Insights · Vertical SaaS · Agentic AI
The Accounting OS: Why MENA's professional firms need a different kind of software
An essay on the rise of the Accounting Operating System, the agentic AI layer underneath it, and why we built Foliant-OS as a category — not a tool.
Profecia Links Editorial
11 minute read
Vertical SaaS · MENA
May 2026
A senior partner at a mid-sized UAE accounting firm we worked with last year described his Monday morning like this: “I open Excel for the trial balance. Caseware for the audit file. Email for the documents the client hasn’t sent. Dropbox for the documents they did send. EmaraTax in another tab. ZATCA in a third. WhatsApp on my phone for the partner asking why a Saudi client’s filing is late. By the time I’ve found what I need to start my actual work, it’s lunchtime.”
He was not complaining about technology. He was describing what the technology has done to the profession.
For three decades, accounting and audit firms across MENA have been quietly building their practices on tools designed somewhere else, for someone else. Excel was built for the financial analyst, not the audit senior. Caseware was built for the Canadian audit firm, not the Saudi tax practitioner. QuickBooks was built for the American small business, not the multi-jurisdictional GCC group. The result is a Frankenstein stack — six to eight applications duct-taped together with email, manual data re-entry, and the increasingly endangered patience of junior staff.
This is the problem we set out to solve. Not with another application to add to the stack — but with a different category of software entirely.
We call it an Accounting Operating System. The product we built is Foliant-OS. And the technology that makes it possible — that genuinely could not have existed five years ago — is the recent maturation of agentic AI.
A profession at a structural breaking point
Before we get to the solution, it is worth being honest about the scale of the problem.
Since 2022, more than 300,000 accountants and auditors have left the profession globally. The pipeline of new entrants is shrinking faster than the existing population is retiring. Regulatory complexity — VAT introductions, Corporate Tax, e-invoicing mandates, IFRS amendments — is accelerating, not slowing. The math does not work. Firms cannot solve a growing workload by adding people who do not exist.
The response from the industry has been to bolt more software onto the existing stack. Some firms now use twelve or fourteen separate applications, each automating one slice of the workflow. We have lost count of how many “AI features” we have seen added to existing accounting software over the past two years — most of which are little more than chatbots layered on top of legacy databases.
75%
Of companies will invest in agentic AI by end of 2026
6%
Of CPA firms have actually implemented it today
300K+
Accountants who left the profession since 2022
The gap between intent and execution is the largest we have seen in any enterprise technology cycle since cloud migration began in 2010. The firms that close that gap — and close it through a structural redesign, not a feature bolt-on — will compound advantages over the next decade. The firms that do not will find themselves competing against firms that effectively have two or three times their per-partner capacity.
The opportunity is to build something that replaces the stack, not something that joins it.
What we mean by “Operating System”
The term gets used loosely in software marketing. We mean something specific.
An operating system, in the original computing sense, does three things that no individual application can do alone:
- It manages resources across the system. Memory, processes, file handles, network connections — the OS allocates these so applications do not have to fight each other for them. In an accounting firm, the equivalent resources are clients, engagements, staff, documents, deadlines, and regulatory obligations. Most firms today manage these in six separate systems that do not talk to each other. An Accounting OS manages them in one shared data layer.
- It provides a shared data model. Every application in an OS understands the same concept of file or user or process. This is what lets two applications cooperate. In an accounting context, every workflow needs to agree on what a client is, what an engagement is, what a period is. When eight tools each have a different definition, integration becomes the firm's most expensive line item.
- It hosts and orchestrates workflows. A modern OS does not just run programs; it coordinates them. In accounting work, this is the silent infrastructure that lets a document captured on a junior's phone become a journal entry that becomes a VAT line that becomes a filed return — without anyone re-typing anything.
A real Accounting Operating System does all three for the specific resource model of an accounting firm. That is what Foliant-OS is. It is not a “better Caseware” or a “better TaxDome.” It is the substrate the firm runs on, which happens to make Caseware, TaxDome, EmaraTax, ZATCA and Dhareeba unnecessary as separate experiences.
The agentic AI layer underneath
The reason this is buildable in 2026 and not 2020 is what happened to AI over the past three years.
Earlier generations of AI in accounting were narrow. OCR could read an invoice but not decide what to do with it. A machine learning model could flag an anomaly but not investigate it. A chatbot could answer a question but not act on the answer. Each AI capability was a feature inside an application — useful, but one that still required a human to bridge the gap to the next step in the workflow.
Agentic AI is structurally different. An AI agent can reason across documents, decide on next actions, execute multi-step workflows, and explain what it did and why — all within boundaries the firm defines. The shift is from “AI helps with this one task” to “AI orchestrates this entire workflow under supervision.”
In the accounting context, the practical use cases are now concrete and measurable:
USE CASE 01 · DOCUMENT INGESTION
From WhatsApp forward to posted journal — in one workflow.
An agent reads an invoice (whether forwarded via WhatsApp, email, mobile camera, or upload), extracts every field with per-field confidence scoring, verifies the supplier's TRN against the FTA registry in real-time, drafts the journal entry with the correct VAT treatment, and presents it for senior review. Every action — what the agent extracted, what confidence it carried, who reviewed it, what was changed — is written to an immutable audit log. The agent does not silently post anything below a confidence threshold the firm sets.
USE CASE 02 · RECONCILIATION
The exceptions inbox, not the matching grind.
An agent matches bank statement lines to general ledger entries using fuzzy matching with confidence scores, surfaces unmatched items as exceptions, and proposes the GL entries needed to resolve them. What used to take a junior auditor a week now runs overnight. The human role becomes reviewing the agent’s exception inbox — the high-judgement work that was always supposed to be the point.
USE CASE 03 · MULTI-JURISDICTION TAX
One ledger, three regulators, one workflow.
An agent prepares UAE VAT 201 returns, KSA ZATCA Phase 2 e-invoice clearances, and Qatar Dhareeba CIT computations from the same underlying ledger — flagging treatment differences between jurisdictions and asking for senior judgement where the rules genuinely require it. Three regulators, three systems, one orchestrated workflow that a partner can actually review in an hour.
USE CASE 04 · ENGAGEMENT ORCHESTRATION
The work coordinates itself; the partner reviews the result.
An agent tracks which client documents are missing, sends reminders in the client's preferred channel, monitors regulatory calendars, escalates approaching deadlines, and allocates work to staff with available capacity. The agent runs the engagement; the partner runs the judgement.
“AI proposes. Humans decide. Every agent action surfaces with a confidence score and an audit trail. Low-confidence outputs trigger explicit verification flags. Nothing posts silently. This is not just an ethical commitment. It is the only way agentic AI works in a regulated profession.”
Integrating what exists, replacing what should not
Not every existing system in an accounting firm needs to be replaced. Some — the regulatory portals — cannot be. EmaraTax, ZATCA Fatoora, Qatar Dhareeba are owned by their respective tax authorities; they are not going to be replaced by a private vendor. The right architectural answer is to integrate cleanly with them, not to pretend they do not exist.
What should be replaced are the systems that exist only because nothing better was available. Excel as a primary tax-preparation environment. Email as a document-management system. WhatsApp as an engagement-coordination tool. These were never the right tools for the work; they became the work because the right tools did not exist.
Foliant-OS replaces the inappropriate, integrates with the irreplaceable, and orchestrates across both. The connections to EmaraTax, ZATCA, and Dhareeba are native and bidirectional — filings prepared in Foliant-OS flow to the regulator; acknowledgements and notifications flow back. The connections to client systems — Tally, QuickBooks, Xero, Zoho, Microsoft Dynamics — are equally native, so a firm's clients do not have to migrate their accounting just because their accountant did.
Security built in, not bolted on
Accounting firms hold the most sensitive economic data of every business they serve. Trial balances, tax positions, related-party transactions, audit working papers, client TRNs and bank details, the un-redacted commercial reality of an entire portfolio of companies. A breach is not embarrassing. It is existential — for the firm, for its clients, and for the regulatory relationships that took a decade to build.
We did not approach security as a feature checklist to be ticked at the end. We approached it the way our enterprise clients in regulated industries approach it — as the foundation the system rests on, not a layer applied to it afterwards. Foliant-OS is designed around five security commitments that hold from the first day a firm logs in.
SECURITY PILLAR 01 · ENCRYPTION
Encrypted at rest. Encrypted in transit. Encrypted by default.
AES-256 encryption for all data at rest, TLS 1.3 for everything in transit, hardware security module (HSM) backed key management with regular key rotation. There is no “upgrade to the security tier” in Foliant-OS — every firm on the platform, from a three-person practice to a Big 4 affiliate, gets the same encryption baseline. This is not where we charge extra.
SECURITY PILLAR 02 · ISOLATION
Your firm's data is structurally separated from every other firm's.
Multi-tenant by design with logical isolation at the database, application, and access-control layers. A query from Firm A cannot reach Firm B's data — not through a misconfigured permission, not through a bug, not through a side-channel. For Enterprise customers who need it, single-tenant deployment with dedicated infrastructure is available, including air-gapped options for firms working with classified-equivalent client mandates.
SECURITY PILLAR 03 · ACCESS CONTROL
Granular role-based access. Audit-grade logging. No silent privilege.
Role-based access control down to the engagement level — partners see everything they own, managers see what they're assigned, associates see only what they're working on. SSO via SAML and OIDC, optional hardware-key MFA enforcement, IP allow-listing for sensitive operations. Every privileged action — exporting a client file, changing a posted journal, reassigning an engagement — generates an immutable log entry the firm's compliance officer can review.
SECURITY PILLAR 04 · AUDIT TRAIL
Every action — human or agent — is logged, attributable, and reviewable.
This is the one that matters most for a regulated profession. Every document ingested, every journal posted, every reconciliation accepted, every tax return drafted — by either a human or an AI agent — is written to a tamper-evident audit log with the actor, timestamp, evidence used, and confidence score where applicable. When regulators audit a firm using Foliant-OS, the firm can produce a complete, queryable record of what happened, when, who did it, and why. For agentic actions, the agent's reasoning chain is preserved alongside the action itself.
SECURITY PILLAR 05 · SOVEREIGNTY
Your data stays where your law says it should.
All firm and client data hosted within UAE jurisdiction by default, with the option of in-country residency in KSA and Qatar as those regions come online. No cross-border replication without explicit, written customer consent. The firm controls export, deletion, and retention policies — and can produce a complete data export at any time, in standard formats, without our involvement and without restriction. Your data is your data; we are its custodian, not its owner.
Beyond the pillars, the certification and assurance roadmap is also worth being honest about. ISO 27001 certification is in progress. SOC 2 Type II is on the roadmap for 2027. We will not claim either before it is real. In the interim, we are happy to share our security architecture documentation, our penetration testing reports, and our incident response playbooks with any firm evaluating Foliant-OS for serious deployment. The honest position on certification is more credible than the puffed one — and our enterprise clients have always told us they prefer it that way.
There is a broader point here that we want to be direct about. Most SaaS products treat security as a sales objection to manage. We treat it as a precondition of being trusted with the work. The same discipline we apply when deploying LLMs into defense-grade environments — air-gapped data flows, immutable audit trails, explicit human-in-the-loop checkpoints — we apply when deploying agentic workflows into audit-grade environments. The clients we have served for a decade are not the kind who tolerate marketing-grade security. Foliant-OS inherits their standards because we inherited them first.
Why Profecia Links built this
A reasonable question: why is a Dubai · Dublin · Pune enterprise consulting firm shipping a vertical SaaS product?
The honest answer is that Foliant-OS emerged from work we were already doing.
For more than a decade, Profecia Links has been the partner enterprises call when they need to integrate systems that were never designed to talk to each other. We have built middleware integrating Oracle EBS with Manhattan WMS for a major US manufacturer — reducing operational costs while lifting production efficiency by 25%. We built a secure, on-premise LLM-based knowledge management system for a UAE nuclear agency — aggregating data from documents, audio transcripts, official chats and emails into a unified resolution platform, with data security and regulatory compliance that off-the-shelf cloud AI could never deliver. We have implemented Oracle Fusion, Salesforce, ServiceNow, Peoplesoft and EBS at scale across industries that take regulatory compliance seriously.
Across these engagements, a pattern kept recurring. Enterprise customers in regulated industries — financial services, energy, healthcare, government — needed to integrate AI into workflows where the cost of being wrong was very high. They needed orchestration, not just intelligence. They needed governance, not just capability. They needed systems that respected jurisdictional data boundaries, regulatory audit trails, and the irreducible role of human professional judgement.
Foliant-OS is, in many ways, the productised form of what we have learned doing this work. The same architectural principles we apply when integrating ERP systems for global manufacturers, we apply to integrating accounting workflows for professional firms. The same governance discipline we apply when deploying LLMs in defence-grade environments, we apply to deploying AI agents in audit-grade environments.
Three questions for your firm
The Accounting OS as a category is just beginning to take shape. Foliant-OS is one entrant. Others will follow. The category itself — the idea that accounting and audit firms deserve a substrate purpose-built for their work rather than a fragile stack of borrowed tools — is the more important development.
For firms thinking about their own technology roadmap, three questions worth sitting with:
i.
What does our current stack cost us in seams?
Not just the licensing costs of eight or twelve applications, but the human cost of re-typing data across them, the audit risk of inconsistency between systems, the partner capacity consumed by reconciling tools that should have been integrated.
ii.
What does the agentic AI shift mean for our cost structure in 24 months?
The firms that adopt agentic workflows successfully will be operating at materially different per-partner economics. The firms that wait will be competing against them.
iii.
Is our software sovereignty appropriate for the data we hold?
Accounting firms hold the most sensitive economic data of their clients. The questions of where that data resides, who can access it, and which jurisdiction's laws apply to it are no longer theoretical.
iv.
If the answer to any of the above is “we don’t know” — we should talk.
Whether your interest is in Foliant-OS specifically, or in the broader thesis of how to bring agentic AI into your own regulated workflows responsibly, the conversation is one we have been having for some time.
The Accounting OS category is no longer theoretical. The firms quietly adopting it now will set the cost structure their competitors have to match. The firms waiting for the category to be obvious will find that by the time it is, the gap has already opened.
A different kind of software is being built. We would be glad to talk about what it could mean for your firm.
Work with us
Building something real?
Whether you are evaluating Foliant-OS for your accounting practice, or thinking about how agentic AI belongs in your own regulated workflows — we would be glad to talk.
Top comments (0)