This article is general information, not legal advice. How data-protection law applies to your firm depends on your specific facts; for advice on your obligations, consult a qualified lawyer.
Generative AI has become genuinely useful, and the temptation to point it at the most tedious parts of a practice — reading documents, pulling figures, drafting working papers — is real. But a CA practice holds some of the most sensitive personal data anyone collects. Before you paste a client’s Form 16 into a chatbot, the question worth sitting with is not “is this AI any good?” It is “where does my client’s data go the moment I press send?”
The real risk is where the data goes
With most consumer AI tools, your prompt — and any document you attach — is sent to a model hosted outside India, and the provider’s default terms often reserve the right to retain it, and sometimes to use it to improve their models. For a holiday-itinerary question, nobody minds. For a client’s PAN, bank statement and return, that is a meaningful disclosure of personal data to a third party abroad, made without the client’s knowledge. The model’s cleverness is not the issue; the data path behind it is.
Three questions to ask any AI tool
You do not need to be a privacy lawyer to evaluate an AI tool responsibly. Three questions get you most of the way.
- Where does the model run — and does the data stay in India? If a tool cannot tell you which country processes your prompt, assume it leaves. For financial-document work, in-country processing is the sensible posture, and it is increasingly possible to insist on it.
- Is my data retained or used to train the model? Read the terms, not the marketing. Many tools train on inputs by default, with opt-out buried in a settings page. For client data you want the opposite default — no training, no retention — and ideally that commitment in writing.
- Does the AI do the work, or draft for my review? A tool that quietly files, computes or decides is a liability you cannot supervise. A tool that drafts, extracts and cites — leaving the judgement and the signature to you — fits how a practice is actually accountable.
Data residency, again
Regular readers will recognise the first question from data-protection basics: where your clients’ data is physically stored and processed is a question worth asking of every tool, and AI is no exception — arguably it is the sharpest case, because the data does not just sit in storage, it is actively sent to a model to be read. Keeping that processing within India removes a large category of avoidable risk before any other safeguard is even considered.
Advisory, not autonomous
There is a second axis that matters as much as residency: how much you let the tool decide. An assistant that reads a document and suggests the figures, with its sources attached for you to check, sits comfortably inside a practice — you remain the one who computes, reviews and files. An agent that is trusted to compute liabilities or push filings on its own moves the professional judgement out of your hands, which is precisely where it must not go. The safest AI for a practice is the one that behaves like a diligent junior: it prepares, you decide.
The standard we hold ourselves to
This is the standard we have built FirmsNest’s own assistant to meet rather than work around: a model that runs in India, that is never trained on your firm’s data, and that drafts for your review instead of acting on its own. We would rather ship something narrower that keeps clients’ data where it belongs than something flashier that quietly does not. If you are evaluating any AI tool for your practice — ours or anyone’s — those are the questions we would put to it.
And, once more, the line that matters most: this is general information, not legal advice. For your firm’s specific obligations, speak to a qualified lawyer.