Every audit field StableAudit captures is mapped to the regulatory standard that requires it. This matrix shows which regulations demand which data points — and how our audit records satisfy them.
Cross-reference audit fields with regulatory requirements. Check marks indicate which regulations demand each data point.
| Audit Field | BSA/AML | FATF Travel Rule | GENIUS Act | ACK Operational | FinCEN |
|---|---|---|---|---|---|
| Transaction Timestamp | ✓ | ✓ | ✓ | ✓ | ✓ |
| Originator DID | ✓ | ✓ | ✓ | ✓ | — |
| Beneficiary DID | ✓ | ✓ | ✓ | ✓ | — |
| Amount & Currency | ✓ | ✓ | ✓ | ✓ | ✓ |
| Settlement Network | — | — | ✓ | ✓ | — |
| Sanctions Screen Result | ✓ | — | ✓ | ✓ | ✓ |
| Jurisdiction Checks | — | ✓ | ✓ | ✓ | — |
| Delegation Chain Depth | — | — | ✓ | ✓ | — |
| Credential Revocation Status | — | — | ✓ | ✓ | — |
| Checkpoint Classification | — | — | — | ✓ | — |
| Evidence Hash | — | — | — | ✓ | — |
| Step Duration (ms) | — | — | — | ✓ | — |
| Correlation ID | ✓ | — | — | ✓ | ✓ |
| Quantum Vulnerability Flag | — | — | ✓ | — | — |
Every compliance step falls into one of three checkpoint types, each producing audit records with different regulatory significance.
Pre-conditions that must pass before the transaction can proceed. Gates produce PASS/FAIL audit records. Steps 1-6 of the compliance pipeline are gates — DID resolution, delegation, capability, jurisdiction, sanctions, revocation.
Concurrent observations that don't halt the pipeline. Monitors produce PASS/WARN audit records. Used for real-time pattern detection and behavioral analysis.
Post-settlement reporting requirements. Obligations produce PASS/WARN audit records. Step 7 (Crypto Health) is an obligation — advisory, not blocking.
Export audit trails in multiple formats to support different compliance workflows and regulatory submission channels.
Raw structured data. Each record includes timestamp, step, checkpoint, result, evidence key-value pairs, regulatory tags, and duration. Ready for ingestion by SIEM systems.
W3C VC format wrapping the full audit trail as a signed credential. The audit itself becomes a verifiable, tamper-evident artifact.
Filtered views by regulation. Export only the fields required by a specific standard (e.g., FATF Travel Rule fields only) for targeted compliance submissions.