours per loan, and loans were only one of more than ten transaction types the team had to audit.
An AI-Powered Audit-Testing Workflow on StackAI
Working with StackAI, the bank built an agentic workflow that performs this control testing end to end, mirroring exactly what a human auditor does. It takes two inputs: the audit program itself (the Excel-based procedures that define the risks, controls, and attributes to be tested), and the supporting documents tied to each loan, which come in a variety of formats.
From there the workflow reads the audit program and builds a plan, working out from each procedure precisely which data fields in the supporting documents need to be checked. Several agents then extract the key facts from the source documents, pulling each value and recording where it was found, down to the field and page number.
But the most impressive feature? Rather than asking a person to comb through a 150-page file and stamp tick marks by hand, the workflow locates each data point and places the visual check mark directly on the source document as audit evidence, extracting the data and proving the review was performed in the same motion. The output is a completed worksheet with every attribute tested, every exception flagged, and every piece of evidence marked, ready for the second-level human review that internal audit demands.
The Impact
Today, audit work that consumed two to three hours per loan now takes a fraction of that, reclaiming meaningful capacity every quarter on loan testing alone.
The more strategic improvement is coverage, as the team is no longer confined to sampling methods. Coverage can scale to a hundred, to five hundred, or to every transaction in the population, eliminating the long-standing trade-off between level of assurance and human time spent.
Those two effects compound into real operational savings. In an illustrative model, the work is valued at an assumed internal rate of around $80 an hour. Expanding loan testing from a handful of samples toward full coverage reclaims on the order of a thousand hours a year on loans alone — roughly $86,000, or the cost of an additional full-time auditor, redeployed to higher-value work. Internal audit is a cost that many financial institutions can never eliminate because compliance requires it. This bank’s workflow shows that AI can make this unavoidable obligation far cheaper and far more thorough at once.
None of this removes the auditor from the loop. It removes the mechanical work of locating, transcribing, and stamping so the auditor's time goes to judgment: chasing down exceptions, confirming that the underlying systems are recording data correctly, and sitting down with process owners to understand why something isn’t working.
Looking Ahead
The bank sees this first workflow as a starting point. The same engine that now tests loans can be pointed at the ten-plus other transaction types the audit team is responsible for, and at the controls that have to be tested monthly rather than quarterly. Applied across the full audit program that way, the projected value climbs well into the six figures a year. Each expansion follows the same logic as the first: let the agents carry the repetitive load, and give the team back the hours to do the work they do best.
Want to learn more about StackAI for internal auditing? Get a demo with our team of AI experts here.
Customers
Explore More Customer Stories
The Future of Participant Service: How the YMCA Retirement Fund Delivers 24/7 Member Support with AI Agents
The YMCA Retirement Fund wanted to scale participant support and internal knowledge access without increasing staff or operational complexity.
How a Wealth Management Firm Classifies Millions of Documents with AI Agents
Advisors were slowed down by document handling, scattered product eligibility rules, and time-consuming data retrieval.
How Varos Saved 800+ Hours With an AI-Powered Categorization Agent
The operations team spent countless hours manually scanning company profiles, analyzing product offerings, and categorizing leads
