← All posts
July 11, 20265 Min ReadRepoOps Team

Who audits your AI bill?

A reported $16.6 million invoice to a free-plan user. An auditing startup says it found $1.7 million in overcharges across $34 million of AI invoices. Metered AI billing is complex and mostly unverified. Here is how independent reconciliation works, and what RepoOps is building.

This week, tech media carried a story that should worry anyone with a company card attached to an AI provider: a Korean developer reportedly received an Anthropic invoice for $1,669,875.90, followed roughly 24 hours later by a second one for $16,627,739.70, a roughly tenfold jump overnight, while his Anthropic usage dashboard showed $0.00 (wccftech, The News International). His bank reportedly declined the charge attempts for exceeding the card's per-transaction limit. No money moved.

Honesty first, because it matters for a story like this: the entire account traces back to a single social media user, Anthropic has not publicly confirmed it, and when we fact-checked the viral thread, the specific claims that the invoice emails verifiably came from Anthropic's own domain did not survive scrutiny. Treat it as an unconfirmed report.

But here is the thing: you should not need to take anyone's word for it, in either direction. The story lands because almost nobody can independently verify what their AI provider bills them. The dashboard says one number, the invoice says another, and the customer has no third ledger to break the tie. That part is not hypothetical at all.

An auditor says it found $1.7 million in overcharges

In late June, the AI spend auditing startup Vaudit reported that since March it had reviewed $34 million in AI spending across 60 companies and identified nearly $1.7 million in mistaken overcharges, with roughly 80% credited back after being challenged (Business Wire). The Information, which broke the story, reported the audited spend was mostly for usage of Anthropic's Claude Code (techstartups coverage).

Vaudit says the errors fall into five recurring patterns:

  1. Model bait-and-switch: billed at premium-model rates while a cheaper or older model actually served the request.
  2. Ghost prompts: requests that returned no output, billed anyway.
  3. Retry storms: autonomous agents silently retrying failed requests into stacks of duplicate charges.
  4. Outage billing: charges accruing while the provider's API was down.
  5. Orchestration double-billing: a cloud platform sending one request to two models and billing for both.

Read those numbers with open eyes. They are Vaudit's own figures, announced days before it launched a product that takes a cut of recovered refunds. Anthropic disputes the patterns: it says it does not charge for incomplete requests or error messages, does not route customers to older models, and sees no sign that overbilling is widespread. OpenAI says it has no evidence of these issues among its customers (techstartups). Both things sit in the same story: the providers deny the patterns, and roughly 80% of the disputed charges were reportedly credited back anyway. That tension is exactly why an independent ledger matters.

The smaller cases look more like yours

Skip the multi-million headline numbers. Public reports on Anthropic's own issue tracker describe the everyday version of this problem:

  • A subscriber describing six contradictory billing emails inside a minute: a credit note, a refund notice, a failed-payment notice, and an invoice for a product he says he never bought (claude-code #51404).
  • A consumer-plan user reporting 29 separate auto-recharge charges totaling $661.08 in nine days, while the app showed usage nowhere near the weekly limit (claude-code #68773).
  • A Max subscriber charged $110.00 with the invoice marked Paid, whose account nonetheless reverted to the Free plan two days later (claude-code #56895).

These are user reports, not adjudicated facts. But they share one shape: the provider's own surfaces disagree with each other, and the customer is the only party with an incentive to notice.

Why metered AI billing goes wrong

AI billing is the most complex metering scheme most companies now pay for. A single Claude request can bill four different token types at four different rates: uncached input, cache writes at roughly 1.25x the input rate, cache reads at roughly 0.1x, and output tokens at a multiple of input. Multiply by model tiers, service tiers, and price revisions. Add agents that retry on failure, orchestration layers and cloud marketplaces that meter independently between you and the provider, and auto-recharge systems that top up in small increments.

Every layer is a place where metering can double-count, misprice, or drift. And almost nobody recomputes the bill, because until recently there was nothing to recompute it against.

The fix is boring: reconciliation

Vaudit's method, per its launch materials, is an SDK inside the customer's environment that captures raw usage at the source and reconciles it against invoices, charge by charge. That is not exotic technology. It is bookkeeping: keep your own ledger, recompute the bill, and flag the difference.

For Claude specifically, the raw material already exists:

  • Your ground truth. Claude Code can emit per-request telemetry (token counts by type, model, cost estimate, and the API request id) via OpenTelemetry, and it writes local session logs with the same token accounting (Anthropic docs).
  • The provider's claim. Anthropic's Admin Usage and Cost API returns token usage sliced by key, workspace, model, and service tier, plus a daily cost report. Anthropic's own documentation lists cost reconciliation as a primary use case (Anthropic docs).
  • The independent recomputation. Token counts times a versioned rate card, per model and token type. This is the third ledger that breaks ties between the other two.

One honest caveat from Anthropic's docs: client-side cost figures are approximations, so a real reconciliation compares recomputed token costs within a tolerance band instead of expecting the numbers to match to the cent. The signal you want is not a few cents of drift. It is a day where billed usage is double your logged usage, a charge for a day your logs show nothing, an invoice that grows 10x overnight, or a bill whose implied per-token price does not match any published rate.

What RepoOps does today, and what comes next

RepoOps already keeps the customer-side ledger this requires. It captures Claude Code telemetry locally across every tracked repo, pulls Anthropic's Admin API cost and usage reports, keeps a versioned per-model rate card, and attributes spend per developer, per repo, and per merged PR.

Billing Guard is the reconciliation layer we are building on top: recompute every day's expected cost from your own token counts, join it against the provider's usage and cost reports, and alert on the error signatures above, including the runaway-invoice pattern that made this week's headline. All local, on your machine, on data you already own.

If you want early access, or you have an AI invoice that does not add up, we want to hear about it. You can read more about the feature on the Billing Guard page.

The lesson of the $16.6 million invoice is not that any one provider is careless. It is that metered AI billing has reached a complexity where unverified trust is an accounting policy. Keep your own ledger.