Solutions / Audit Trail & Evidence
Make every AML decision traceable
Connect screening proof, case activity, reviewer rationale, attachments, and outcomes so compliance teams can answer what happened, when, and why.
06/16/26, 10:23 · marcos pla
review outcome: empty → YELLOW06/16/26, 10:00 · system_monitoring
case status and source evidence linked06/14/26, 11:09 · marcos pla
potential match decision recordedAudit readiness
Keep proof close to the decision
Audit evidence is strongest when it is created as the work happens. Checklynx links screening runs, case updates, hit reviews, notes, attachments, and report artifacts into a history that compliance, QA, and audit teams can inspect later without rebuilding the story from screenshots.
Retain durable screening evidence showing the customer, run, time, screening profile, executed sources, trigger origin, review status, and outcome category.
Capture critical actions with actor, timestamp, action type, target, changed fields, version, and lightweight references back to the case, hit, report, or document record.
Attach case proof, notes, rationale, and report artifacts to the operational record so audit review starts from connected evidence instead of scattered exports.
Evidence journey
From event to audit record
Each important screening or case event keeps the business record readable while pointing back to the richer evidence needed for review. The audit trail shows the action; the underlying case, hit, screening, or document record carries the full operational context.
| Stage | Evidence captured | Review outcome |
|---|---|---|
| Screening run | Customer ID, run ID, occurred time, screening profile, executed sources, review status, trigger origin | The team can prove the check happened and which control set ran. |
| Outcome event | Case target, actor, timestamp, action, field changes, version, and status movement | Reviewers can see who changed the case and what changed. |
| Hit decision | Case reference, hit status, review mode, rationale, reviewer, and timestamps | Potential matches are tied to clear analyst decisions. |
| Evidence attachment | Case attachment, note attachment, action proof, file metadata, hash, uploader, and status | Supporting documents stay linked to the review record. |
| Report artifact | Report ID, report type, case summary, reviewed hits, rationale, evidence, and timeline | Governance teams can export or inspect the case package. |
| Downstream handoff | Webhook events | Other systems can stay aligned with the compliance record. |
Audit operations
Answer audit questions faster
The goal is not to overload an audit table with every raw payload. The goal is a clean chronology that shows the action and points to the exact domain record where the supporting evidence lives.
Recent events and case timelines show action names, actors, timestamps, targets, changed fields, and status movement in a format teams can review quickly.
Audit entries keep references and counters lightweight, while review attempts, source runs, case hits, cases, attachments, and reports retain the richer payloads.
Zero-hit and suppressed-only screening runs can keep compact proof, while actionable hits, adverse outcomes, and compliance-required cases retain deeper evidence.
Attachments and report artifacts collect the notes, rationale, source context, and timeline needed for QA, management review, or regulator questions.
| Trigger | Handoff | Business outcome |
|---|---|---|
| Auditor asks what changed | Timeline and recent-events view | Show actor, time, action, target, and field movement. |
| Auditor asks what was checked | Screening report record | Show customer, profile, sources, trigger, status, and outcome. |
| Auditor asks why it was closed | Case, hit review, rationale, attachments | Show the decision packet instead of reconstructing it. |
| System needs the outcome | Webhook handoff | Keep operational records synchronized with compliance events. |
What makes the evidence audit-ready?
Evidence is captured as part of the workflow, not assembled after the fact. Screening runs, source context, case activity, hit decisions, reviewer rationale, attachments, timestamps, profile versions, and report artifacts stay linked to the operational record that produced the decision.
Why not store every raw payload in the audit log?
A useful audit trail should be readable. Checklynx keeps audit events focused on who did what, when, and to which record, while the deeper operational context remains in linked screening, case, hit, document, or report records. That keeps the trail searchable without losing the evidence behind it.
How does this help during audits or partner reviews?
Teams can answer the questions reviewers usually ask: what was checked, which sources were used, who reviewed the result, what changed, why the case was closed, and which evidence supported the outcome. The goal is to reduce last-minute evidence gathering and make decisions easier to explain.