Is ChatGPT Safe for CA Client Documents? ICAI Guidance, DPDP Risks & Safe Alternatives

What CAs Are Putting Into ChatGPT — and Why It's Risky

The use cases are understandable. ChatGPT is fast, free (mostly), and produces readable text. CAs commonly use it for:

• Drafting client notice responses with client name, PAN, and assessment details
• Writing engagement letters pre-filled with client financials
• Summarising ITR computation with income figures and tax liability
• Drafting GST advisory letters with client GSTIN and transaction details
• Creating demand notice responses citing client-specific amounts

In every case, confidential client data — PAN numbers, financial figures, personal names, tax details — flows into OpenAI's servers. And that creates four distinct categories of risk.

Risk 1: Your Inputs Train OpenAI's Models

OpenAI's default policy for ChatGPT Free and Plus users: conversations are used to train and improve future models. Users can opt out in Settings → Data Controls → "Improve the model for everyone" — but this is not the default state when you create an account.

This means a client's PAN, financial figures, and legal details typed into a ChatGPT prompt may be retained and used to improve a model that will serve millions of other users. Even if OpenAI anonymises data, the data leaves India and enters OpenAI's training pipeline.

ChatGPT Enterprise disables training by contract. Individual and Plus users do not have this protection.

Risk 2: No Contractual Data Protection for Free/Plus Users

When a CA firm uses a third-party tool to process client data, that vendor is a "Data Processor" under Indian law. Best practice — and a DPDP requirement from Phase 2 — is to have a signed Data Processing Agreement (DPA) defining how the vendor handles, retains, and deletes client data.

OpenAI offers DPAs only to Enterprise customers. There is no DPA available to individual ChatGPT Free or Plus users. For a CA using ChatGPT to process client data, there is no contractual basis governing what OpenAI does with that data.

Risk 3: Legal and Tax Hallucinations

ChatGPT has no training on India-specific GST formats, ICAI engagement letter standards, or current Income Tax Act provisions at the section level. It can and does:

• Cite wrong section numbers under the Income Tax Act
• Generate GST demand responses with incorrect procedural references
• Confuse TDS provisions across different sections
• Produce engagement letters missing India-specific clauses

For advisory queries, a CA catches these errors before they matter. For documents that go to clients or regulators, a wrong section citation or missed clause can be costly — professionally and legally.

Risk 4: DPDP Compliance Exposure from November 2026

Under the DPDP Act 2023, Phase 2 obligations are enforceable by November 2026. Among them: Data Fiduciaries (including CA firms collecting client PAN and financials) must ensure any Data Processor they engage meets adequate protection standards and operates under a signed DPA.

Using ChatGPT Free or Plus to process client documents without a DPA — and without the ability to prevent training on that data — creates direct DPDP exposure. The maximum penalty under DPDP is ₹250 crore per violation.

Even if enforcement begins gently, the liability is real and the trend is toward stricter enforcement over time.

What ICAI Says

ICAI has issued guidance advising members to avoid inputting confidential client data into general-purpose AI tools. The concern is both technical (data retention and training) and professional: client confidentiality is a fundamental obligation under the ICAI Code of Ethics. A CA who shares a client's financial details with a tool that may retain and use them is potentially in breach of that obligation.

CAGPT: Safer, But Not a Document Tool

CAGPT is purpose-built for the CA profession with India tax and accounting context. It is a safer choice than ChatGPT for advisory queries. However, it has hard limits for document generation:

• 20 prompts per day — during ITR season, a busy CA uses this up in an hour.
• ~6% error rate — reasonable for advisory, risky for signed documents.
• No document output — CAGPT returns text. You still copy-paste and reformat in Word. The manual step that costs 40 minutes is still there.

What a DPDP-Safe CA Tool Looks Like

Five criteria for evaluating any AI or document tool your firm uses to process client data:

1. India-hosted — data does not cross borders; no cross-border transfer restrictions apply.
2. Contractual commitment not to train on your data — not a settings toggle, a contractual obligation.
3. Data Processing Agreement available — formalises the vendor's DPDP obligations as a Data Processor.
4. 256-bit encryption — at rest and in transit.
5. No third-party data sharing — your client's data stays between you and the tool.

ChatGPT Free and Plus fail criteria 1, 2, and 3. CAGPT may satisfy more criteria — verify their current DPA status. Glomiq meets all five.

How Glomiq Addresses Every Concern

• India-hosted infrastructure — no cross-border data transfer.
• Data never used to train AI models — contractual commitment, not a default setting you need to find.
• 256-bit encryption at rest and in transit.
• No third-party data sharing.
• No advisory AI on client data — Glomiq automates document formatting and variable filling. It does not analyse or summarise your client's financials. Client data flows into fields you define; it is not processed by a language model.

500+ CA and legal professionals use Glomiq. Free plan: 50 documents/month, 3 templates, no credit card. Starter India: ₹399/month for ~150 documents.

Frequently Asked Questions

Does ChatGPT use my inputs to train its models?

On the free and Plus tiers, OpenAI's default policy is to use conversations to improve its models. You can opt out in Settings, but this is not the default. Enterprise customers have training disabled by contract — individual ChatGPT users do not have this protection.

What does ICAI say about CAs using AI tools with client data?

ICAI has issued guidance advising members to avoid inputting confidential client data into general-purpose AI tools. The concern is data security (inputs may be retained and used for training) and professional ethics (client confidentiality is a core obligation under the ICAI Code of Ethics).

Is there a DPDP compliance risk to using ChatGPT for client documents?

Yes. Under DPDP Phase 2 obligations (enforceable from November 2026), using a third-party tool to process client personal data without a signed Data Processing Agreement creates direct compliance exposure. OpenAI does not offer DPAs to individual ChatGPT users. The maximum penalty under DPDP is ₹250 crore per violation.

What should a DPDP-safe CA document tool look like?

Five criteria: India-hosted, contractual no-training commitment, Data Processing Agreement available, 256-bit encryption at rest and in transit, and no third-party data sharing. A tool meeting all five is safe to use for client document generation under DPDP. Glomiq meets all five criteria.