Audit & Evidence Layer
Every Decision Logged. Every Clause Cited. Every Transformation Traceable.
CedeOS generates an immutable audit trail as a natural output of validation — not a post-hoc reconstruction. When the external auditor asks, the answer is one click. Not one week.
Auditor query: "Trace CSM figure on Line 47 back to the original policy."
POL-4492 · Motor Commercial · USD 12,400 premium
USD 12,400 → KES 1,612,000 · CBK rate 130.00 · Art.7.1
KES 1,612,000 × 30% = KES 483,600 · Art.4.2 · 99.9%
PASS · Art.4.2 satisfied · Aggregate: KES 47.2M / 50M
USD 3,717 → CSM +USD 3,717 · IFRS 17 B119 · correction event
The Condition
The auditor asked one question. It took your team three weeks.
“Trace the CSM figure on line 47 back to the original policy.”
Your chief actuary opens the shared drive. There are fourteen versions of the Q2 reconciliation file. Three people touched it. The column that held the intermediate calculation was deleted in version 6 — "to save space." The policy reference is in a different spreadsheet, on a different server, maintained by a different team.
Three weeks later, the answer is "we believe it is correct, but we cannot demonstrate the full chain." The auditor notes this in the management letter. The CFO reads it. The board reads it.
Under IFRS 17, this is not an operational inconvenience. It is a control deficiency — and it escalates.
Without CedeOS
Auditor asks for CSM trace (Line 47)
"Trace this figure back to source policy."
Search begins — shared drive
14 versions of Q2_recon.xlsx · 3 people touched it
Column deleted in version 6
"We saved space." Intermediate step gone.
3 weeks later
"We believe it is correct, but cannot demonstrate the full chain."
Management letter finding
Control deficiency noted. CFO reads it. Board reads it.
3 weeks · cannot demonstrate · escalates
With CedeOS
Auditor asks for CSM trace (Line 47)
"Trace this figure back to source policy."
One query — 0.4 seconds
POL-4492 → Currency → Cession → Validation → CSM
5 steps shown
Each step: input, output, rule, clause, timestamp, confidence
Hash chain verified
a3f7c2...9e1b · Chain: VALID · Tamper: NONE
Export PDF — same day
Audit-ready package delivered. No finding raised.
1 click · complete chain · zero finding
The Cost
Three consequences of an unreconstructable process.
Prior period restatement risk.
Under IFRS 17, the CFO signs financial statements derived from bordereaux data. If the external auditor identifies an error affecting prior periods — and you cannot demonstrate the transformation chain — a prior period restatement is required. The CFO signs it personally.
IFRS 17 effective Jan 2023 — personal CFO liability for restatements
Management letter findings that compound.
Year one: "We note the bordereaux process lacks a formal audit trail." Year two: the same finding, escalated. Year three: material weakness classification. Each year, the remediation conversation grows more expensive.
Management letter findings escalate annually if unresolved
Dispute evidence that does not exist.
A reinsurer disputes KES 4M in aggregate retention breach. You believe the treaty responded correctly. But you cannot produce the calculation chain — the inputs, the steps, the clause. Without evidence, a valid position becomes an unsupported claim.
40-60% recovery without evidence · 100% with documented chain
The Standard
What an auditable reinsurance process looks like.
Every transformation logged
External auditor answer
Retention period
Evidence chain for disputes
The Evidence Chain
Every step. Every input. Every output. Every rule that governed the transformation.
CedeOS does not log "what changed." It logs WHY it changed — the governing rule, the treaty clause, and the confidence score that produced each decision.
| Field | Description |
|---|---|
| timestamp | ISO 8601. Millisecond precision. |
| transformation_type | ingestion | normalisation | validation | compliance | reporting |
| input_value | The value before transformation. |
| output_value | The value after transformation. |
| governing_rule | The rule that triggered the change. |
| treaty_clause | Specific clause reference (e.g. §4.2). |
| confidence_score | AI confidence for this decision (0-1). |
| source_policy | Original policy reference number. |
| operator | System (automatic) or user (manual). |
| decision_reasoning | Natural language explanation of why this was applied. |
| hash | SHA-256 hash. Tamper-evident. Immutable. |
Every record is hashed and chained. If any record is modified after creation, the chain breaks. The tamper is detectable. This is not a database log. It is an evidence chain.
Use Cases
Built for the three conversations that matter most.
External Audit
The auditor asks: "Trace this CSM figure to source."
One click. The complete chain — from source policy, through every normalisation step, every validation decision, to the final CSM figure. Every step shows the governing rule.
Zero management letter findings on bordereaux traceability.
Reinsurer Dispute
The reinsurer disputes the aggregate figure. They claim the treaty did not respond.
Every claims batch that contributed — timestamped, with the treaty clause that triggered the response, the accumulation at each step, and the threshold crossing event. Exportable as PDF.
Dispute resolved on evidence. Full recovery. No 40-60 cent compromise.
Regulatory Examination
The regulator examines your reinsurance arrangements. They ask for evidence of correct treaty application.
Per-treaty validation log showing every bordereaux row, the clause applied, the validation result, and any corrections. 7-year retention. Exportable in the required format.
Examination satisfied from archived evidence. No reconstruction required.
Architecture
Immutable by design. Not by policy.
The audit trail is not a feature bolted onto a database. It is an architectural property of how CedeOS processes data. Every transformation generates an evidence record as a side-effect — not as a separate logging step.
Append-Only Storage
Records written once. Never updated. Never deleted. New records reference previous state.
SHA-256 Hash Chain
Every record hashed. Each hash includes the previous. Chain breakage = tamper detection.
7-Year Retention
Aligned with IFRS 17 audit cycle and regulatory examination timelines across all 8 frameworks.
In-Region Storage
Audit records stored in the same region as the data. Africa: af-south-1. Gulf: me-central-1.
One-Click Export
Any chain exportable as PDF, JSON, or CSV. Per-policy, per-treaty, per-quarter, or per-submission.
Decision Reasoning
Every AI decision includes natural language reasoning. Which rule triggered it. Confidence level. No black box.
Each record's hash includes the previous hash. Modify any record — the chain breaks. Tamper is detectable instantly.
Input
PREM_AMT: 563
Output
gross_premium: 563
Governing Rule
Column mapping 98.7%
Input
gross_premium: 563 USD
Output
gross_premium_kes: 73,190
Governing Rule
CBK rate 14-Oct: 130.00
Input
cession: 30%
Output
cession: 35% (corrected)
Governing Rule
Art.3 Medical: 35% required
Input
delta: KES 3,660
Output
CSM adjustment: +KES 3,660
Governing Rule
IFRS 17 B119 — correction event
4 records · append-only · SHA-256 · 7-year retention · af-south-1
Compliance
Every regulator requires an audit trail. CedeOS produces it automatically.
IFRS 17
Requires: CSM traceability to source policy
CedeOS: Complete chain logged automatically from ingestion
IRA Kenya
Requires: Quarterly submission audit documentation
CedeOS: Per-submission evidence package exportable
NAICOM
Requires: Proof of correct cession rate application
CedeOS: Row-level validation logged with treaty clause citation
POPIA
Requires: Data processing audit trail
CedeOS: Every transformation logged within South African region
SAMA
Requires: In-country processing evidence
CedeOS: Evidence stored in me-central-1 with processing proof
DIFC
Requires: Reinsurance arrangement documentation
CedeOS: Per-placement evidence chain with clause-level detail
Projected Outcome
What audit-readiness produces.
External audit response time
vs. 3 weeks manual baseline
Management letter findings on traceability
vs. annual escalation
Transformation coverage
vs. spot-check only
Disputes lost on evidence grounds
vs. 40-60 cent compromise
Based on complete audit trail generation as automatic output of validation processing. Manual baseline from insurer interviews across African and Asian markets. Pilot validation in progress.
The Path
Audit-ready from the first bordereaux processed.
The audit trail is not a module you activate later. It generates from the moment your first file is ingested. There is no "pre-audit-trail" period.
Day 0
Technical Brief
Audit trail architecture, hash chain methodology, retention policy, and export formats. Everything your CTO and external auditor need to evaluate.
Week 1
Pilot Assessment
Submit one quarter of data. We return a sample audit trail: every transformation logged, every clause cited, every decision explained.
Week 2
Live Demo
Your data. Your treaty. Your auditor's question answered in one click — live. We trace any figure back to source policy.
Week 4
Production
First quarterly close with full audit trail active. Every transformation from day one logged, hashed, and exportable.
Get started
The next time the auditor asks, have the answer in one click.
Start with the technical brief. See the evidence chain on your own data. Your external auditor will thank you at year-end.