1. Use Case Overview

Use Case Title: GST Due Diligence Report Generator

Domain: GST Compliance & Taxation

Target Users: Chartered Accountants, Tax Professionals, CA Firms

Submitted By: Sahil Soni

Technology: JavaScript (Node.js, Express, Puppeteer, PDF.js, Chart.js, SheetJS)

Deployment: Local / On-Premise (localhost) — No cloud dependency

2. Problem Statement

GST Due Diligence is an essential part of professional practice for Chartered Accountants. Whether it is for client onboarding, credit assessment, audit planning, or vendor verification, CAs need to analyze a taxpayer’s GST compliance thoroughly. Currently, this process is entirely manual, time-consuming, and error-prone.

2.1 Current Pain Points

1. Manual Data Extraction: CAs must login to the GST Portal, navigate to each return type (GSTR-1, GSTR-2B, GSTR-3B), select each month individually, and download files one at a time. For a single financial year, this means 12 GSTR-3B downloads, 12 GSTR-1 navigations, and one GSTR-2B download.
2. Manual Cross-Verification: After downloading, CAs manually create Excel workbooks to cross-verify ITC claimed in GSTR-3B against ITC available in GSTR-2B, reconcile tax liability between GSTR-1 and GSTR-3B, check filing timeliness, and analyze turnover trends.
3. Supplier Due Diligence: Verifying whether suppliers have active GST registrations requires searching each GSTIN individually on the portal — impractical for clients with hundreds of suppliers.
4. No Standardized Format: Each CA or firm follows their own format, leading to inconsistency and missed checks. There is no widely-used standard template for GST due diligence reporting.
5. Time: A single comprehensive due diligence report takes approximately 4–6 hours of manual effort per client per financial year. For firms managing 100+ clients, this translates to 400–600+ hours annually of repetitive work.

3. Proposed Solution

The GST Due Diligence Report Generator is a web-based tool that automates the entire due diligence process — from data extraction to analysis to report generation. The software runs locally on the CA’s machine, ensuring complete data privacy.

3.1 Auto-Import from GST Portal

The software uses browser automation (Puppeteer) to log into the GST Portal on behalf of the user. The user authenticates normally — entering username, password, and solving the CAPTCHA manually. Once authenticated, the software leverages the portal’s own internal REST APIs (the same API endpoints that the portal’s frontend uses to display data on screen) to extract:

1. GSTR-1 data (B2B invoices, B2CS, credit/debit notes, HSN summary, exports, exempted supplies) for all 12 months
2. GSTR-2B data (inward supplies from registered suppliers, ITC available/not available) for all 12 months
3. GSTR-3B data (outward supply summary, ITC claimed, tax payment details) for all 12 months
4. Entity profile information (legal name, trade name, constitution, registration date, jurisdiction, goods/services dealt in)
5. Filing dates and return filing status (GSTR-1, GSTR-3B, GSTR-9)
6. Supplier GSTIN status (Active / Suspended / Cancelled)
7. Notices and orders from the GST Portal

The software also supports a Manual Upload mode where users can drag and drop their GSTR-1 (Excel), GSTR-2B (Excel), and GSTR-3B (PDF) files if portal access is unavailable.

3.2 Intelligent Analysis Engine

Once data is extracted, the analysis engine automatically performs the following checks:

1. GST Compliance Rating: A 30-point scoring system based on timely filing of GSTR-1 (12 points), GSTR-3B (12 points), GSTR-9 (1 point), and active registration status (5 points). Late filings receive partial credit based on days of delay.
2. ITC Reconciliation: Cross-verifies Input Tax Credit claimed in GSTR-3B against ITC reflected in GSTR-2B. Excess claims are flagged with Red/Orange/Green risk indicators.
3. Tax Liability Consistency: Compares tax liability reported in GSTR-1 (outward supplies) with tax liability discharged in GSTR-3B. Mismatches indicate potential under-reporting.
4. Input/Output Ratio: Calculates the ratio of total purchases to total sales. Ratios exceeding 100% or above 90% are flagged for review.
5. Turnover Analysis: Breakup of sales into B2B, B2C, Exports, and Nil/Exempt categories with month-wise trends and state-wise distribution.
6. Tax Payment Behaviour: Analyses the split between tax paid via ITC utilisation and cash payment. ITC utilisation exceeding 90% is flagged per GST guidelines.
7. Credit Note Analysis: Measures credit notes issued as a percentage of total invoices to identify excessive returns or post-sale discounts.
8. Top Buyers & Suppliers: Concentration analysis of major customers and vendors with percentage contribution.
9. Buyer-Supplier Overlap: Identifies GSTINs that appear as both buyer and supplier — a potential indicator of circular trading.
10. Supplier Status Check: Flags suppliers with Suspended or Cancelled GST registration along with purchase exposure amount.

3.3 Professional Report Generation

The software generates a comprehensive, print-ready due diligence report containing:

1. Cover page with entity details and report metadata
2. Table of contents
3. Entity profile (auto-populated from portal data)
4. Executive summary with all key metrics and risk flags at a glance
5. Detailed sections: Compliance Check (A), Turnover Analysis (B), Purchase Analysis (C), Input Tax Credit (D), Tax Liability (E)
6. Visual charts (bar charts, doughnut charts, horizontal bar charts) for trends and distributions
7. Annexures with monthly breakups, sales register, purchase register
8. Notices and orders section (if any exist on the portal)

The report can be saved as PDF via the browser’s Print function. Multi-year comparison (up to 3 financial years side-by-side with YoY growth) is supported.

4. Technology Stack

The entire application is written in JavaScript. No Python, no cloud services, no external APIs, no database. All processing happens locally on the user’s machine.

1. Node.js: Server runtime — chosen because Puppeteer is a native Node.js library, enabling a single-language stack.
2. Express: Lightweight web server handling API routes, session management, and Server-Sent Events (SSE) for real-time progress updates.
3. Puppeteer: Browser automation — controls a real Chrome browser for portal login, cookie/session management, and API calls across multiple GST subdomains (return.gst.gov.in, gstr2b.gst.gov.in, services.gst.gov.in).
4. PDF.js: PDF text extraction — parses GSTR-3B government PDFs with regex-based extraction of outward supplies, ITC sections, and tax payment tables. Works both server-side and in the browser.
5. SheetJS (XLSX): Excel file parsing — reads GSTR-1 and GSTR-2B Excel files in manual upload mode.
6. Chart.js: Data visualization — generates interactive charts (bar, doughnut, horizontal bar) embedded in the report.
7. HTML / CSS / JavaScript: Plain frontend — no React, Angular, or Vue. No build step, no framework complexity. Simple, maintainable, and instantly runnable.

5. Key Differentiators

1. Portal API Integration: The software authenticates through the official GST Portal login and then leverages the portal’s own internal REST APIs for data extraction. These are the same API endpoints that the portal’s frontend uses to render data on screen. This approach is significantly faster than manual file downloads.
2. Multi-Year Comparison: Supports analysis of up to 3 financial years side-by-side with year-on-year growth calculations, enabling trend-based assessment.
3. Risk-Based Flagging: Every metric in the report is assigned a Red, Orange, or Green flag based on defined thresholds, enabling quick identification of areas requiring attention.
4. Complete Data Privacy: All processing happens locally on the user’s machine. No client data is transmitted to any external server or cloud service. The server runs on localhost. Data is held in memory only and is discarded when the session ends.
5. Dual Input Mode: Supports both automated portal extraction and manual file upload, ensuring usability even when the GST Portal is inaccessible.
6. Standardized Output: Produces a consistent, professional report format that can be adopted as a firm-wide standard for GST due diligence.

6. User Workflow

1. User opens the application in their browser
2. Selects “Auto Import from Portal” mode
3. Enters GST Portal username and password
4. Solves the CAPTCHA displayed in the application
5. Selects the financial year(s) to analyze (supports up to 3 years)
6. Software automatically extracts all GST return data from the portal via internal APIs
7. Entity information is auto-populated from the portal’s Search Taxpayer page
8. Analysis engine processes all data and generates the report
9. User reviews the report and saves as PDF via the Print function

Total time: approximately 10–15 minutes per client (including portal response time), compared to 4–6 hours manually.

7. Report Structure

The generated report contains the following sections:

1. Cover Page: Entity name, GSTIN, financial year, and report generation date.
2. Table of Contents: Hyperlinked navigation to all sections.
3. Entity Profile: Legal/trade name, GSTIN, constitution, registration date, jurisdiction, taxpayer type, goods and services dealt in.
4. Executive Summary: All key metrics with Red/Orange/Green risk flags in a single table for quick review.
5. Section A — Compliance Check: GST compliance score (out of 30), filing dates for GSTR-1 and GSTR-3B with delay analysis, GSTR-9 annual return status.
6. Section B — Turnover Analysis: Monthly sales and purchase trend, turnover breakup (B2B, B2C, Exports, Nil/Exempt), input/output ratio, seasonality analysis, state-wise distribution, HSN-wise summary, credit note analysis, top buyers, buyer-supplier overlap.
7. Section C — Purchase Analysis: Top suppliers with concentration analysis, suppliers with Suspended or Cancelled GSTIN.
8. Section D — Input Tax Credit: ITC mismatch between GSTR-3B (claimed) and GSTR-2B (available) with IGST/CGST/SGST component-wise breakup.
9. Section E — Tax Liability: GSTR-1 vs GSTR-3B tax liability consistency check, tax payment behaviour (ITC vs cash split).
10. Notices & Orders: Pending notices and orders from the GST Portal.
11. Annexures: Monthly sales and purchase data, buyer-wise sales register, supplier-wise purchase register.

8. Impact & Value Proposition

Before (Manual Process)

1. 4–6 hours per client per financial year
2. Manual cross-verification in Excel spreadsheets
3. High risk of human error
4. Inconsistent, ad-hoc report formats
5. Manual GSTIN search for supplier verification

After (Automated)

1. 10–15 minutes per client per financial year
2. Automated cross-verification with risk flags
3. Low error risk — systematic, rule-based checks
4. Standardized, professional report with charts and tables
5. Automated supplier status check
6. Multi-year side-by-side comparison with YoY trends

Estimated time saving: ~95% reduction in effort per client.

9. Future Roadmap

1. AI-Powered Risk Commentary: Integrate LLM capabilities to generate narrative analysis and actionable recommendations for each risk flag identified in the report.
2. Bulk Client Processing: Batch mode for CA firms to queue multiple GSTINs and process them sequentially with consolidated summary reporting.
3. Historical Trend Dashboard: Interactive web-based dashboard for multi-year trend visualization and real-time compliance monitoring.
4. Integration with Accounting Software: Cross-verify GST return data with books of accounts from Tally, Busy, or other accounting platforms for complete reconciliation.
5. Official GSP API Migration: Transition from portal API approach to the official GST Suvidha Provider (GSP) route for commercial deployment.
6. 
   

10. Conclusion

GST Due Diligence is a critical yet time-intensive activity in every CA’s practice. The GST Due Diligence Report Generator demonstrates how automation and intelligent analysis can transform this process — reducing hours of manual work to minutes, eliminating human errors, and producing a consistent professional output.

The tool is built entirely in JavaScript, runs locally with zero cloud dependency, and ensures complete data privacy. It represents a practical, immediately deployable use case of AI and automation in the CA profession.