An audit trail (also called audit log) is a relevant chronological recording of actions, a set of files, or the destination of a collection of records that represent a sequence of successive activities or events within an operational environment, a procedure or any other process.

This step by step recording of the executed events, or other sets of documents or decisions, can be significant during audits, complaints, and lawsuits, including the uncovering of external and internal frauds.

By formalizing decisive actions, allow to view every occurrence from the moment an event or activity is created or revised, to the final archiving or delivery, if needed.

What is an audit trail in practice ?
Why is it important to set up an audit trail for your business’ processes and decisions?

Ex-post checks and evaluations allow companies to check the correct implementation of systems and make adjustments.

This operational control shows a proactive approach that contributes to fewer errors and complaints, in turn giving comfort to the company’s management.
If the change can be assigned to the user, it facilitates investigations when necessary.

Having audit logs also demonstrates the maturity of the company and its processes.
For many different considerations - customer satisfaction, regulatory compliance, supervisory control, external audits,... - it is essential to be able to justify your company operations and to show that your business ethics and norms are duly followed.

- Financial records but also subsequently KYC profiles, MiFID classifications, AML Risk scorings...
- Screening results with date of search (time stamp)
- Notification of receipt of mail during awareness campaigns
- AML testing
- Proof of 4eyes principles
- IT access and validity
- Accesses to user platforms (in case an employee moves to another department)
- Other kinds of data
What are the different types of audit trail?

How to build an audit trail?
For financial institutions, the old method of safe manual archiving of critical documentation is in decline. Nowadays, tracking methodologies run either through stand-alone data with common desktop utilities or centralised management systems.

By using central workflow tools, it is easier to build these audit trails into a process-driven environment. It also allows you to simplify reporting and perform checks. The use of data and metadata in these processes becomes extremely important.

When using Office Suite applications such as Excel and Access, the possibility to build an audit trail, access rules and use the four-eyes principle exists just like in other digitized environments.

  • 1.

    Automatic save or back-up available;

  • 2.

    Journal sequences (by date and hour);

  • 3.

    Limited access rights;

  • 4.

    Edit or write access ex-post limited several well defined persons (no override abilities);

  • 5.

    exceptional handling report (why was there a request for changing the record); and

  • 6.

    alert to thefinal person in charge if a change occurs (also for corrupted data and failure of the system).

Add your comment

Related articles

How do you conduct business in Russia? Learn about the different kinds of Russian entities and how to conduct KYC on Rus...

KYC Mon 08 January 2018

How is the insurance and reinsurance markets regulated in the EU? Learn about Solvency II, PRIIPS, and KIDs.

Ethics Wed 17 April 2019

Conduct Risk has been the hot topic of the past years. From principles to outcomes, discover how to articulate your busi...

Financial firms Mon 28 May 2018

What is the EU’s Whistleblower Directive? Learn what a whistleblower is and how they are protected with the new Europ...

Financial firms Wed 08 May 2019
Experts in risk management and regulatory compliance

Pideeco is a consultancy firm providing legal services, business solutions, operational assistance and educational material for professionals in the financial industry.

We are based in Brussels and we specialize in regulatory risk compliance services covering the Eurozone.

Pideeco combines professional Regulatory knowledge and technical expertise to safeguard your business’ reputational and operational risk. Our unique customer-centric approach helps us build strategical and legitimate cost-efficient remedies.

Working with us means reaching out to complementary people, allowing for original thinking and innovative vision.

Our Network Learn more about us