← Back to App

Data Integrity & Audit Readiness

سلامة البيانات وجاهزية التدقيق
Last updated: 13 July 2026  ·  For business owners, accountants and auditors
Every number in Rakam can be traced to its source document, every change to it is recorded permanently, and the record itself is cryptographically verifiable. This page explains, in plain language, why the figures Rakam produces can be trusted — by the owner, by the accountant, and by an external auditor.

1. Every change is recorded — automatically, at the database level

Each create, edit and delete on the ledger is captured by a database trigger, not by application code. It fires no matter where the change comes from — the dashboard, the WhatsApp bot, or a direct API call — recording who made the change, when, and the exact before/after value of every field. There is no code path that touches the books without leaving a record.

2. The audit log is append-only and tamper-evident

3. Nothing is ever truly deleted

Real deletion of ledger records is blocked at the database level. "Deleting" a transaction or Z-Report only removes it from active view — the record stays inspectable and restorable in the audit trail, satisfying the UAE Federal Tax Authority's 5-year record retention requirement by construction, not by policy.

4. Every entry traces back to its source document

When a receipt or invoice arrives via WhatsApp, Rakam stores the original image in private, access-controlled storage and links it to the ledger entry it produced. Users cannot upload, replace or delete these stored documents — only the intake system writes them. An auditor can open any ledger line and see the actual paper it came from.

5. AI extracts — code calculates — people approve

The AI reads documents and extracts raw figures only. All arithmetic — VAT math, reconciliation, variance checks — is done deterministically in code, and entries land as pending for the owner or accountant to review, correct and approve. Every correction is itself captured in the audit trail, so the reviewer's judgement is part of the permanent record, not a way around it.

6. Access is enforced by the database, not the interface

What this means in an audit: for any figure in a VAT return or P&L, Rakam can produce (a) the source document image, (b) the extraction and every subsequent correction with who/when/what, and (c) a cryptographic proof that this history was not altered after the fact.

Questions from auditors or advisors

We're happy to walk your auditor through the audit trail, run the integrity verification together, and export the full change log for their working papers.

Contact: info@rakamai.ae