AdaptiveCash logs every operational event with actor, timestamp, location and approval context — covering orders, transport, processing, vault, reconciliation and billing — and enforces role separation, dual control on sensitive actions and configurable discrepancy resolution.
Best fit for
- Compliance and internal audit teams
- Regulators and external auditors
- Operations leaders investigating discrepancies
Not the same as
- General IT log aggregation (use SIEM)
- Application-level developer tracing
Logged event catalog
| Domain | Event | Captured fields |
|---|---|---|
| Orders | Customer order created | Customer, amount, currency, requested window, created-by, timestamp |
| Orders | Order approved | Approver, role, timestamp, decision, comment |
| Logistics | Route assigned | Route ID, vehicle, crew, dispatcher, timestamp |
| Logistics | Courier pickup | Stop ID, sealed bag IDs, signatures (2), geolocation, timestamp |
| Logistics | In-transit status change | Route ID, event type, geolocation, timestamp |
| Logistics | Delivery confirmation | Stop ID, recipient ID, signatures, timestamp |
| Processing | Cash center intake | Bag IDs, declared amount, operator, timestamp |
| Processing | Recalculation result | Counted amount, variance, machine ID, operator, supervisor |
| Vault | Vault movement | From/to vault, amount, denomination, required approvers where configured, timestamp |
| Reconciliation | Discrepancy raised | Source event, amount, category, raised-by, status |
| Reconciliation | Discrepancy resolved | Resolver, root cause, decision, evidence references |
| Billing | Invoice generated | Customer, period, line items, generated-by, source-events |
| Documents | Document signed | Document ID, signer ID, signing method, timestamp, hash |
Role matrix
| Role | Order | Route | Pickup | Vault | Discrepancy | Billing |
|---|---|---|---|---|---|---|
| Customer | Create | — | — | — | — | View own |
| Dispatcher | View | Create / assign | View | — | View | — |
| Courier | View assigned | View assigned | Execute | — | Raise | — |
| Cashier | — | — | — | Receive | Raise | — |
| Vault operator | — | — | — | Move / store | Raise | — |
| Supervisor | Approve | Approve route changes | Supervise | Co-sign | Resolve | Review |
| Auditor | Read | Read | Read | Read | Read | Read |
| Finance | Read | — | — | — | Read | Generate / approve |
Approval flows
- Configurable per organization: amount thresholds, route changes, vault movements above limit, discrepancy resolution beyond category
- Approvers chosen by role, hierarchy or named user lists
- Approvals captured as time-stamped events with actor, decision and comment
Dual control
- Mandatory on vault movements above configurable threshold
- Mandatory on counting room handovers and recalculation overrides
- Mandatory on discrepancy resolution that affects financial records
- Both signatures recorded as separate events; neither user can sign for both
Discrepancy handling
- Categorization (shortage, overage, miscount, suspected tampering, IT error)
- Routing per category to the right resolver role
- Evidence attachments (photos, scans, machine logs, video links)
- Outcome posted back to the source operational record and to billing if needed
- Statistics surfaced on SLA and risk dashboards
Reporting and retention
- Pre-built reports per role (compliance, finance, operations)
- Export to CSV/PDF and to data warehouses
- Retention policy configurable per regulator and per event class
- Tamper-evidence controls for critical events require Product and Legal confirmation before public claims
Frequently asked questions
What events does the AdaptiveCash audit trail record?
Operational events across the full cycle - who requested, approved, picked up, transported, processed, stored, reconciled and billed each operation - each with actor, timestamp, location and approval context.
How does dual control work for sensitive actions?
Sensitive steps such as vault movements or discrepancy resolution can require confirmation by a second authorized role, and the audit trail records both identities with the action, supporting separation-of-duties requirements.
Which audit-trail claims need Product and Legal approval?
Any stronger tamper-evidence or record-retention claim needs Product and Legal sign-off before public launch. Current public wording describes audit records as time-stamped event history.
Can the audit trail be exported to our SIEM or data warehouse?
Yes — standard integration patterns include CSV/JSON export and streaming to data warehouses or SIEM ingestion endpoints.
Source context
Public references used to keep this page traceable. Full provenance is available on Sources.