REFERENCE · §3 · LAST REVIEWED 2026-04-27
ACF §3 — Audit Trail
An agent audit trail is a tamper-evident, immutable record of every agent invocation — including the principal, prompt, tools called, model version, parameters, output, and downstream actions — preserved for the period required by the firm’s applicable regulations and queryable for incident reconstruction.
Traditional audit trails capture human decisions and the systems that executed them. Agent audit trails must capture the model invocation as an additional layer: which model version, which prompt, which tools were available, which were called, what was returned, and what side-effects propagated. SEC Rule 17a-4, MiFID II Article 16, and DORA all imply but do not yet specify the granularity. The framework section gives the floor: enough detail to answer "what did the agent do, why, on whose authority, and what changed downstream" for any single action within seconds.
Regulatory anchors
- SEC 17a-4
- MiFID II Art. 16
- DORA Art. 11
- EU AI Act Art. 12
- GDPR Art. 22(3)
- NIST AI RMF Measure 3.3
What this covers
- Model invocation logging: model name, version, parameters, prompt hash
- Tool call provenance: which tool, with what inputs, what output
- Principal-agent attribution preserved per action
- Tamper-evidence: cryptographic chaining or write-once storage
- Retention period mapped to applicable rules (5-7 years typical)
Common gaps
- Logs the prompt but not the tool-call return values — incident reconstruction is impossible
- Logs are application-level only — model version and parameters not captured
- No tamper-evidence — logs are mutable database rows
- Retention policy assumes "we’ll delete after 1 year" without checking sectoral rules
Related sections
- §1 — Identity & Authorisation
Who or what is permitted to take action; how authorisation flows to agents and is revoked.
- §4 — Reversibility
Capability to unwind agent-mediated actions within a defined window.
- §12 — Incident Response
When the agent does the wrong thing — runbook, regulator notification, customer remediation.
- §10 — Data Governance
Training data, prompt caching, retention, and the regulator-facing posture for each.
Take action
Score your firm's readiness across all twelve dimensions with the Agent Compliance Scorecard →
Reference compiled by Sebastian Heine. Editorial perspective at The SHeine Brief.