Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.clearaml.com.au/llms.txt

Use this file to discover all available pages before exploring further.

ClearAML records every meaningful action taken in your firm’s account to an immutable audit ledger. Every time a user creates or updates a client record, completes a risk assessment, makes an EDD decision, uploads a document, logs in, or triggers a system event, a new entry is written with a timestamp, the actor’s identity, the affected entity, and the IP address and session context. You cannot edit or delete audit log entries — this is by design to satisfy AUSTRAC’s record-keeping and independent review requirements.

What the audit trail records

Each log entry captures the following fields:
FieldDescription
Date / TimeUTC timestamp of the action, displayed in your local timezone
UserFull name, email, and role of the person who triggered the action — or “System” for automated events
Action typeThe type of operation: Create, Update, Delete, View, Verify, Upload, Export, Login, Alert Decision, and more
Entity typeThe object that was affected (e.g. Client, Risk Assessment, EDD Case, AML Program, Training Module)
Client / EntityName or identifier of the specific record, with a direct link to the client profile where applicable
DescriptionA plain-language summary of what changed
RationaleIf the user provided a reason for the action (e.g. a risk override), it is captured verbatim
IP addressThe network address of the request
Session IDA unique identifier for the authenticated session
Data changesBefore and after values for update events, rendered as a structured diff
Logs are retained for 7 years in accordance with AUSTRAC record-keeping requirements. All data is stored in Australian data centres and encrypted at rest and in transit.
Go to Audit Trail in the left sidebar. The page opens with a full-firm log ordered by most recent activity. The table shows 50 records per page. Use the Previous and Next buttons at the bottom of the page to paginate. The page header shows the total number of records matching your current filters. Press / anywhere on the page to jump focus directly to the search input. To view full details for any entry, click View (desktop) or Details (mobile) on the row. A detail panel opens showing the actor, entity, description, rationale, data changes (before/after diff), IP address, session ID, and user agent.

Filter by date, user, entity, and action

The Filters panel at the top of the Audit Trail page lets you narrow results across five dimensions simultaneously:

Date range

Set a Date From and/or Date To using the date pickers. Dates are interpreted in your local timezone. Leave one end blank for an open-ended range.

Entity type

Choose from over 30 entity types including Client, Risk Assessment, EDD Case, AML Program, AUSTRAC ACR Submission, Training Module, Screening Decision, and more.

User

Filter to a specific team member. The dropdown lists all users in your firm. Select All Users to see firm-wide activity.

Action type

Filter by operation: Create, Update, Delete, View, Verify, Upload, Export, Login, Program Generation, Alert Decision, Payment, and System Event.
You can also type a keyword into the search bar to match against the description or rationale text of log entries. Press Enter or click Apply to run the search. Click Reset to clear all active filters.
Combining a date range with an entity type and a specific user is the fastest way to reconstruct a single officer’s activity for a given period — useful when preparing for an independent evaluation.

Audit & monitoring overview

The Compliance Hub also exposes an Audit & Monitoring tab (the second tab on the Compliance Hub page) with a summary view designed for compliance officers:
  • Audit Logs — total number of immutable records stored for your firm
  • Activity (24h) — count of log entries in the rolling 24-hour window
  • Retention — fixed 7-year retention period, with the age of your oldest record shown beneath
Below the stats, the Recent Critical Activity feed surfaces the five most recent high-risk actions: deletions, EDD decisions, risk assessment updates, screening decisions, dismissed reports, and alert decisions. Each entry shows the description, actor, IP address, timestamp, and any rationale provided. The System Coverage panel shows which audit logging points are active across your firm:
  • Active (green) — a log entry for this entity type was recorded within the last 30 days
  • Idle (yellow) — no activity in more than 30 days
  • Never recorded — no entries of this type exist yet
Click View All Logs from the Audit & Monitoring tab to go directly to the full Audit Trail search page.

Export audit logs

To export your current filtered view as a CSV file:
1

Apply your filters

Set any combination of date range, entity type, user, action type, and search text to narrow the export to the records you need.
2

Click Export

Click the Export button in the Filters panel. ClearAML generates a CSV file that matches your active filters exactly — the same records you see on screen.
3

Download the file

The file downloads automatically with the filename Audit_Trail_YYYY-MM-DD.csv. The export respects your local timezone for all timestamps.
Exports are capped at a maximum row limit for performance. If your export is truncated, ClearAML will notify you with the row count. Narrow your date range and export in smaller windows to capture the full dataset.

How the audit trail supports AUSTRAC inspections

When AUSTRAC conducts a supervisory review or your firm undergoes an independent AML/CTF evaluation, auditors will typically ask to see evidence of:
  • Who performed specific actions and when
  • Whether risk decisions were accompanied by a documented rationale
  • Whether your firm’s program and training records are current
The audit trail provides a complete, unedited record for all of these. You can filter to a specific date range, export the results to CSV, and share the file with your evaluator. Because entries are tamper-proof and include IP addresses and session IDs, they meet the evidentiary standard expected by AUSTRAC.
Every create, update, delete, view, verify, upload, export, and login event is logged automatically — you do not need to configure anything. System-generated events (such as automated screening runs and identity verification results) are also captured with an actor of “System”.
Audit trail access is role-gated. Users without sufficient permissions will see a “you don’t have permission to view audit logs” message. Contact your firm’s admin or compliance officer to request access.
No. Audit log entries are written once and cannot be edited, overwritten, or deleted by anyone — including ClearAML administrators. This immutability is what makes the ledger forensically reliable.
All audit logs are retained for 7 years, consistent with AUSTRAC’s record-keeping requirements under the AML/CTF Act.