Do you like cookies? 🍪 We use cookies, just to track visits to our website, we store no personal details. By using our site, you acknowledge that you have read and understand our Cookie Policy, Privacy Policy, and our Terms of Service.
An audit trail (also called audit log) is a relevant chronological recording of actions, a set of files, or the destination of a collection of records that represent a sequence of successive activities or events within an operational environment, a procedure or any other process.
This step by step recording of the executed events, or other sets of documents or decisions, can be significant during audits, complaints, and lawsuits, including the uncovering of external and internal frauds.
By formalizing decisive actions, allow to view every occurrence from the moment an event or activity is created or revised, to the final archiving or delivery, if needed.
What is the value of audit trails for financial firms?
Why is it important to set up an audit trail for your business’ processes and decisions?
Ex-post checks and evaluations allow companies to check the correct implementation of systems and make adjustments.
This operational control shows a proactive approach that contributes to fewer errors and complaints, in turn giving comfort to the company’s management.
If the change can be assigned to the user, it facilitates investigations when necessary.
Having audit logs also demonstrates the maturity of the company and its processes.
For many different considerations - customer satisfaction, regulatory compliance, supervisory control, external audits,... - it is essential to be able to justify your company operations and to show that your business ethics and norms are duly followed.
Different types of financial business audit trails
- Financial records but also subsequently KYC profiles, MiFID classifications, AML Risk scorings...
- Screening results with date of search (time stamp)
- Notification of receipt of mail during awareness campaigns
- AML testing
- Proof of 4eyes principles
- IT access and validity
- Accesses to user platforms (in case an employee moves to another department)
- Other kinds of data
How are audit trails achieved in practice?
For financial institutions, the old method of safe manual archiving of critical documentation is in decline. Nowadays, tracking methodologies run either through stand-alone data with common desktop utilities or centralised management systems.
By using central workflow tools, it is easier to build these audit trails into a process-driven environment. It also allows you to simplify reporting and perform checks. The use of data and metadata in these processes becomes extremely important.
When using Office Suite applications such as Excel and Access, the possibility to build an audit trail, access rules and use the four-eyes principle exists just like in other digitized environments.
How to build good audit trails and keep them safe?
1.
Automatic save or back-up available;
2.
Journal sequences (by date and hour);
3.
Limited access rights;
4.
Edit or write access ex-post limited several well defined persons (no override abilities);
5.
exceptional handling report (why was there a request for changing the record); and
6.
alert to thefinal person in charge if a change occurs (also for corrupted data and failure of the system).
What is the Payment Services Directive (PSD2)? Discover the opinion published by the EBA in 2019 on strong customer aut...
Financial firmsTue 10 September 2019
Experts in risk management and regulatory compliance
Pideeco is a consultancy firm providing legal services, business solutions, operational assistance and educational material for professionals in the financial industry.
We are based in Brussels and we specialize in regulatory risk compliance services covering the Eurozone.
Pideeco combines professional Regulatory knowledge and technical expertise to safeguard your business’ reputational and operational risk. Our unique customer-centric approach helps us build strategical and legitimate cost-efficient remedies.
Working with us means reaching out to complementary people, allowing for original thinking and innovative vision.
