What Does Examiner-Ready Evidence Actually Look Like

Examiners need timestamped, attributable evidence, not just assertions. Here's what qualifies as examiner-ready evidence and how to capture it systematically.

By Canarie Team·

Compliance officers know the frustration: your team did the work, trained the staff, monitored transactions, reviewed the policies, but when the examiner asks for evidence, what you have doesn't meet the standard. A screenshot without a date. A training record without attendee confirmation. A monitoring summary with no methodology. Doing the work and proving you did the work are separate capabilities, and most compliance findings originate from the gap between the two.

Key Takeaways:

  • Examiner-ready evidence requires three elements: a timestamp, attribution (who performed the action), and the artifact itself
  • Assertions without supporting documentation are not evidence, examiners verify, they don't accept attestations at face value
  • The format matters: examiners expect dated, complete, and organized documentation, not reconstructed after-the-fact summaries
  • Evidence should be captured when the compliance activity occurs, not assembled weeks later during exam preparation

The Three Elements of Examiner-Ready Evidence

Examiners across all federal banking agencies apply a consistent standard when evaluating compliance evidence. Whether the exam covers BSA/AML under the FFIEC BSA/AML Examination Manual, consumer compliance under the FFIEC Consumer Compliance Examination Procedures, or safety and soundness under the FDIC Risk Management Manual, the evidence standard contains three elements:

1. Timestamp

Every piece of evidence must be dated. Not "sometime in Q3", a specific date. The timestamp proves when the activity occurred, which is critical for demonstrating that compliance activities happened within required timeframes.

Examples:

  • Policy review dated March 15, 2026 (not "policy was last reviewed")
  • Training completion recorded on January 22, 2026 (not "annual training was conducted")
  • Transaction monitoring review completed on February 8, 2026 (not "monitoring is performed quarterly")

When an examiner sees a policy with no review date, or a monitoring report with no completion date, they cannot verify timeliness. The work may have been done, but the evidence doesn't prove it.

2. Attribution

Evidence must identify who performed the action. Attribution connects the activity to a responsible party and supports examiner verification.

Examples:

  • "Loan file review conducted by Jane Smith, Compliance Officer", not "loan files were reviewed"
  • "BSA risk assessment prepared by the BSA Department" is insufficient, who specifically prepared it, and who approved it?
  • Training records should show both the instructor/course and the individual attendee completion

Attribution also matters for independence assessments. If the compliance audit was conducted by the same person who runs the compliance program, the evidence of "who" reveals an independence gap.

3. The Artifact

The actual documentation, the report, the completed checklist, the test results, the signed acknowledgment, the system screenshot, the meeting minutes, is the artifact. Assertions are not artifacts. "We monitor for OFAC compliance" is an assertion. A dated OFAC screening log showing hits reviewed and resolved, with dispositions and reviewer names, is an artifact.

The artifact should be complete enough for an examiner to understand what was done without needing to ask follow-up questions. Partial evidence raises more questions than no evidence, it suggests that the full activity may not have occurred.

Evidence Standards by Compliance Area

Different compliance areas have specific evidence expectations. Here's what examiners typically require:

BSA/AML Evidence

Under 31 CFR § 1010.210 and the FFIEC BSA/AML Examination Manual, required evidence includes:

  • CDD/EDD documentation: Customer identification records, beneficial ownership forms (per 31 CFR § 1010.230), risk rating justification, and enhanced due diligence files for higher-risk customers. Each should be dated and show the reviewer who made the risk determination.
  • SAR decision documentation: For every SAR filed, the investigation file showing the suspicious activity identified, the analysis performed, and the filing decision. For transactions reviewed but not filed, documentation of the decision not to file and the reasoning.
  • CTR filing records: Evidence of timely filing (within 15 days per 31 CFR § 1010.311), with reconciliation to source data.
  • OFAC screening results: Evidence that screening occurs at account opening and for applicable transactions, with hit-resolution documentation showing how potential matches were investigated and resolved.
  • Independent testing results: The BSA/AML audit or independent review report, with transaction testing results, findings, and management's response.

Consumer Compliance Evidence

For regulations like TILA (12 CFR Part 1026), RESPA (12 CFR Part 1024), ECOA/Reg B (12 CFR Part 1002), and FCRA:

  • Disclosure delivery evidence: Proof that required disclosures were provided within regulatory timeframes. This might be system-generated delivery confirmations, signed acknowledgments, or email delivery records with timestamps.
  • Adverse action documentation: For lending decisions, evidence that adverse action notices were provided within required timeframes (30 days under ECOA/Reg B) with required content.
  • Monitoring results: Documented reviews of loan files, deposit account disclosures, or advertising materials showing what was reviewed, what was found, and what corrective action was taken.
  • Complaint resolution records: Each complaint tracked from receipt through investigation through resolution, with timeline documentation.

Fair Lending Evidence

Fair lending examinations under the ECOA (12 CFR Part 1002) and the Fair Housing Act require specific evidence:

  • Comparative file analysis results: Documentation showing that similarly situated applicants received consistent treatment regardless of prohibited characteristics
  • Pricing analysis: Evidence that rate and fee decisions are applied consistently, with documented justification for deviations
  • HMDA data analysis: Self-analysis of HMDA data for disparities in approval rates, pricing, or other action taken, by demographic characteristics
  • Exception documentation: For any underwriting or pricing exceptions, documented rationale and evidence that exceptions are applied consistently across demographic groups

See our fair lending exam preparation guide for detailed preparation methodology.

Training Evidence

Across all compliance areas, training evidence must include:

  • Course title and content description (or syllabus)
  • Date of training delivery
  • Instructor or course provider identification
  • Attendee list with individual completion confirmation (not just an attendance sign-in sheet for ongoing courses, completions must be confirmed)
  • For online training: system-generated completion records with scores where applicable
  • Evidence of new-hire training within defined onboarding timeframes

Common Evidence Failures

These are the evidence problems examiners encounter most frequently at community banks:

Retroactive documentation. A compliance monitoring report dated December 2025 but clearly produced in March 2026 for the exam. Examiners look for evidence consistency, a report assembled after the fact often has different formatting, different level of detail, or references to events that occurred after the alleged completion date. This is worse than having no evidence, because it suggests an attempt to manufacture compliance.

Undated artifacts. A policy manual without a review date. Board minutes without a meeting date. A monitoring checklist without a completion date. Without dates, the evidence is useless for proving timeliness.

Aggregate assertions without detail. "Compliance monitoring was conducted quarterly in 2025" without specifying: what was monitored, what the sample size was, what findings resulted, and what corrective actions were taken. Assertions summarize, they don't prove.

Training sign-in sheets as sole evidence. A sign-in sheet proves someone was present. It doesn't prove they completed the training, understood the material, or were tested on key concepts. Combine sign-in sheets with course materials and, where available, assessment results.

Screenshots without context. A screenshot of a system screen showing an OFAC hit means nothing without: the date of the screening, the customer or transaction screened, the hit details, the disposition, and the reviewer. Screenshots need annotation or accompanying documentation to qualify as evidence.

Evidence in email only. "I sent John an email telling him to fix the TILA error" is not evidence of remediation, it's evidence you identified a problem. Evidence of remediation is the corrected disclosure, the system fix that prevents recurrence, and the follow-up review confirming the fix works.

Organizing Evidence for Exam Readiness

The organization of evidence matters almost as much as the evidence itself. Examiners work through exam modules systematically. If your evidence is organized to mirror their workflow, the exam runs faster and the impression of your compliance program is stronger.

By regulation: Group evidence under each applicable regulation (BSA/AML, TILA, RESPA, ECOA, FCRA, etc.). Within each regulation, organize by evidence type: policies, monitoring, training, testing, remediation.

By CMS component: Alternatively, organize evidence by CMS component: board oversight evidence (minutes, reports, approvals), compliance program evidence (monitoring, training, testing), and audit evidence (reports, findings, remediation tracking).

By exam period: All evidence should fall within the review period (typically the period since the last examination). Evidence predating the review period may be useful for context but shouldn't be the primary proof of current compliance.

With an index. Create a document index that maps each piece of evidence to the regulatory requirement or exam module it supports. This saves examiners time and demonstrates that your compliance program is organized deliberately, not assembled ad hoc.

How Canarie Captures Examiner-Ready Evidence Automatically

The fundamental problem with evidence at most community banks isn't quality, it's timing. Evidence captured at the moment compliance work is performed is naturally timestamped, attributed, and contextual. Evidence reconstructed weeks later during exam prep is incomplete, undated, and questionable.

Canarie captures evidence as compliance tasks are completed, linking each artifact to the regulatory obligation it satisfies. When the document request arrives, evidence is already organized, timestamped, and indexed by regulation and exam area.

See how Canarie turns compliance activity into exam-ready evidence →

Frequently Asked Questions

What format should compliance evidence be in: digital or physical?

Either format is acceptable to examiners. Digital evidence is increasingly preferred because it's searchable, timestamped by the system, and easier to organize. If using physical documents, ensure they're dated, signed where appropriate, and organized systematically. Many examiners now request electronic submission of certain documents before the on-site examination. The key is completeness and accessibility, not the specific medium.

How long should we retain compliance evidence?

Retention periods vary by regulation and document type. BSA records generally require five-year retention under 31 CFR § 1010.430. TILA and RESPA disclosures require retention for at least two years after the date of disclosure. The general recommendation is to retain compliance evidence for at least two examination cycles, which for most community banks means 3-4 years minimum. Your institution's record retention policy should specify requirements for each document category.

Can system-generated logs count as compliance evidence?

Yes, system-generated logs are often the strongest form of evidence because they're timestamped automatically, attributed to the system user, and difficult to fabricate after the fact. Examiners accept system logs for activities like OFAC screening, disclosure delivery, transaction monitoring alerts, and training completion. Ensure the system log captures enough context (what was screened, what the result was, what action was taken) to be meaningful on its own.

What if we have evidence of compliance activity but it's incomplete?

Partial evidence is better than no evidence but should be supplemented where possible. If you have training attendance records but not completion confirmations, note the gap and explain what additional documentation you plan to capture going forward. If monitoring was performed but results were communicated verbally rather than documented, reconstruct what you can with a candid notation about the documentation gap. Examiners respond better to honest acknowledgment of gaps than to manufactured completeness.

Topics:Evidence CollectionExam PreparationCommunity Banks

Related Articles

January 7, 2026

FDIC Exam Process for Banks Under $1B in Assets

November 6, 2025

Fair Lending Exam Prep for Community Banks

October 26, 2025

How to Self-Assess Your Bank's Compliance Program Before an Exam

Ready to automate your compliance workflows?

See how Canarie transforms regulatory requirements into executed tasks with built-in evidence capture.

Explore the PlatformTalk to Sales