Table of Contents
Fetching ...

Audit Trails for Accountability in Large Language Models

Victor Ojewale, Harini Suresh, Suresh Venkatasubramanian

TL;DR

The paper tackles the accountability gap in large language model deployments by proposing LLM audit trails, a tamper-evident, context-rich ledger that links technical provenance with governance records across the lifecycle. It introduces a three-layer architecture (Capture, Store, Use) and a lightweight, emitter-based framework that can interoperate across organizational boundaries, along with a practical PoC Python library (llm-audit-trail) to demonstrate feasibility with minimal integration. Key contributions include a lifecycle framework specifying log content and governance rationales, a reference architecture emphasizing immutability and cross-organizational traceability, and an open-source implementation illustrating end-to-end capture, storage, and auditor workflows. The work discusses limitations, scalability considerations, and policy implications, arguing that audit trails can transform governance from aspirational to operational, enabling regulators and practitioners to verify deployment histories and accountability pathways.

Abstract

Large language models (LLMs) are increasingly embedded in consequential decisions across healthcare, finance, employment, and public services. Yet accountability remains fragile because process transparency is rarely recorded in a durable and reviewable form. We propose LLM audit trails as a sociotechnical mechanism for continuous accountability. An audit trail is a chronological, tamper-evident, context-rich ledger of lifecycle events and decisions that links technical provenance (models, data, training and evaluation runs, deployments, monitoring) with governance records (approvals, waivers, and attestations), so organizations can reconstruct what changed, when, and who authorized it. This paper contributes: (1) a lifecycle framework that specifies event types, required metadata, and governance rationales; (2) a reference architecture with lightweight emitters, append only audit stores, and an auditor interface supporting cross organizational traceability; and (3) a reusable, open-source Python implementation that instantiates this audit layer in LLM workflows with minimal integration effort. We conclude by discussing limitations and directions for adoption.

Audit Trails for Accountability in Large Language Models

TL;DR

The paper tackles the accountability gap in large language model deployments by proposing LLM audit trails, a tamper-evident, context-rich ledger that links technical provenance with governance records across the lifecycle. It introduces a three-layer architecture (Capture, Store, Use) and a lightweight, emitter-based framework that can interoperate across organizational boundaries, along with a practical PoC Python library (llm-audit-trail) to demonstrate feasibility with minimal integration. Key contributions include a lifecycle framework specifying log content and governance rationales, a reference architecture emphasizing immutability and cross-organizational traceability, and an open-source implementation illustrating end-to-end capture, storage, and auditor workflows. The work discusses limitations, scalability considerations, and policy implications, arguing that audit trails can transform governance from aspirational to operational, enabling regulators and practitioners to verify deployment histories and accountability pathways.

Abstract

Large language models (LLMs) are increasingly embedded in consequential decisions across healthcare, finance, employment, and public services. Yet accountability remains fragile because process transparency is rarely recorded in a durable and reviewable form. We propose LLM audit trails as a sociotechnical mechanism for continuous accountability. An audit trail is a chronological, tamper-evident, context-rich ledger of lifecycle events and decisions that links technical provenance (models, data, training and evaluation runs, deployments, monitoring) with governance records (approvals, waivers, and attestations), so organizations can reconstruct what changed, when, and who authorized it. This paper contributes: (1) a lifecycle framework that specifies event types, required metadata, and governance rationales; (2) a reference architecture with lightweight emitters, append only audit stores, and an auditor interface supporting cross organizational traceability; and (3) a reusable, open-source Python implementation that instantiates this audit layer in LLM workflows with minimal integration effort. We conclude by discussing limitations and directions for adoption.
Paper Structure (40 sections, 4 figures)

This paper contains 40 sections, 4 figures.

Figures (4)

  • Figure 1: Proposed System Architecture for Audit trails as a reusable layer.
  • Figure 2: Minimal integration: attaching the audit trail callback in a Hugging Face training script.
  • Figure 3: Recording an approval decision via the governance CLI.
  • Figure 4: Example Python code for verifying the integrity of an audit log by replaying the hash chain.