An audit trail (also called audit log) is a relevant chronological recording of actions, a set of files, or the destination of a collection of records that represent a sequence of successive activities or events within an operational environment, a procedure or any other process.

This step by step recording of the executed events, or other sets of documents or decisions, can be significant during audits, complaints, and lawsuits, including the uncovering of external and internal frauds.

By formalizing decisive actions, allow to view every occurrence from the moment an event or activity is created or revised, to the final archiving or delivery, if needed.


What is an audit trail in practice ?
Why is it important to set up an audit trail for your business’ processes and decisions?

Ex-post checks and evaluations allow companies to check the correct implementation of systems and make adjustments.

This operational control shows a proactive approach that contributes to fewer errors and complaints, in turn giving comfort to the company’s management.
If the change can be assigned to the user, it facilitates investigations when necessary.

Having audit logs also demonstrates the maturity of the company and its processes.
For many different considerations - customer satisfaction, regulatory compliance, supervisory control, external audits,... - it is essential to be able to justify your company operations and to show that your business ethics and norms are duly followed.


- Financial records but also subsequently KYC profiles, MiFID classifications, AML Risk scorings...
- Screening results with date of search (time stamp)
- Notification of receipt of mail during awareness campaigns
- AML testing
- Proof of 4eyes principles
- IT access and validity
- Accesses to user platforms (in case an employee moves to another department)
- Other kinds of data
What are the different types of audit trail?



How to build an audit trail?
For financial institutions, the old method of safe manual archiving of critical documentation is in decline. Nowadays, tracking methodologies run either through stand-alone data with common desktop utilities or centralised management systems.

By using central workflow tools, it is easier to build these audit trails into a process-driven environment. It also allows you to simplify reporting and perform checks. The use of data and metadata in these processes becomes extremely important.

When using Office Suite applications such as Excel and Access, the possibility to build an audit trail, access rules and use the four-eyes principle exists just like in other digitized environments.



  • 1.

    Automatic save or back-up available;

  • 2.

    Journal sequences (by date and hour);

  • 3.

    Limited access rights;

  • 4.

    Edit or write access ex-post limited several well defined persons (no override abilities);

  • 5.

    exceptional handling report (why was there a request for changing the record); and

  • 6.

    alert to thefinal person in charge if a change occurs (also for corrupted data and failure of the system).

0 comments
Add your comment

Related articles

What are the impacts of the recent regulatory introduction of Anti Money Laundering (AML) EU directives 2015/849 and 201...

KYC Mon 28 August 2017

Regulatory Requirements & Compliance Risk: A big concern for banking and financial institutions. Learn about the impacts...

Financial Institutions Tue 23 April 2019

Why do most AML programs in banks fail? Learn how compliance culture, training of staff, transaction monitoring systems,...

AML Mon 15 March 2021

MiFID was created with the objective of harmonizing Europe‘s financial landscape. Learn how the Directive changed the ...

MiFID2 Sat 27 May 2017
Experts in risk management and regulatory compliance

Pideeco is a consultancy firm providing legal services, business solutions, operational assistance and educational material for professionals in the financial industry.

We are based in Brussels and we specialize in regulatory risk compliance services covering the Eurozone.

Pideeco combines professional Regulatory knowledge and technical expertise to safeguard your business’ reputational and operational risk. Our unique customer-centric approach helps us build strategical and legitimate cost-efficient remedies.

Working with us means reaching out to complementary people, allowing for original thinking and innovative vision.

Our Network Learn more about us