Capability

An audit trail your
examiner will accept.

From prompt to examiner — one audit chain. Every request, allowed or blocked, is sealed into a tamper-evident, hash-linked record designed to be handed to a regulator, an examiner, or a board — not assembled from screenshots the week before an exam.

Download a sample examination package Request a demo

Tamper-evident

Every request, sealed and hash-linked.

Each event is hashed and chained to the one before it. Change a single record after the fact and the chain breaks — which is exactly what makes it examiner-verifiable rather than merely stored.

Even blocked requests are recorded — the denial is evidence too.
The integrity claim is computed by the proxy in your environment, never delegated.
"Audit logs" become examination-ready evidence: tamper-evident, control-mapped, immutable.

Tamper-evident audit chain

every request sealed & hash-linked — even blocked ones

allowedprev ⌀ → 9f3a1c
redactedprev 9f3a1c → 4b07e2
blockedprev 4b07e2 → 7e02b4

SHA-256 chain · examiner-verifiable

The examination package

What you hand to an examiner.

The audit trail renders into a package built around the examination reflex — the artifacts a financial-services examiner actually asks for.

Model inventory

An SR 11-7-style inventory of every model in use, auto-populated from live traffic.

Control coverage

Which governance controls were active, in shadow or enforce, across the period.

Policy snapshot

The exact policy-as-code in force, versioned and attributable.

Integrity hash

A SHA-256 hash over the chain so an examiner can verify nothing was altered.

Where it lives

Pluggable WORM, honest about scope.

The hash-chained record writes to a write-once, read-many store inside your environment. GCS Bucket Lock with per-customer CMEK ships today; S3 Object Lock is sequenced next.

A local write-ahead buffer keeps capturing through downstream outages.
A 6-year retention floor on Fully Managed production, per FINRA 24-09.
No raw payload crosses the wire to a SaaS aggregator — capture is proxy-side.

Examiner-verifiable

An Integrity Pack lets an examiner verify the chain independently — recompute the hashes, confirm the sequence, and check the record against the policy that produced it. The integrity primitive is the chain itself, so it holds across storage backends.

By the numbers

Designed for the long record.

Retention floor

6yr

Fully Managed production · FINRA 24-09

Chain integrity

SHA-256

Examiner-verifiable hash over the record

Storage

WORM

GCS Bucket Lock + CMEK today · S3 next

Outcomes recorded

100%

Allowed and blocked alike

The record, in context.

Inline policy enforcementEvery enforcement decision is what the audit chain records.FINRA 24-09How the audit trail maps to AI supervision and recordkeeping.Sample examination packageSee the rendered artifact an examiner receives.

Examination package

See exactly what an examiner receives

Model inventory, control coverage, a governance policy snapshot, and a SHA-256 integrity hash — delivered by email.

Get the sample package Request a demo

An audit trail yourexaminer will accept.