GSTAuditSuite
AI & Audit

GSTAuditSuite

Author : CA Meet Dhrangadhariya

Watch on Youtube

A. INTRODUCTION

About the Tool

GSTAuditSuite is a privacy-first, browser-based GST reconciliation and compliance platform built for Chartered Accountants, tax professionals, and businesses operating under India's GST framework. The tool runs entirely inside the user's web browser - no data is transmitted to any server - making it the reconciliation solution that is both deeply intelligent and completely secure by design.

The guiding vision: give every CA in India the analytical horsepower of a large audit firm, delivered in a tool that takes seconds to load and requires zero installation.


Key Objectives

  1. Automate the most time-consuming step in GST compliance - matching purchase register entries against GSTR-2B portal data - with multi-pass intelligence.
  2. Enable CAs to identify and act on every category of ITC risk: unclaimed credits, ineligible credits, time-barred credits, and wrong-period claims.
  3. Ensure data privacy by processing all data locally in the browser - no uploads to any cloud, no third-party data exposure.
  4. Reduce month-end compliance preparation time from days to minutes, even for clients with 1,00,000+ invoice rows.
  5. Provide an integrated compliance suite - TDS under Income Tax Act, GSTR-3B pre-fill, HSN/SAC validation, and Split PO detection - inside a single tool.


Target Users

  1. Practising Chartered Accountants managing GST filings for multiple clients
  2. In-house finance and accounts teams at mid-to-large Indian businesses
  3. Tax technology teams at CA firms and fintech startups
  4. GST auditors performing annual reconciliation and ITC verification




B. PROBLEM STATEMENT

Pain Point 1: GSTR-2B Reconciliation is Manual, Slow, and Error-Prone

Every month, CAs must reconcile hundreds or thousands of purchase invoices against the GSTR-2B portal statement. The process involves VLOOKUP-heavy Excel work, requires careful attention to GSTIN formats, invoice number variations, and date-period mismatches. A single client with 10,000 invoices can consume an entire working day. Multiply this across 20-50 clients and the math becomes unsustainable.

  1. Manual reconciliation takes 3-8 hours per client per month for mid-sized businesses
  2. GSTIN formatting inconsistencies and fuzzy invoice numbers cause matches to be missed, leading to ITC leakage
  3. No existing free tool handles consolidated multi-period data, QRMP vendor classification, or cross-PAN matching simultaneously


Pain Point 2: ITC Risk is Invisible Until It is Too Late

India's GST law contains multiple provisions that restrict or reverse Input Tax Credit - Section 16(2), 16(4), 17(5), Rule 37, and the QRMP quarterly mismatch rules. Most businesses discover these risks during audits, not during the filing month. By then, interest and penalties may already apply.

  1. Time-barred ITC (Sec 16(4)): Invoices older than the cut-off date are silently ineligible - no tool proactively flags these in the filing workflow
  2. Wrong-period claims (Sec 16(2)(aa)): ITC booked in a different GSTR-3B period than the supplier's filing month creates reversal risk that is rarely caught
  3. Ineligible credits (Sec 17(5)): Blocked credit on motor vehicles, food, hospitality etc. is often claimed erroneously when teams change or SOPs are not followed


Pain Point 3: Multi-Compliance is Fragmented Across Disconnected Tools

Beyond GSTR-2B, a CA managing a mid-sized business client also needs to handle TDS under the Income Tax Act, verify HSN/SAC codes before filing, prepare GSTR-3B Table 4 values, and detect purchase order splitting for internal audit purposes. Today, each of these tasks requires a separate tool, a separate Excel file, or a manual look-up. The cognitive overhead of context-switching across tools is significant and error-prone.

  1. TDS compliance (Sec 194Q, 194C, 194J, etc.) requires manual calculation from the same purchase data already loaded for GST - no tool connects these two workflows
  2. HSN/SAC errors in GSTR-1 attract notices; no lightweight validator exists that works offline with a 22,000-code master
  3. Split PO detection for internal audit requires pattern analysis across thousands of invoices - typically done only by large firms with dedicated teams



C. TECHNOLOGICAL SOLUTION

Application Architecture

GSTAuditSuite is a single-page application (SPA) built entirely in vanilla JavaScript and rendered in the user's browser. There is no backend server, no database, and no network call during data processing. All computation - parsing, matching, scoring, aggregation - runs in-browser using the Web APIs. The app is delivered as a static HTML file (app.html) served via a CDN.

This architecture achieves two goals simultaneously: near-zero infrastructure cost and absolute data privacy. The performance envelope is determined by the user's device, which in practice handles 1,50,000+ invoice rows in under 60 seconds on a modern laptop.






Technology Stack

ComponentTechnology

FrontendVanilla JavaScript (React-style component architecture, no framework dependency)
StylingTailwind CSS utility classes (embedded, no build step)
Data ProcessingSheetJS (Excel/XLSX parsing), custom in-memory data engine
PDF ExportBrowser-native print API with custom CSS print layout
Excel ExportSheetJS write API - multi-sheet workbook with 15+ output sheets
DatabaseNone - all state is in-memory, cleared on page reload
HostingStatic CDN (no server-side compute)
SecurityNo data leaves the device - DPDP-aligned by architecture

Core Modules & Features

Module 1: 7-Pass Intelligent Matching Engine

The centrepiece of the tool. Processes purchase register, debit notes, credit notes, and journal entries against GSTR-2B (B2B + CDNR sheets) using a sequential matching algorithm that escalates from exact to fuzzy.

  1. Pass 1: Exact GSTIN + Invoice Number match
  2. Pass 2: V2 fuzzy normalisation - strips prefixes, suffixes, leading zeros, and common separators before comparing
  3. Pass 3: Cross-PAN match - catches invoices where the supplier's GSTIN state code differs
  4. Pass 4: QRMP date-range match - for quarterly filers, expands the period window to cover the full quarter
  5. Pass 5: Consolidated match - catches invoices filed in a consolidated quarterly return
  6. Pass 6: Amount + month match - matches on taxable value and filing month when invoice numbers diverge
  7. Pass 7: Possible match scoring - surfaces near-matches for manual review with confidence indicators


Module 2: 29-Code Audit Classification System

Every row in the reconciliation output receives one of 29 audit codes across 6 categories: Matched, Possible, Query, Danger, Ineligible, and Excluded. This transforms a raw data dump into a structured, actionable audit trail.

  1. Matched (M-1 to M-RCM): 9 sub-codes covering exact, fuzzy, date gap, cross-state, consolidated, RCM, and late-filed scenarios
  2. Query (Q-1 to Q-15): Actionable issues requiring CA review - Not in 2B, Not in Books, Value mismatch, Zero GST, ITC not taken, Time-barred, Wrong month, QRMP delay
  3. Danger (D-10 to D-12): High-risk flags - DN treated as CN, Duplicate in books, Duplicate in 2B
  4. Ineligible (I-5 to I-8): Portal-blocked, Sec 17(5) blocked, RCM not in 2B, Reduced ITC


Module 3: Vendor Intelligence

Goes beyond simple row-level matching to provide supplier-level analytics.

  1. QRMP Auto-Detection: Identifies each supplier's filing type (Monthly / Quarterly-QRMP / IFF) by analysing invoice-to-period gaps - no manual input required
  2. Vendor Scorecard: Scores each supplier on filing punctuality, on-time rate, average lag, and ITC at risk - enables CA to send targeted compliance notices
  3. Month Heat Map: Visualises matched vs. unmatched invoices per supplier per month over a 2-year horizon - instantly spots chronic late filers


Module 4: Multi-Compliance Views

Nine result tabs provide a complete compliance dashboard from a single data load.

  1. Totals & Checks: Tax summary (Books vs 2B vs Net Claimable), CN/DN net position, GSTR-3B impact summary
  2. TDS Compliance: Cross-references GST purchase data against all Income Tax TDS sections (194Q, 194C, 194J, 194I, 194H, 194R, etc.) - computes estimated TDS liability and identifies unidentified vendors
  3. Split PO Detector: Flags vendor-date clusters of invoices that may indicate deliberate purchase order splitting to bypass approval thresholds - risk-scored with auditor notes
  4. GSTR-3B Pre-fill (Table 4): Auto-computes all Table 4 cells (4A(3), 4A(5), 4B(1), 4B(2), 4C, 4D(1), 3.1(d)) from reconciled data - with 5 critical observations panel

HSN/SAC Compliance: Validates HSN/SAC codes against a 22,000-entry master, flags Sec 17(5) blocked items, and detects rate deviations






Figure 1: Reconciliation Results - Detail Table with 29 Audit Codes and Advanced Column Filters



D. HOW IT WORKS - WORKFLOW

Step-by-Step Processing Pipeline

Step 1 - Upload:

User uploads Books data (Purchase Register, Debit Notes, Credit Notes, Journal entries - .xlsx/.xls/.csv, up to 50 MB per file) and GSTR-2B data (GST Portal Excel format). Multiple files can be merged. The tool auto-detects file format and sheet types.

Step 2 - Map Columns:

The auto-mapping engine pre-fills all column mappings (GSTIN, Invoice No., Date, Taxable Value, IGST/CGST/SGST) for each register type. The user reviews and confirms. All required fields are validated before proceeding. A 'Validated' badge confirms readiness.

Step 3 - Reconcile:

The 7-pass matching engine runs entirely in the browser. The result is a merged dataset where every row has an audit code, delta values (Books minus 2B for GST and Taxable), flags (DUP-B, INV-GSTIN, AGEING-AMBER, etc.), and a match level. Typical processing time: under 10 seconds for 25,000 rows, under 60 seconds for 1,50,000 rows.

Step 4 - Analyse:

Nine result tabs open automatically. The CA navigates from the Detail Table (row-level drill-down with search and filter) through Party-wise Summary, Totals & Checks, Month Heat Map, Vendor Compliance, TDS Compliance, Split PO Detector, GSTR-3B Pre-fill, and HSN Compliance.

Step 5 - Export:

One-click Export Excel generates a 15+ sheet workbook: Reconciliation, Party-wise Summary, Totals Check, Code Summary, Books Only, 2B Only, GSTR-3B Impact, Vendor Compliance, ITC Month Correction, TDS Summary, TDS Party Register, Split PO Detector, GSTR-3B Table 4, and more. One-click PDF generates a branded 2-page reconciliation report with KPI summary, category breakdown, and top 15 discrepancies.





E. BENEFITS, IMPACT & DIFFERENTIATORS

Challenge vs Solution Mapping

ChallengeHow GSTAuditSuite Solves It

Manual VLOOKUP reconciliation takes hours7-pass engine completes matching in seconds, handling 1.5L+ rows
GSTIN/invoice format variations cause missed matchesV2 fuzzy normalisation + cross-PAN logic catches 95%+ of real matches
QRMP quarterly filers cause period mismatchesQRMP Auto-Detection identifies filing type per vendor automatically
ITC risk (time-barred, wrong month, ineligible) is invisible29 audit codes + 3B pre-fill observations surface every risk category
TDS compliance is a separate manual exerciseTDS module cross-references same data - no re-upload needed
Data privacy concerns with cloud-based tools100% in-browser processing - data never leaves the device
Split PO risk is only caught in large firm auditsSplit PO Detector flags clusters with risk scores - available to every CA


Quantified Benefits

  1. Time savings: 70-85% reduction in monthly reconciliation preparation time per client
  2. Accuracy: Multi-pass matching reduces missed credits - unclaimed ITC is surfaced as Q-1 (Not in 2B) with exact rupee value
  3. Scale: Handles 1,50,000 rows in a single session - suitable for large businesses and consolidation across periods
  4. Privacy: Zero server-side data processing - fully compliant with India's DPDP Act requirements for financial data
  5. Coverage: 29 audit codes covering scenarios defined in CGST Act, Rules, and CBIC circulars
  6. Cost efficiency: Free to use - no subscription, no per-user licence, no data charges
  7. Portability: Single HTML file - can be saved locally, used offline, and distributed within a firm


Unique Differentiators

  1. The reconciliation tool that operates entirely in-browser with zero data transmission - a genuine privacy-first architecture, not just a policy claim
  2. 7-pass matching engine with QRMP-aware logic is purpose-built for India's unique GST filing landscape
  3. Integrated TDS-GST cross-compliance in a single tool eliminates the need to export data and re-import into a separate TDS calculator
  4. 29-code audit classification turns raw reconciliation output into a structured, client-ready audit workpaper
  5. Split PO Detector brings an internal audit capability - normally available only in enterprise ERP tools - to independent CAs
  6. GSTR-3B Table 4 auto-population with drill-down and manual entry support reduces the risk of GSTR-3B errors that trigger scrutiny notices


'



F. DEPLOYMENT, LIMITATIONS & ROADMAP

Deployment

  1. Local / Offline: The html file can be saved locally and opened directly from the filesystem - fully functional offline, suitable for firms with strict data policies


Current Limitations

  1. Session-based only: All data is cleared on page reload - no persistent storage or client history
  2. No AI/LLM layer yet: Matching logic is deterministic rule-based; natural language query and AI-assisted anomaly explanation are not yet available
  3. Single-entity per session: The tool processes one GSTIN's data per session - consolidated group reporting requires running separate sessions


Future Roadmap

  1. AI Anomaly Explainer: Integrate an LLM layer to generate natural-language explanations for each audit code and suggest corrective actions
  2. Multi-client Dashboard: A session manager that allows CAs to load and switch between multiple client datasets in a single browser session
  3. GSTR-1 Auto-Reconciliation: Full reconciliation of GSTR-1 filed data against the sales register - mirror of the current GSTR-2B workflow
  4. Automated Client Reports: One-click generation of formatted client advisory letters summarising key ITC risks and recommended actions
  5. API / Tally Integration: Direct data pull from Tally Prime via ODBC - eliminating the export-import step entirely
  6. WhatsApp Alerts: Automated monthly reminders to suppliers with pending filings, triggered from the Vendor Scorecard




G. CONCLUSION

GSTAuditSuite represents a fundamental rethink of how GST reconciliation should work in India. By running entirely in the browser, it removes the privacy trade-off that has historically forced CAs to choose between convenience and data security. By combining 7-pass intelligent matching, 29 audit codes, integrated TDS compliance, and GSTR-3B pre-fill in a single tool, it collapses a fragmented multi-tool workflow into a single, structured process.


The tool is already capable enough to handle enterprise-scale datasets - 1,50,000 rows, thousands of suppliers, 3 years of data - within seconds, on a standard laptop, with no installation required. For independent CAs and small firms, this is a capability step-change.


The vision is simple: every CA in India, regardless of firm size, should have access to the same quality of reconciliation intelligence that today exists only in large audit firms with dedicated technology teams. GSTAuditSuite is that equaliser.

Recent Posts

© Copyrights 2026 ICAI. All rights reserved.