Audit Trail
Append-only history of every consent event, reconstructable to any date. Current-state booleans in an editable CRM are not an audit trail.
The question that decides TCPA disputes is rarely "is this number opted in now?" It is "what was this number's consent state on March 14th two years ago, and how do you know?" An audit trail is the system that can answer.
A defensible trail records: the original consent event (language shown, checkbox state, timestamp, IP, session evidence), every subsequent state change (re-consents, preference changes), every revocation with its source (STOP reply, support request), and every message-relevant access or export. Entries are append-only — corrections are new entries, never edits.
Why CRM fields fail: a boolean column shows current state with no history, is writable by any integration, and its change log (if any) lives in the same mutable system. Carriers' audit requests and plaintiffs' discovery both target exactly this weakness.
Frequently asked questions
Related glossary terms
A consent record is the stored evidence package for a single opt-in event: the consumer's identifier, the exact disclosure shown, the affirmative act, attribution data, and integrity protection that proves the record was not altered.
Consent proof is the evidentiary record that a recipient explicitly opted in to SMS — typically a timestamped, IP-logged, hash-locked record of what the user saw and when they consented.
A consent management platform (CMP) is software that captures, stores, and proves consumer consent. SMS-grade CMPs go beyond cookie banners: they produce per-recipient, litigation-ready evidence of TCPA consent.