Trust & Security

What Is an Audit Trail in Notarization?

Andrew Ray Yon, MBA, ChFC Published July 15, 2026 Updated July 16, 2026

An audit trail in notarization is the record proving a notarization happened and how. For in-person acts, that's the notary's sequential journal. For remote online notarization, it also includes the recorded audio-video session and electronic records — a far more detailed, tamper-evident trail than paper alone.

What is an audit trail in notarization?

An audit trail is the record that proves a notarization took place and how it was performed — who appeared, when, how they were identified, and which notarial act was completed. If a signature is ever disputed, the audit trail is the evidence that answers those questions. A white paper published through the National Association of Secretaries of State (NASS) puts it plainly: “An audit trail is a chronological and detailed list of the most important actions that occur in the signing session and includes the date and time that those actions are performed.”

“Audit trail” carries two related meanings in notarization, and it helps to pin them down. In the broad sense, it is every record the law requires of a notarial act — the notary’s journal above all. In the narrower, technical sense used by remote online notarization (RON) platforms, it is the timestamped event log a platform generates during an online signing session. This article covers both, because a disputed document will be judged on the whole trail: journal, event log, identity checks, recording, and the sealed electronic document together.

For centuries the record was the notary’s journal alone. Remote online notarization — first authorized by Virginia in 2012, per the same NASS-published paper — keeps the journal and layers a recorded video session, identity-verification logs, and tamper-evident electronic records on top of it, producing a far more detailed history of the signing.

The traditional audit trail: the notary journal

In-person notarization is documented in a sequential journal — a bound logbook the notary fills in as each act is performed. State law governs both the journal and what goes in it. California Government Code § 8206 is explicit: a notary shall keep “one active sequential journal at a time, of all official acts,” and the journal must be kept in “a locked and secured area, under the direct and exclusive control of the notary.”

That “exclusive control” requirement is what makes a paper journal an audit trail rather than a note. No employer, client, or third party is supposed to touch it, so each entry stands as the notary’s own chronological, tamper-resistant record of the work.

Under § 8206(a)(2), each California journal entry captures:

  1. The date, time, and type of each official act (for example, an acknowledgment, where the signer acknowledges signing, or a jurat, where the signer swears the contents are true and signs in front of the notary).
  2. The character of the instrument sworn to, affirmed, acknowledged, or proved (for example, a deed of trust).
  3. The signature of each person whose signature is being notarized.
  4. A statement that identity was established on satisfactory evidence — including, where credible witnesses are used, their identifying documents.
  5. The fee charged for the notarial service.
  6. For documents affecting real property or powers of attorney, the signer’s thumbprint (or other fingerprint if a thumbprint is unavailable).

The thumbprint rule is worth pausing on. For the two document categories where forgery does the most damage — real-estate instruments and powers of attorney — California’s journal demands biometric evidence that a specific person physically appeared. That is the paper world’s strongest audit-trail entry, and it shows what every audit trail is ultimately for: tying a disputed signature back to a real, identifiable person at a specific moment.

Not every state matches California’s detail, and a few states make the journal optional rather than mandatory. The principle travels, though: where a journal is kept, it is the in-person notarization’s audit trail, and its evidentiary value depends on the same things — sequential entries, contemporaneous recording, and the notary’s exclusive control. Montana, for example, requires that a journal entry “must be made contemporaneously with performance of the notarial act” (Mont. Code Ann. § 1-5-618(3)) — an after-the-fact reconstruction is not a trail.

The online audit trail: recorded session plus electronic records

Remote online notarization produces everything the journal does, then adds far more. Because the notary and signer are not in the same room — the signer appears on live video instead — the law compensates by capturing the whole session. Florida’s online-notarization statute requires the online notary to “record the two-way audio-video conference session between the notary public and the principal and any witnesses” (Fla. Stat. § 117.265(2)).

Florida’s statute also shows how the identity layers of the trail are built. Under § 117.265(4), when the signer is not personally known to the notary, identity must be confirmed by all three of: remote presentation of a government-issued identification credential, credential analysis of that credential, and identity proofing of the principal — typically knowledge-based authentication. Each step generates its own record.

The result is a multi-layered trail. A remote online notarization audit trail can include:

  • The electronic journal entry for the act
  • The recorded audio-video session of the entire notarization
  • Logs of the identity checks — credential analysis of the government ID and a knowledge-based-authentication quiz
  • The platform’s event log — every action in the session, timestamped
  • The tamper-evident electronic document and the electronic notarial certificate

Those identity layers are what let a notary confirm a remote signer is who they claim to be. If you want the mechanics, see how the ID document is verified in our explainer on credential analysis and how the record-based quiz works in knowledge-based authentication. Both leave their own entries in the trail. A broader walkthrough of the process lives on our remote online notarization page.

The trail is not only stored for later — the notary uses it live. As the NASS-published paper describes the sequence, once the signer completes the identity steps, “the notary is provided with the results of the KBA and credential analysis and the images of the signer’s ID,” compares them to the person appearing on live video, and proceeds only on satisfactory evidence of identity. The audit trail therefore records a decision the notary actually made on that evidence, not a checkbox filled in afterward — which is exactly the property that makes it persuasive if the notarization is later challenged.

Several states also require the electronic journal itself to be stored in a fraud-resistant format. Montana mandates that an electronic journal “must be in a permanent, tamper-evident electronic format,” and that an online act’s journal record “reference the storage location of the audiovisual recording” — tying the video to the log entry so the two can never be separated.

What a RON platform’s audit log actually records

The platform event log is the part of the trail most people mean when they say “audit trail” about an online notarization, and at least one state has regulated its contents directly. Missouri’s audit-trail rule, 15 CSR 30-110.080, requires the log to document, for each event, “the action performed (e.g. addition of an electronic signature), the date/time of its performance (e.g., Coordinated Universal Time, 2018-08-21 01:14:22 UTC), the name of the party performing the action (e.g. John Doe), and the IP address of the party performing the action.” The same regulation requires that “each document completed as part of a RON should be electronically signed and rendered Tamper-Evident.”

Read as a table, Missouri’s four required data points map onto the questions any dispute will ask:

Logged data point (15 CSR 30-110.080)Question it answers in a dispute
Action performedWhat happened — signature added, document viewed, seal applied
Date/time in Coordinated Universal TimeWhen it happened, to the second, in one unambiguous time zone
Name of the party performing the actionWho did it — signer, notary, or witness
IP address of the partyWhere from — the network location of that participant

A typical platform log strings dozens of these events together across the life of one notarization: the session being created, the signer consenting to sign electronically, identity checks passing or failing, each page viewed, each signature and initial applied, the notary’s seal and digital certificate attached, and the completed document downloaded. The paper journal has no equivalent — a journal entry summarizes the act in one line, while the event log reconstructs it moment by moment.

Two layers of this log matter for verification. The session-level record covers the whole appointment: who joined, when, and what identity checks ran. The document-level record travels with each notarized file — once the notarization completes, the document is sealed with a digital certificate so that any later modification is detectable. That sealing is what “tamper-evident” means in practice: the trail does not physically prevent someone from altering a copy of the document, but it guarantees the alteration is provable, because the changed file no longer matches its certificate.

In-person vs. online audit trail compared

In-person notarizationRemote online notarization
Journal recordYes — sequential paper journalYes — electronic, tamper-evident
Video of the actNoYes — full session recorded
Identity-check recordsID type and number noted in journalCredential analysis + KBA logged
Event-by-event logNo — one summary entry per actYes — timestamped actions, names, IP addresses
Biometric evidenceThumbprint in some states (e.g., California, for deeds and POAs)Signer’s face and voice on the recording
Tamper-evidencePhysical journal under notary controlDigital certificate seals the document; alterations detectable
Where it’s governedState notary journal lawState RON statute + rules

Neither trail is inherently “the real one.” A properly kept paper journal is a valid audit trail; the online version simply captures more of the moment. Note the distinction that runs underneath the table: remote online notarization is legally valid in all 50 states as a consumer service, but notary commissioning is per-state, and a handful of states have not yet authorized their own notaries to perform it. The rules that shape your audit trail come from the notary’s commissioning state.

How long are notarization records kept?

Retention rules are set by each state and differ, and they usually cover both the recording and the journal. Montana law is a concrete example: a notarial officer “shall retain an audiovisual recording for 10 years from the date of the recording” (§ 1-5-618(1)(d)(i)), and separately a notary “shall retain a journal for 10 years after the performance of the last notarial act chronicled in the journal” (§ 1-5-618(9)(a)). Other states set their own periods, and many require records to be transferred to a state-approved repository if a notary’s commission ends.

Two practical consequences follow from retention law. First, the audit trail outlives the transaction — a mortgage signed today can still be verified against its session recording years from now, long after memories of the signing have faded. Second, the retention clock and the storage rules follow the notary’s commissioning state, not the signer’s location, so the period that applies to your document depends on where the notary is commissioned. The exact period a given platform applies is a platform-and-jurisdiction question, not a single national number.

How to verify a notarized document using its audit trail

A relying party — a bank, title company, court, or records office — can work through the trail in a defined order. If you have been handed an online-notarized document and need to confirm it is genuine:

  1. Check the digital certificate on the document. An online-notarized document is sealed when the session completes. Open the file in a PDF reader that displays signature panels; a valid, unbroken certificate confirms the document has not been altered since notarization. A broken seal is the trail’s first alarm.
  2. Read the notarial certificate block. It identifies the notary, the commissioning state, the commission expiration, and the type of act performed — an acknowledgment or a jurat.
  3. Request the audit trail from the platform. The event log shows when the session occurred, who participated, and which identity checks were passed.
  4. Confirm the notary’s commission with the state. Every state’s commissioning authority (usually the Secretary of State) maintains a lookup of active notaries.
  5. If the stakes justify it, ask about the recording and journal. State law determines who may obtain a copy of the audio-video recording or a journal line item; the request typically goes through the notary, the platform, or the commissioning authority under that state’s rules.

The order matters because each step is cheaper than the one after it. Most verification ends at step 1 or 2; the recording exists precisely for the rare dispute that reaches step 5.

Federal law removes the threshold objection. Under the ESIGN Act, a signature, contract, or record “may not be denied legal effect, validity, or enforceability solely because it is in electronic form” (15 U.S.C. § 7001). The electronic journal, the event log, and the sealed electronic document cannot be dismissed just for being digital — the same principle that separates an electronic signature from a wet-ink one, which we unpack in electronic vs. wet signatures.

State law supplies the specifics. Journal contents, recording mandates, and retention periods all come from each state’s notary statute and administrative rules — the California, Florida, Montana, and Missouri provisions cited above are each one state’s answer. Many states drew their frameworks from the Revised Uniform Law on Notarial Acts (RULONA), the Uniform Law Commission’s model act, which is why journal and recording requirements look similar across much of the country while never being identical.

No federal statute governs notarization audit trails today. The SECURE Notarization Act (S.1212), which would establish nationwide minimum standards for remote online notarization — including recording requirements — has been introduced in Congress but has not been enacted. Until that changes, the notary’s commissioning state remains the authority on what the trail must contain and how long it must survive.

Why the audit trail is a feature, not fine print

A stronger record protects everyone in the transaction — the signer, the notary, and the bank, title company, or court that later relies on the document. The NASS-published white paper cites a National Notary Association finding that 30% of notaries public in traditional notarization settings have faced pressure to ignore or break state laws; a recorded session removes the room for that pressure to operate, because everything the notary does is preserved. The same recording protects the signer: if anyone later claims you did not sign, or signed under duress, the video answers the claim directly.

The trail also protects against the quieter failure mode: honest mistakes. A missing journal field, a mis-dated certificate, an identity check skipped under time pressure — in a paper-only world these surface years later with no way to reconstruct what happened. An event log timestamped to the second, with every identity check recorded, makes the act reconstructable.

That is why the record is not buried in the terms of service. See exactly how these records are stored and protected on our security and privacy page, and read the wider commitments — from data handling to notary standards — on our trust and compliance overview.

Frequently asked questions

What is an audit trail in notarization?

It is the documented record of a notarial act: who signed, when, how they were identified, and which notarial act was performed. Traditionally this lives in the notary's journal. In remote online notarization it expands to include the recorded video session, the platform's event log, and the electronic records tied to the notarization.

Do notaries have to keep a journal?

Requirements vary by state. California Government Code § 8206, for example, requires a notary to keep 'one active sequential journal at a time, of all official acts,' stored in 'a locked and secured area, under the direct and exclusive control of the notary.' The journal is the core of the in-person audit trail.

What does a remote online notarization record?

Beyond the journal entry, remote online notarization records the two-way audio-video conference session between the notary and the signer. Florida Statute § 117.265 requires the online notary to 'record the two-way audio-video conference session between the notary public and the principal and any witnesses.' That recording, plus the electronic documents and the identity-check logs, forms the audit trail.

What does a notary journal entry have to contain?

State law sets the fields. California Government Code § 8206(a)(2) requires the date, time, and type of each official act, the character of the instrument, the signature of each person whose signature is being notarized, a statement that identity was based on satisfactory evidence, the fee charged, and — for deeds and powers of attorney — the signer's thumbprint. Montana law separately requires each journal entry to be made contemporaneously with the notarial act.

What information is in a RON platform audit log?

Missouri's audit-trail regulation, 15 CSR 30-110.080, spells out the minimum for each logged event: the action performed, the date and time of its performance in Coordinated Universal Time, the name of the party performing the action, and the IP address of the party performing the action. Missouri also requires each completed document to be electronically signed and rendered tamper-evident.

How long is the audio-video recording kept?

Retention periods are set by state law and vary. Montana, for instance, requires a notarial officer to 'retain an audiovisual recording for 10 years from the date of the recording,' and requires the journal itself to be retained for 10 years after the last act it chronicles. Check the rules of the notary's commissioning state for the period that applies to your notarization.

Is there a federal law governing notarization audit trails?

Not yet. Notarization records are governed by state law. The federal SECURE Notarization Act (S.1212), which would set nationwide minimum standards for remote online notarization, has been introduced in Congress but has not been enacted. Federal ESIGN law does, however, protect the legal effect of the electronic records in the trail.

Is a remote online notarization audit trail more secure than a paper journal?

It captures more. A paper journal logs the act; remote online notarization adds a recorded session, credential-analysis and knowledge-based-authentication logs, a timestamped platform event log, and a tamper-evident electronic record. Several states, including Montana, require the electronic journal to be kept in a 'permanent, tamper-evident electronic format.'

Need a document notarized online?

Connect with a commissioned notary in minutes — $25 per document, all 50 states.

AY

About the author

Andrew Ray Yon, MBA, ChFC

CEO & Founder, USA Notary Services LLC

Andrew Ray Yon is the founder and CEO of USA Notary Services LLC and the architect of the SharpNote remote online notarization platform. A Certified Notary Signing Agent since 2005, he has handled mortgage and title loan signings for two decades and holds an MBA and the ChFC (Chartered Financial Consultant) designation. Based in Virginia’s Greater Richmond region, he leads the company’s strategy, compliance, and platform development.

Connect on LinkedIn