Existing vertical federated learning (VFL) frameworks lack auditable mechanisms to verify the correctness of inference software executed by data parties, hindering reliability and privacy assurance in cross-institutional collaboration. To address this, we propose VeFIA—the first efficient, zero-latency inference auditing framework tailored for VFL. VeFIA integrates trusted execution environments (TEEs), lightweight randomized sampling verification, distributed collaborative computation, and zero-knowledge consistency checks to enable end-to-end, non-intrusive auditing. Crucially, it requires no modification to existing inference pipelines and introduces no online latency. Under an anomaly rate ≥5.4%, VeFIA achieves a 99.99% anomaly detection probability, with perfect precision (positive predictive value), specificity (negative predictive value), and sensitivity (true positive rate)—all at 100%. This significantly enhances both the trustworthiness and practical deployability of VFL systems.

Vertical Federated Learning (VFL) is a distributed AI software deployment mechanism for cross-silo collaboration without accessing participants' data. However, existing VFL work lacks a mechanism to audit the execution correctness of the inference software of the data party. To address this problem, we design a Vertical Federated Inference Auditing (VeFIA) framework. VeFIA helps the task party to audit whether the data party's inference software is executed as expected during large-scale inference without leaking the data privacy of the data party or introducing additional latency to the inference system. The core of VeFIA is that the task party can use the inference results from a framework with Trusted Execution Environments (TEE) and the coordinator to validate the correctness of the data party's computation results. VeFIA guarantees that, as long as the abnormal inference exceeds 5.4%, the task party can detect execution anomalies in the inference software with a probability of 99.99%, without incurring any additional online inference latency. VeFIA's random sampling validation achieves 100% positive predictive value, negative predictive value, and true positive rate in detecting abnormal inference. To the best of our knowledge, this is the first paper to discuss the correctness of inference software execution in VFL.