Skip to main content

    REIGN · SPINE · AUDIT LEDGER (CAVR)

    Audit Ledger (CAVR).

    Continuous Audit, Validation & Reporting. The contemporaneous record of every AI and agent decision.

    Continuous Operational Assurance for Enterprise AI. Audit Ledger is the engine behind Outcome validation and Residual risk and trust scoring. Tamper-evident records by construction.

    When a regulator asks what your AI system did and who can prove it, "we think so" is not an answer. Most teams reconstruct AI evidence after the fact — slowly, partially, and under pressure.

    Reign Audit Ledger (Continuous Audit, Validation & Reporting) makes that reconstruction unnecessary. It produces a tamper-evident record of every model decision, every agent action, and every data exchange — as a byproduct of operating, not a separate project. Evidence is collected continuously and mapped to the frameworks you are actually examined against: SR 26-2, OSFI E-23, the EU AI Act, NIST AI RMF, ISO 42001, and FINOS AIGF. When an examination comes, an Assurance Pack assembles from the ledger — filtered by framework, date range, system, or business unit — in minutes.

    The outcome: the regulator's question is one you have already answered, by construction, every time you operate. Audit-ready becomes a steady state rather than a quarterly fire drill.

    The problem

    Audit-grade evidence is not a logging problem

    Application logs were not designed to satisfy regulators. They are scattered, mutable, and do not capture the things an audit cares about. What model version was running, which policy applied, who approved an override, and what input produced what decision. Audit Ledger (CAVR) is built for that question, by construction, at the runtime layer.

    • Audit trails for AI decisions are scattered across application logs, MLOps platforms, and ad-hoc spreadsheets.
    • Regulators expect a single, contemporaneous record of every model and agent decision. Not reconstructed forensics.
    • When the question is “what did the system do, who approved it, what was the model version, and what was the input?”, evidence assembly often takes weeks.
    • Tampering, gaps, and after-the-fact edits in conventional logs disqualify them as legal-grade evidence.
    What it does

    Audit Ledger (CAVR) provides

    Tamper-evident records

    Contemporaneous audit records for every AI and agent decision. Model interactions, policy actions, tool calls, human overrides.

    Continuous capture

    Records are captured at the point of decision, in line with the runtime. Not assembled retroactively.

    Human oversight log

    Every override, escalation, and approval is recorded with timestamp, identity, and justification. Article 14 / SR 26-2 fluent.

    Submission-ready export

    Records flow into Assurance Packs as the underlying evidence layer for regulator-ready submission packages.

    How it integrates with the rest of Reign

    The contemporaneous record under the rest of the Spine

    AI Gateway emits decision events at runtime. Every AI call, every policy action, every human override. Model Risk Validation emits change packets. Every model version, every approved change, every drift signal. Audit Ledger (CAVR) is where those records live as tamper-evident evidence. Assurance Packs draw from the ledger to assemble regulator-ready evidence packages.

    Outcomes

    Why customers run Audit Ledger

    Audit-ready by construction

    Evidence is captured at the point of decision, not assembled after the fact.

    Independent attestation

    The ledger is independent of the systems whose decisions it records. Separation of duty by design.

    Submission acceleration

    Regulator-facing evidence assembles from the ledger into Assurance Packs without manual reconstruction.

    The pilot

    What did the system do, and who can prove it?

    Audit Ledger (CAVR) is available by application through the Reign Design Partner Program.

    Request Design Partner AccessTalk to a Reign engineer

    Frequently asked questions

    What does the Audit Ledger record?
    Every model decision, agent action, and data exchange, captured as tamper-evident records at the time they happen.
    Which frameworks does it map to?
    SR 26-2, OSFI E-23, the EU AI Act, NIST AI RMF, ISO 42001, and FINOS AIGF, among others.
    How long does it take to produce evidence for an audit?
    An Assurance Pack assembles from the ledger in minutes, filtered to the framework and scope the examiner cares about.
    Is the evidence defensible?
    Records are tamper-evident by construction, so the integrity of the trail is part of the evidence itself.