Skip to content
- As an internal auditor, I want to query any action with full context.
- As an external auditor, I want the evidence package for any loan.
- As a system, I want every state change emitted to the audit log.
GET /audit/events?actor={a}&resource={r}&from={t}&to={t}.GET /loans/{id}/evidence-package.
audit_event (hash-chained), evidence_package.
- Auditor console: search, drill-down.
- Audit service.
- Evidence-package service.
- Audit event emitted for every state change.
- Hash chain validates integrity.
- Evidence package retrievable per loan.
- Search supports actor / resource / time.
- Audit log gap detected.
- Concurrent edits with race.
- Hash-chain integrity verified daily.
- Evidence package for any loan in
< 5 minutes.
- External audit fully supportable.