Engineering Blog · Post #34

Complete Clearance Audit Trail: Every Screening, Decision, and Sign-Off — Ready for DOI Examination

How InsightUW records 11 rule evaluations, 1 issue resolution, and 1 signed acknowledgment for a D&O submission for Pinnacle Financial Holdings — producing a queryable audit trail that a DOI examiner can reconstruct in a single API call 3 years after the clearance decision was made.

The Problem

Regulatory examinations do not happen at the time of the clearance decision. They happen months or years later. And when a Department of Insurance examiner asks "show me how this submission was cleared," the carrier must produce:

Evidence that every required screening was performed. Not just OFAC — duplicate checks, broker conflict checks, moratorium compliance, licensing verification, and every other rule the carrier's corporate clearance policy requires.
Evidence that issues were identified and resolved. If a rule flagged a warning, the examiner needs to see what the warning was, who reviewed it, what action they took, and when.
Evidence of underwriter acknowledgment. The examiner needs proof that the underwriter — not just the system — reviewed and accepted the clearance results before proceeding.
Field-level change tracking. If anything was modified after clearance — an insured name correction, a coverage territory change, a broker reassignment — the examiner needs to see the before and after state with timestamps.

In most organizations, reconstructing this evidence requires pulling data from 4-5 systems, interviewing the underwriter (who may have left the company), and hoping that emails were not deleted. The process takes weeks and produces an incomplete, unreliable record.

The InsightUW Approach

InsightUW records every clearance action as a structured Audit Entry with a timestamp, actor, action type, and detailed metadata. Clearance-specific records include Sanctions Check (retained per OFAC requirements), Clearance Rule Result (per-rule evidence for all 11 rules), and Clearance Acknowledgment (immutable signed attestation). Every record is queryable by submission GUID, policy system number, date range, or action type.

graph TB subgraph Actions["Clearance Actions"] A["11 Rules Evaluated (SAN, DUP, BRK, LOB, etc.)"] B["Issues Identified & Resolved"] C["Underwriter Acknowledgment Signed"] D["Policy System Number Registered"] end subgraph Records["Audit Record Types"] E["Clearance Rule Result Per-rule evidence (11 records)"] F["Sanctions Check Ofac screening detail (retained 5+ years)"] G["Audit Entry Every action with timestamp + actor"] H["Clearance Acknowledgment Immutable attestation (signed, timestamped)"] end subgraph Field Tracking["Field-Level Tracking"] I["Before/After State for Every Field Change"] J["Actor Attribution (User ID + Role)"] K["Change Reason (Required for post-clearance edits)"] end subgraph Query["Audit Query API"] L["GET /audit-trail/{guid} Complete clearance history"] M["Filter by action type date range, actor"] N["Export to PDF/CSV for examiner delivery"] end subgraph Compliance["DOI Examination"] O["Single API Call Returns: All rules + resolutions + acknowledgment + changes"] P["Complete Decision Chain Reconstructed in Seconds"] end A --> E A --> F B --> G C --> H D --> G E --> L F --> L G --> L H --> L I --> L J --> L K --> L L --> M M --> N N --> O O --> P

Clearance Rule Result: Per-Rule Evidence

For every rule evaluated during clearance, InsightUW creates a Clearance Rule Result record. This record captures not just the pass/fail outcome but the complete evidence used to reach that outcome.

A full clearance run produces 11 of these records — one per rule.

Sanctions Check: OFAC-Specific Retention

OFAC regulations require that sanctions screening records be retained for a minimum of 5 years. InsightUW stores Sanctions Check records separately from the general audit trail to ensure they are subject to the appropriate retention policy and cannot be purged during routine data cleanup.

Audit Entry: Action-Level Logging

Every discrete action in the clearance lifecycle is logged as a Audit Entry. The action types specific to clearance include:

Action Type	Description	Triggered By
clearance started	Clearance evaluation initiated	System (auto) or user (manual)
clearance rule evaluated	Individual rule completed evaluation	System
clearance completed	All rules passed; clearance flag set	System
clearance issue identified	Rule flagged a warning or block	System
issue resolved	User resolved a flagged issue	Clearance manager
clearance acknowledged	Underwriter signed attestation	Underwriter
policy system number registered	Policy admin number linked	Operations team
clearance override	Manager overrode a blocked rule	Authorized manager
field changed post clearance	Field modified after clearance	Any user with permission

Each entry includes the actor's user ID, role, timestamp, and a details JSON object with action-specific metadata.

Clearance Acknowledgment: Immutable Attestation

When the underwriter acknowledges clearance results, InsightUW creates an immutable Clearance Acknowledgment record. This record cannot be edited or deleted — it is append-only by design.

The hash field contains a SHA-256 hash of the attestation content, providing tamper evidence. If the record is ever modified (which the system prevents), the hash will not match.

Field-Level Change Tracking

InsightUW tracks field-level changes on the submission record before and after clearance. Every change creates an audit entry with the old value, new value, timestamp, and actor.

Post-clearance changes require a reason field. This ensures that any modification to a cleared submission is documented and defensible.

The Complete Audit Trail for a D&O Submission

Here is the full audit timeline for the Pinnacle Financial Holdings D&O submission:

#	Timestamp	Action	Actor	Detail
1	2026-04-21 11:20:00	clearance started	SYSTEM	11 rules queued for evaluation
2	2026-04-21 11:22:08	clearance rule evaluated	SYSTEM	SAN-001 PASSED — no OFAC matches
3	2026-04-21 11:22:09	clearance rule evaluated	SYSTEM	DUP-001 INFO — fuzzy match "Pinnacle Financial" at 78% (below 85% threshold)
4	2026-04-21 11:22:10	clearance rule evaluated	SYSTEM	BRK-001 PASSED — no broker conflict
5	2026-04-21 11:22:11	clearance rule evaluated	SYSTEM	LOB-001 PASSED — no D&O moratorium
6	2026-04-21 11:22:12	clearance rule evaluated	SYSTEM	LIC-001 PASSED — licensed in NY
7	2026-04-21 11:22:13	clearance rule evaluated	SYSTEM	PRM-001 PASSED — $125K exceeds minimum
8	2026-04-21 11:22:14	clearance rule evaluated	SYSTEM	TER-001 PASSED — territory approved
9	2026-04-21 11:22:15	clearance rule evaluated	SYSTEM	IND-001 PASSED — Financial Services in appetite
10	2026-04-21 11:22:16	clearance rule evaluated	SYSTEM	LOS-001 PASSED — no prior D&O claims
11	2026-04-21 11:22:17	clearance rule evaluated	SYSTEM	REI-001 PASSED — within treaty capacity
12	2026-04-21 11:22:18	clearance rule evaluated	SYSTEM	AGG-001 PASSED — D&O aggregate within limit
13	2026-04-21 11:22:19	clearance issue identified	SYSTEM	DUP-001 flagged INFO: "Pinnacle Financial" at 78% — requires review
14	2026-04-21 11:30:05	issue resolved	thomas.wright	Confirmed not a duplicate — "Pinnacle Financial" is a different entity (Pinnacle Financial Advisors, WC policy)
15	2026-04-21 11:30:06	clearance completed	SYSTEM	All rules passed or resolved. Clearance flag set.
16	2026-04-21 11:35:42	clearance acknowledged	thomas.wright	Attestation signed. 11 rules evaluated, 1 issue resolved.
17	2026-04-21 14:10:00	policy system number registered	ops_team	PAS-SUB-2026-06221 linked
18	2026-04-22 09:15:33	field changed post clearance	thomas.wright	insured_name: "Pinnacle Financial Holdings" → "Pinnacle Financial Holdings Inc."

18 audit entries. Every one queryable. Every one timestamped. Every one attributed to an actor.

The Scenario

Thomas Wright, a Senior D&O Underwriter at Atlantic Mutual, receives a submission for Pinnacle Financial Holdings — a publicly traded financial services company seeking $10M D&O coverage. The submission enters clearance automatically.

The Examination (3 Years Later)

In 2029, a shareholder derivative suit is filed against Pinnacle Financial Holdings. The carrier's legal team needs to reconstruct the clearance decision. The DOI examiner asks: "Show me the complete clearance record for policy admin system submission PAS-SUB-2026-06221."

What the Response Contains

The API returns a single JSON document containing:

11 Clearance Rule Result records — one per rule, each with evidence and rationale
1 Sanctions Check record — OFAC screening detail with SDN list version and search variations
18 Audit Entry records — the complete timeline from clearance start to post-clearance field changes
1 Clearance Acknowledgment record — Thomas Wright's signed attestation with SHA-256 hash
Cross-reference: Every record includes the policy system number PAS-SUB-2026-06221

The examiner has the complete decision chain. No interviews needed. No email searches. No cross-system mapping. The reconstruction takes seconds, not weeks.

What This Means for Underwriters

Every clearance decision is defensible. The 11 rule results, the issue resolution, and the signed attestation create a complete evidence chain. When a regulator asks "how was this cleared?" the answer is a single API call.
OFAC records are retained automatically. The Sanctions Check record is subject to a 5-year minimum retention policy, independent of the general audit trail. Carriers do not need to manage OFAC retention separately.
Immutable attestations cannot be disputed. The Clearance Acknowledgment is append-only and SHA-256 hashed. The underwriter's sign-off is permanent and tamper-evident.
Post-clearance changes are tracked with context. If a field is modified after clearance, the audit trail shows exactly what changed, who changed it, when, and why. No silent modifications.
The audit trail is queryable, not just storable. Records can be filtered by action type, date range, actor, and submission. This is not a log file — it is a structured, indexed database designed for compliance queries.

What's Next

In the next post, we will explore how clearance rules are managed from the platform UI — toggling rules on and off, adjusting thresholds, and scoping rules to specific LOBs, all without code changes.

Ready to make every clearance decision examination-ready from day one? InsightUW's structured audit trail records every screening, decision, and sign-off so that 3 years later, the complete decision chain is one API call away.

Schedule a Compliance Audit Demo →