.png)
An audit trail is a process intended to capture specific information created through the process that a transaction follows. Most audit trails will show; the origin of a transaction, the process it has travelled through and the final output.
The existence of an audit trail is widely accepted as an indicator of good internal controls within a business. This is because an audit trail helps a business to support accurate information by identifying incomplete or missing data as well as the added advantage of spotting fraudulent transactions. The information retained is usually stored in the format of an audit log. Capturing information in a user friendly and clear format will make it much easier to trace key points that a transaction has travelled through. It is common for the audit log to list information in chronological order of the input date and time with each transaction having a unique posting code.
With computerised systems they are likely to capture a wealth of additional information such as the period the entry has been posted against, currency and the location of any source documentation among many others. Period postings can help to detect back postings (those posted as a date earlier than the actual date of posting) or manipulation of a transaction.
If a transaction has been entered incorrectly then you can use your audit log to trace the transaction back to its origin and which areas of your financial records have been affected by the posting. This will then allow you to proceed to reverse or correct the entry.
The audit log can be used to spot a variety of anomalies; a posting entered against the incorrect month and year, or where only one part of a double entry has been posted (could be an IT glitch). Perhaps it may help you to resolve a bank reconciliation issue where the incorrect cashbook has been chosen. The simple existence of an audit trail can help deter individuals from carrying out fraudulent transactions as the presence of a trail increases the likelihood of being caught.
Controlling who can amend an original transaction also demonstrates good business practice. More sophisticated systems can also provide an escalation or warning notification to a member of your compliance team. For instance if you have to enter a password into your accounting software in order to overdraw your client balance, this could send a message to the COFA to advise them of this action.