Audit trails for regulated AI work

Across regulated professions, the question of AI governance is moving from theoretical to contractual. Bar associations in several jurisdictions have issued guidance requiring lawyers to supervise AI output before relying on it in client matters. Accounting standards bodies are examining whether AI-assisted analysis meets the documentation requirements for audit opinions. Architects and engineers face liability frameworks that assume human professional judgment behind every certified drawing or specification.

The common thread is not a ban on AI. It is a requirement for a traceable supervision record. The professional must be able to show, after the fact, that a qualified human reviewed the AI output, exercised judgment, and accepted responsibility for the conclusion. Without that record, the AI-assisted work does not meet the standard the regulator or client expects. It is professional exposure, not just operational risk.

Claude, ChatGPT, Copilot, and their equivalents do not produce audit trails in the sense that regulated professions need. They produce outputs. The conversation history shows what was asked and what was answered. It does not record which part of the output the professional accepted, which part they corrected, what method they applied, or what risk they chose to flag.

For a professional under regulatory review, a chat transcript is not an audit trail. It is a log of prompts and responses. The supervision record, the evidence that a qualified human exercised judgment, is missing. This is not a criticism of the AI tools. It is a structural gap they were not designed to fill.

The Temet audit trail is built around four stages that mirror the professional supervision model: Mission Plan, Agent production, Audit, and Certification.

The Mission Plan records the scope, the constraints, and the method the expert committed to before work began. Agent production is timestamped and separated from the expert's review layer. The Audit records what the expert modified, what they rejected, and what they validated. Certification closes the record with a cryptographic signature: the expert's Ed25519 key signs the final deliverable, creating a non-repudiable timestamp and attribution.

For a regulator or client conducting a post-delivery review, this structure answers the key questions: what was the scope, what did the AI produce, what did the expert change, and who is accountable for the final result.

For a lawyer, the audit trail records the legal analysis the agent drafted, the clauses the lawyer modified, the risk flags the lawyer added, and the final opinion the lawyer signed. If the client later challenges the advice, the lawyer can show exactly what the AI produced and what professional judgment was applied.

For an accountant, the trail records the financial analysis the agent prepared, the figures the accountant verified against source documents, the anomalies the accountant flagged, and the final report the accountant certified. The documentation standard for the audit opinion is met.

For a healthcare consultant, the trail records the clinical guidance the agent drafted, the protocol deviations the expert corrected, the safety flags the expert escalated, and the final recommendation the expert signed. Professional liability is traceable to the supervision record.

For an architect or engineer, the trail records the specification the agent produced, the structural assumptions the professional verified, the load calculations the expert reviewed, and the drawing the professional certified. The certification is backed by evidence, not just a stamp.

The compliance friction in regulated AI adoption is almost always the same: the professional wants the productivity benefit but cannot justify the liability exposure without a supervision record. The audit trail resolves that friction directly.

With a Mission Plan, a captured Audit, and a signed Certification, the professional can use AI assistance on client matters while maintaining the supervision standard their regulator requires. The AI handles Agent production. The expert handles the Audit. The Certified Deliverable is the result. Nothing is delivered without the expert's explicit review and signature.

This is not a workaround. It is the correct model for professional AI adoption in regulated sectors. The A2A Network that routes requests and deliverables is designed so that sensitive work stays local and the supervision chain is never bypassed.