Compliance record keeping
When a property owner asks whether a subcontractor was ever cleared to work, a vendor disputes an approval decision, or an insurer wants to see your process, you need more than a current status. Every upload, approval, rejection, reminder, and expiration event is captured automatically — timestamped, attributed to who did it, and exportable when you need to show your work.
What it looks like
The audit trail lives directly on each vendor's detail page — no separate report to generate. Every entry shows the actor, what they did, the timestamp, and the outcome. Scroll through the full history or export it as a CSV in one click.
Each vendor has an Audit Trail section on their detail page showing the full compliance history in reverse chronological order. Every entry shows the actor, what they did, the timestamp, and the outcome. Actions are attributed to the team member who took them, the subcontractor who uploaded from the portal, or the system when an event was automated — such as a reminder going out or an expiration being flagged.
The full lifecycle is covered: vendor created, compliance template assigned, request sent, email delivered or failed, vendor opens the portal, document uploaded, security scan result, document approved or rejected with notes, approval reversed, expiration date set, expiration flagged, reminder sent, and both export actions. If something happened to a vendor's compliance record, it is in the timeline.
Version numbers for each document type do not reset between requests. If a vendor submits a Certificate of Insurance, it goes in as v1. You reject it, they resubmit — that is v2. A year later the COI expires and they replace it — that is v3. Every version stays in the history, and every version is included in the ZIP export, organized by document type.
When you reject a document, the reason travels with the event. If the policy period was wrong, your note — "Wrong policy period, please resubmit" — is attached to that entry in the timeline and included in the CSV export. That record persists even after the corrected version is later approved, so the full decision history is always visible.
Exporting evidence
Both exports are triggered from the vendor detail page and scoped to that vendor only — nothing from other vendors comes along.
CSV export
The CSV export contains the complete audit trail: every event in order, with timestamps, actor name and role, event type, outcome, document name, document version, rejection notes, filename, file size, scan result, and the origin of the action. Hand it to an owner, insurer, or risk manager as a ready-to-read compliance history.
ZIP download
The ZIP download packages all files the vendor has ever uploaded, organized by document type and labeled by version — so v1 and v2 of the COI are both in the folder, not just the most recent one. Use it to produce a complete evidence package when an audit requires the actual documents alongside the timeline.
Teams that need to demonstrate compliance due diligence — for owner contract requirements, lender audits, insurance reviews, or internal disputes about vendor status decisions. If someone will ever ask "was that sub cleared when the work happened?", having a timestamped, exportable record is the answer.
The audit trail captures the history behind the status. See how the compliance status dashboard turns that history into a clear ready, expiring, or blocked signal the whole team acts on. The full workflow walkthrough shows how both fit together from first request to ongoing renewal.
If your team faces compliance reviews tied to owner contracts or insurance requirements, see how this fits the construction vendor compliance workflow and the COI tracking workflow.
Try it on live vendors
Create an account, add your vendors, and see the audit trail populate as documents come in. No credit card required. If you want a hand setting up your first vendor workflow, email support@sendtheproof.com.