EY Withdraws Report After Researchers Spot AI Hallucinations

A lot of accounting firms spent the last two years telling clients to “embrace AI responsibly.” Then one of the world’s largest professional services firms published a report with phantom citations, fake footnotes, broken links, and a McKinsey study that apparently exists only in the multiverse. That is a rough look. EY Canada recently withdrew a cybersecurity report titled Points of Attack: Uncovering Cyber Threats and Fraud in Loyalty Systems after researchers from GPTZero flagged what appeared to be multiple AI hallucinations throughout the document. The report had been used to market EY’s cybersecurity advisory capabilities. Instead, it became a case study in why human review still matters, especially when credibility is the actual product being sold.

For accounting, audit, tax, and advisory professionals, this story is bigger than one pulled report. It cuts straight into a growing tension inside firms: everybody wants AI speed, fewer people want AI verification, and somewhere in the middle sits reputational risk wearing steel-toe boots.

So… who checked the footnotes?

According to public reporting and GPTZero’s analysis, the EY report included fabricated citations, broken hyperlinks, misattributed data, and references to a McKinsey report that researchers could not find because it apparently never existed. One particularly awkward detail involved conflicting statistics around the loyalty rewards market. At one point, the report estimated the size of the loyalty industry at roughly $200 billion. Elsewhere, it claimed the value of unredeemed loyalty points was also about $200 billion. Same number, different concepts. That kind of thing tends to raise eyebrows in finance circles pretty quickly. Researchers also identified multiple footnotes linking to webpages that either did not exist or did not support the claims being cited.

EY removed the report from its website and stated it was “reviewing the circumstances” surrounding publication. The firm also clarified the report was not tied to client work, an important distinction because client-facing deliverables introduce a completely different level of exposure and liability. Still, the incident landed with the force of a bad PCAOB inspection comment. In professional services, trust is the inventory. Once questions emerge around source validation, readers naturally start asking what else slipped through the cracks.

Is AI helping research?

Deloitte reportedly corrected a Canadian government-related report last year after fake academic citations surfaced. Sullivan & Cromwell recently apologized to a New York court after filings contained incorrect legal citations and misquoted bankruptcy law. Across industries, AI-generated drafting is creating a strange new workflow where professionals save time producing content, then spend even more time verifying whether the content accidentally invented reality. Cybersecurity firms are seeing the same pattern. Bug bounty programs, where ethical hackers report software vulnerabilities for rewards, are reportedly drowning in AI-generated submissions. Some companies have paused programs altogether because researchers are submitting endless low-quality AI-assisted reports that require manual review.

Daniel Stenberg, creator of the Curl software project, described the flood of submissions as “never-ending slop.” Honestly, plenty of compliance teams probably muttered the same thing during busy season while reviewing AI-assisted memos. That phrase matters because it highlights the economic problem AI is quietly creating inside professional services. AI drastically lowers the cost of producing content. It does not lower the cost of validating it. In many cases, verification becomes more expensive because reviewers now have to distinguish between real authority and fabricated authority. That is a nasty little accounting problem hiding inside the AI productivity narrative.

Did the profession accidentally skip internal controls?

Accounting firms spend enormous amounts of time helping clients build control frameworks. Segregation of duties. Documentation review. Approval chains. Audit trails. Source testing. Evidence standards. Now many firms are trying to bolt generative AI onto workflows without building equally mature review controls around it. That is where this EY situation hits close to home for finance and audit professionals. The issue was not simply “AI made mistakes.” AI always makes mistakes. The issue was the apparent breakdown in editorial controls that should have caught them before publication.

Think about the checklist most CPA firms already use during tax or audit engagements:

• Verify supporting documentation.
• Confirm external references.
• Reconcile numbers across schedules.
• Trace figures back to original sources.
• Review for consistency and reasonableness.
• Document approvals.

None of those ideas are revolutionary. They are basic professional disciplines. Yet the public reporting around the EY report suggests several of those safeguards either failed or never fully happened. It is almost ironic. Firms advising clients on governance and risk management are now discovering they need governance and risk management for their own AI systems.

What happens when “draft mode” becomes publish mode?

Inside many accounting and consulting firms, AI tools already assist with research summaries, presentation drafts, client emails, policy comparisons, internal memos, and marketing thought leadership. That ship sailed months ago. The real question now is operational: where exactly does human accountability sit in the workflow? Because here is the uncomfortable truth. AI hallucinations do not always look ridiculous. Sometimes they look polished, corporate, and perfectly formatted. Fake citations often resemble real citations. A fabricated statistic placed beside several legitimate ones can slide through a rushed review process faster than people want to admit.

That becomes especially dangerous in advisory environments where authority matters. A cybersecurity report with nonexistent sources creates obvious reputational problems. But imagine similar issues appearing inside valuation analyses, tax position memos, ESG disclosures, or due diligence reports. Suddenly, this is not just embarrassing. It becomes a litigation and regulatory issue. Nobody manually checks every source link. Weeks later, a client relies on inaccurate information. Now everybody is having a very bad Tuesday. That scenario no longer feels theoretical.

So, where does this leave firms using AI?

Probably in a more realistic place.

AI remains useful. Firms are not abandoning it, and they should not. EY itself reported significant growth in AI-related revenue and extensive internal AI deployment efforts. Firms see legitimate value in automation, research acceleration, workflow efficiency, and document drafting. The problem is not AI adoption. The problem is pretending AI-generated content deserves automatic trust because it sounds confident. The EY incident reinforces a simpler reality: AI can support professional judgment, but it cannot replace professional accountability. That means firms likely need stronger publication controls, clearer AI-review standards, mandatory citation verification, documented approval processes, and better training around hallucination risks. Not because regulators demanded it yet, but because clients eventually will.