Engineering · June 2026 · 8 min read

Why CloudWatch Is Not an Audit Trail (And What MAS Actually Requires)

Every Singapore fintech engineering team that uses AWS has CloudWatch. When compliance asks "do we have logs of our AI credit decisions?" the answer is usually yes, CloudWatch, done. That answer is wrong — completely wrong, in the ways that matter most when MAS comes to inspect.

What CloudWatch actually stores

CloudWatch Logs captures what your application emits. Whatever your code writes to stdout, stderr, or a logging library — that is what CloudWatch holds. It is a log aggregation system, and it is excellent at what it does.

But consider what a typical AI credit decision looks like in CloudWatch:

2025-03-14 09:23:41 INFO  Application APP-00291847 processed. Score: 0.34. Outcome: DECLINED.
2025-03-14 09:23:41 INFO  Model: gpt-4o. Latency: 1247ms.

That is two lines. Maybe four if you log verbosely. That is what most teams have.

Now consider what MAS actually asks for during an inspection under the November 2025 AI Risk Management Guidelines and the FEAT Transparency principle:

  1. The complete input to the model — every field of applicant data, the exact prompt, the policy rules in effect at that moment
  2. The complete output — the full model response, not a summary
  3. The model version — the specific model checkpoint, not just "gpt-4o"
  4. The decision rationale — explainable reasoning tied to the specific applicant
  5. Proof of integrity — evidence the record has not been altered since the moment of decision
  6. Retention for five years — per MAS TRM Guidelines

CloudWatch gives you none of items 1, 2, 4, or 5. It gives you a partial version of 3. And on item 6, most teams have CloudWatch set to 30 or 90 days because the cost of retaining five years of raw logs at that volume is significant.

The three gaps that will end an inspection

Gap 1: You logged a summary, not the record

The full LLM prompt for a credit decision is typically 2,000 to 8,000 tokens. The full response is another 500 to 2,000. Nobody logs that to CloudWatch. The cost is prohibitive, the signal-to-noise ratio is terrible, and standard logging libraries truncate at 256 or 512 bytes anyway.

So what you have is a summary. An outcome. A score. A model name.

A MAS examiner who asks "show me the exact reasoning your model provided for this declined application" cannot be answered with a score and a latency metric. That is not an explanation. That is a number.

Gap 2: CloudWatch has no integrity guarantee

This is the one that surprises people. CloudWatch logs can be modified. An IAM user with appropriate permissions can delete log events, delete log streams, or retroactively alter retention policies. There is no cryptographic chain that would make tampering detectable.

The MAS AI Risk Management Guidelines are explicit about tamper-evidence. An audit trail that can be modified is not an audit trail. It is a log file with an audit-sounding name.

Gap 3: 30-day retention is not 5-year retention

MAS TRM Guidelines require five years of log retention for AI systems in scope. The cost of retaining full CloudWatch logs for five years — uncompressed, unstructured text at production volume — is not trivial. Most engineering teams set 30 or 90 days and move on. Nobody revisits it. Nobody tests what happens at year four when an inspector asks for a decision from 2022.

The answer is: you cannot produce it. The logs are gone.

The core problem "We have CloudWatch logs" and "we have an audit trail" are different statements. Most compliance teams do not know they are different, because nobody has told them.

What "audit trail" actually means under MAS

The FEAT Transparency principle requires that a financial institution be able to explain any AI-driven decision to the affected applicant. The IAC regime means the CCO is personally accountable when that explanation cannot be produced.

The November 2025 AI Risk Management Guidelines add operational requirements: decisions must be logged with enough detail to reconstruct the decision-making process, the logs must be tamper-evident, and they must be retained for the period required by TRM Guidelines.

An audit trail under these requirements has specific properties that CloudWatch does not provide:

CloudWatch is none of these things. It was not designed to be. It is a log aggregation system and it does that job well.

The architecture that actually works

What MAS-compliant AI audit infrastructure looks like in practice:

At the moment of decision — before the response is returned to the caller — the system captures the complete input, the complete output, the model version, the policy version, and the decision outcome. It writes these as a structured record.

That record is SHA-256 hashed and chained to the previous record. The hash of record N includes the hash of record N-1. Any modification to any record in the chain causes every subsequent hash to fail verification. This is the same principle underlying git commits and Bitcoin transactions.

Daily, the chain head is anchored to the Bitcoin blockchain using OpenTimestamps. This creates an externally verifiable timestamp that cannot be backdated. The chain existed before the anchor. The anchor is public and permanent.

The records are stored in immutable append-only storage — S3 Object Lock with compliance mode works well — with retention set to five years or longer.

When a MAS examiner requests documentation for a specific decision, a single API call retrieves the complete record, verifies the hash chain from that record back to genesis, confirms the Bitcoin anchor, and generates a signed Inspection Package PDF. The examiner verifies the chain. The inspection proceeds.

This takes hours, not weeks.

What to do if you are currently using CloudWatch for compliance

First, stop thinking of CloudWatch as your compliance solution. It is your operational logging system. That is a legitimate and important function. Keep using it for what it does well.

Second, recognize that you have a gap. The gap is not optional. MAS FEAT, IAC, and the November 2025 AI Risk Management Guidelines are not a compliance checkbox exercise. They are enforceable requirements with personal liability attached.

Third, close the gap before the inspection notice arrives. Inspection notices do not come with a six-month remediation window. They come with a request for documentation that you either have or do not have.

The honest summary CloudWatch is a good product. It is not an audit trail for AI credit decisions under MAS regulation. The gap between what it provides and what MAS requires is the gap between a log file and a cryptographically verified, tamper-evident, timestamped, five-year-retained, fully queryable decision record. That gap exists at most Singapore fintechs using AI for credit decisions today.

See it working in 20 minutes.

Book a demo and we'll show you a live AI decision being logged, hash-chained, replayed, and packaged for a regulator — against your actual use case.

Book a demo →

No sales deck. Just a live demonstration of the product doing what this article describes.