Control 3.1: Copilot Interaction Audit Logging (Purview Unified Audit Log)

Control ID: 3.1 Pillar: Compliance & Audit Regulatory Reference: FINRA 4511 (Books and Records), SEC 17a-3/4 (Books and Records), SOX 404 (Internal Controls) Last Verified: 2026-03-22 Governance Levels: Baseline / Recommended / Regulated

Objective

Configure and maintain comprehensive audit logging for all Microsoft 365 Copilot interactions using the Purview Unified Audit Log (UAL), providing a defensible record of Copilot usage that supports compliance with regulatory record-keeping requirements.

Why This Matters for FSI

Every interaction between a user and Microsoft 365 Copilot creates a potential record-keeping obligation under financial services regulations. When an analyst uses Copilot to summarize client portfolio data, when a broker uses Copilot to draft client correspondence, or when a compliance officer uses Copilot to review documents, those interactions may constitute records that must be captured, retained, and made available for regulatory examination.

FINRA Rule 4511 requires member firms to make and preserve books and records as required under FINRA rules, the Securities Exchange Act (SEA), and applicable SEA rules. SEC Rules 17a-3 and 17a-4 specify detailed requirements for creating and retaining records of business activities. SOX Section 404 requires that management assess the effectiveness of internal controls over financial reporting, which extends to AI-assisted financial analysis and document generation.

Without systematic audit logging of Copilot interactions, firms face material gaps in their regulatory record-keeping obligations. The Purview Unified Audit Log provides the native Microsoft capability to capture these interactions, but it requires deliberate configuration and monitoring to meet FSI requirements.

Control Description

This control addresses the end-to-end lifecycle of Copilot audit logging: enabling the Unified Audit Log, understanding the CopilotInteraction event schema, configuring search and export capabilities, setting appropriate retention periods, and integrating audit data with external SIEM and archival systems.

CopilotInteraction Audit Events

Microsoft 365 captures Copilot interactions as CopilotInteraction events in the Unified Audit Log. Each event includes:

Field	Description	FSI Relevance
`CreationDate`	Timestamp of the Copilot interaction	Establishes when the interaction occurred for record-keeping timelines
`UserId`	UPN of the user who invoked Copilot	Identifies the individual for supervisory review and examination response
`Operation`	Type of Copilot activity (e.g., `CopilotInteraction`)	Classifies the nature of the AI-assisted activity
`Workload`	M365 application (Teams, Word, Excel, Outlook, etc.)	Maps to application-specific regulatory requirements
`AppAccessContext`	Details on the Copilot surface used	Identifies whether Microsoft 365 Copilot Chat, in-app, or other Copilot surface was used
`CopilotEventData`	Structured data about the interaction	Contains prompt metadata and referenced content identifiers
`AccessedResources`	Files, emails, or content Copilot referenced	Critical for understanding what data Copilot surfaced during the interaction
`AgentId`	Unique identifier for the Copilot agent invoked	Identifies which agent was used — critical for FINRA Rule 3110 supervisory mapping of agent actions to approved use cases
`AgentName`	Display name of the Copilot agent	Human-readable agent identification for supervisory review and audit trail readability
`XPIA`	Cross-plugin or inter-agent interaction detection	Flags multi-agent orchestration chains requiring full-chain telemetry per FINRA 2026 agentic supervision expectations
`JailbreakDetected`	Boolean indicating whether a jailbreak attempt was detected	Security event requiring immediate escalation per OCC heightened standards and FFIEC incident response expectations
`SensitivityLabelId`	GUID of the sensitivity label applied to accessed content	Enables verification that Copilot respected label-based access boundaries — supports Reg S-P (17 CFR Section 248.30) safeguard compliance

Agent-Specific Audit Record Types

Microsoft has introduced two new RecordTypes for agentic Copilot governance:

AgentAdminActivity — Captures administrative configuration changes to Copilot agents, including creation, modification, deletion, and permission changes. For FSI, this record type provides the change management audit trail required under SOX Section 404 IT general controls. Whenever an authorized administrator creates a new declarative agent or modifies an existing agent's knowledge sources, an AgentAdminActivity event is written to the Unified Audit Log, creating a traceable record of who changed what and when.

AgentSettingsAdminActivity — Captures changes to agent-level settings, including knowledge source changes, instruction modifications, and capability toggles. For FSI, this record type satisfies the supervisory documentation requirement under FINRA Rule 3110(b), which requires that supervisory procedures cover the activities of associated persons — including AI-augmented workflows. When an agent's behavior is modified, the AgentSettingsAdminActivity event creates the contemporaneous record that examiners expect to find when reviewing AI governance practices.

Search for these record types using -RecordType AgentAdminActivity and -RecordType AgentSettingsAdminActivity in Search-UnifiedAuditLog queries (see the PowerShell Setup playbook for search examples).

E5 vs E3 Audit Capabilities and Pay-As-You-Go Billing

Capability	E3 (Standard Audit)	E5 (Audit Premium)	PAYG (Per-Event Billing)
CopilotInteraction events	Yes	Yes	Yes
Default retention	180 days	365 days	Configured per policy
Custom retention policies	No	Up to 10 years	Up to 10 years
High-bandwidth API access	No	Yes	Yes
Intelligent insights	No	Yes	Available
MailItemsAccessed events	No	Yes	Available
Audit search concurrency	Standard	Higher throughput	Higher throughput
Extended retention billing	N/A	Included with E5	$0.01 per event

Pay-As-You-Go Audit Billing: Microsoft now offers a PAYG model for Purview Audit at $0.01 per event for extended retention beyond E3/E5 defaults. This model enables organizations to retain Copilot audit events for multi-year periods without requiring E5 Audit Premium licensing for every user. PAYG billing is particularly relevant for regulated firms that must retain audit records for the six-year period required by SEC Rule 17a-4(a), which mandates that broker-dealers preserve records for a minimum of six years from the date of creation.

PAYG governance controls required for FSI deployments:

Budget caps: Set spending limits in Azure Cost Management to prevent unbounded audit event accumulation during high-activity periods (e.g., regulatory examinations, M&A due diligence)
Spend threshold alerting: Configure alerts when monthly PAYG audit spend exceeds predefined thresholds — recommended at 75% and 95% of monthly budget
Per-workload cost tracking: Tag audit event streams by workload (CopilotInteraction, AgentAdminActivity, AgentSettingsAdminActivity) to attribute retention costs to the appropriate business unit

FSI tier guidance for audit retention:

Tier	Audit Model	Retention Period	Primary Driver
Baseline	E3 Standard Audit	180 days	Operational visibility
Recommended	E5 Audit Premium	365 days + custom policies	FINRA 4511 books-and-records
Regulated	E5 Audit Premium OR PAYG with governance controls	6+ years	SEC Rule 17a-4(a) six-year retention requirement

Audit Log Search Queries

Common search patterns for Copilot audit data:

All Copilot interactions in a date range:

Search-UnifiedAuditLog -StartDate "2026-01-01" -EndDate "2026-01-31" -Operations CopilotInteraction -ResultSize 5000

Copilot interactions by specific user:

Search-UnifiedAuditLog -StartDate "2026-01-01" -EndDate "2026-01-31" -Operations CopilotInteraction -UserIds "user@firm.com" -ResultSize 5000

Copilot interactions filtered by workload:

Search-UnifiedAuditLog -StartDate "2026-01-01" -EndDate "2026-01-31" -Operations CopilotInteraction -ResultSize 5000 | Where-Object { ($_.AuditData | ConvertFrom-Json).Workload -eq "MicrosoftTeams" }

Agent administrative activity (new agent-specific record type):

Search-UnifiedAuditLog -StartDate "2026-01-01" -EndDate "2026-01-31" -RecordType AgentAdminActivity -ResultSize 5000

Agent settings changes:

Search-UnifiedAuditLog -StartDate "2026-01-01" -EndDate "2026-01-31" -RecordType AgentSettingsAdminActivity -ResultSize 5000

Filter by AgentId for specific agent audit trail:

Search-UnifiedAuditLog -StartDate "2026-01-01" -EndDate "2026-01-31" -RecordType AgentAdminActivity -ResultSize 5000 | Where-Object { ($_.AuditData | ConvertFrom-Json).AgentId -eq "your-agent-id" }

Export Copilot audit data to CSV for analysis:

$results = Search-UnifiedAuditLog -StartDate "2026-01-01" -EndDate "2026-01-31" -Operations CopilotInteraction -ResultSize 5000
$results | Select-Object CreationDate, UserIds, Operations, AuditData | Export-Csv -Path "CopilotAudit_Jan2026.csv" -NoTypeInformation

Copilot Surface Coverage

Audit logging applies across all Copilot surfaces within Microsoft 365:

Copilot Surface	Event Captured	Key Audit Data
Microsoft 365 Copilot Chat	CopilotInteraction	User prompt, referenced files/emails/chats, response metadata
Word Copilot	CopilotInteraction	Document context, draft/rewrite/summarize actions, source references
Excel Copilot	CopilotInteraction	Spreadsheet context, formula generation, data analysis actions
PowerPoint Copilot	CopilotInteraction	Presentation context, slide generation, design actions
Outlook Copilot	CopilotInteraction	Email context, draft/reply/summarize actions, recipient information
Teams Copilot	CopilotInteraction	Meeting transcript context, chat summarization, action items
Copilot Pages	CopilotInteraction	Page creation, collaborative editing, content generation
Loop Copilot	CopilotInteraction	Loop component context, collaborative content actions
Copilot Agents (declarative)	AgentAdminActivity, AgentSettingsAdminActivity	Agent configuration changes, knowledge source modifications, capability toggles

Coverage Gaps to Monitor

Copilot response content is not stored verbatim in standard audit events -- the audit log captures metadata about the interaction, not the full text of Copilot responses. For full content retention, configure retention policies (see Control 3.2) and eDiscovery holds (see Control 3.3).
Copilot Pages content is stored in a user-owned SharePoint Embedded container and follows SharePoint/SharePoint Embedded audit, retention, and eDiscovery workflows.
Teams meeting recap content follows Teams message retention policies.
XPIA and JailbreakDetected fields are populated only when the relevant detection event occurs — absence of these fields in an audit record does not indicate a problem; their presence requires investigation.

Governance Levels

Baseline

Verify Unified Audit Log is enabled and actively recording events
Confirm CopilotInteraction events appear in audit log searches — this is the primary RecordType covering all Microsoft-built Copilot surfaces (Word, Excel, PowerPoint, Outlook, Teams, SharePoint, OneDrive, Loop, BizChat, and others)
Verify TeamCopilotInteraction events are captured for Teams meeting AI Notes (AINotesUpdate), Live Notes (LiveNotesUpdate), and in-meeting chat (TeamCopilotMsgInteraction)
Search via the Purview portal: Microsoft Purview portal > Solutions > Audit > New search — use the Activities dropdown to select "Interacted with Copilot" or the Record types dropdown to search "Copilot" and select CopilotInteraction
Confirm via PowerShell: Search-UnifiedAuditLog -RecordType CopilotInteraction -Operations "CopilotInteraction" -ResultSize 5000
Set audit log retention to a minimum of 180 days — note E3/Audit (Standard) default is 90 days; E5/Audit (Premium) provides 365 days by default, extendable to 10 years with the Premium add-on retention policy
Establish a weekly manual review cadence for Copilot audit events
Document the audit log as part of the firm's books-and-records inventory

Upgrade to Audit (Premium) for 365-day default retention (E5 license tier)
Configure custom audit retention policies for Copilot events with a minimum 1-year retention
Automate Copilot audit log exports via the Office 365 Management Activity API to external storage
Integrate Copilot audit events with Microsoft Sentinel or third-party SIEM — note limitation: AgentAdminActivity and AgentSettingsAdminActivity record types are not collected by the M365 Sentinel connector; use the Office 365 Management Activity API or an alternative ingestion method for these events
Establish automated alerting for anomalous Copilot usage patterns (e.g., high-volume data access), leveraging key audit properties: AccessedResources (lists files/emails Copilot accessed, including SensitivityLabelId), Messages.JailbreakDetected (boolean flag), and ModelTransparencyDetails (model name, version, provider)
Create standardized audit search queries and save them for recurring use — include queries for CopilotInteraction, TeamCopilotInteraction, and admin operations (UpdateTenantSettings, CreatePlugin, DeletePlugin, EnablePromptBook)
Configure search queries for AgentAdminActivity (agent publish/deploy/remove/update) and AgentSettingsAdminActivity (tenant-wide Agent 365 settings) record types — retention for these events: up to 180 days (Standard) / 365 days (E5)
Use the Graph API for newer audit queries that support pagination: POST https://graph.microsoft.com/beta/security/auditLog/queries with recordTypeFilters including CopilotInteraction and TeamCopilotInteraction
Enable DSPM for AI as an additional storage layer — captures prompt/response pair content (not just metadata), providing more granular visibility than UAL alone

Regulated

Configure audit retention policies for 6+ years to help meet SEC Rule 17a-4(a) requirements using E5 Audit Premium with 10-year add-on retention or PAYG billing with governance controls
Implement WORM-compliant archival of Copilot audit data in a designated records management system
Establish chain-of-custody documentation for audit data exports used in regulatory responses
Configure high-bandwidth audit API access for large-scale data extraction during examinations
Implement real-time audit event streaming to SIEM for immediate compliance monitoring — supplement the M365 Sentinel connector with Office 365 Management Activity API ingestion for complete coverage of AgentAdminActivity events
Create pre-built examination response packages with Copilot audit data organized by regulatory requirement — include ConnectedAIAppInteraction (Copilot Studio/third-party apps) and AIAppInteraction (third-party SaaS AI apps via PAYG) record types for complete coverage
Conduct quarterly audit log integrity reviews to verify completeness and accuracy
Document audit log coverage gaps and compensating controls in the firm's compliance manual
Establish a JailbreakDetected response procedure — events must be investigated and escalated per the firm's security incident response plan; correlate with XPIADetected (cross-prompt injection) flags in AccessedResources and AISystemPlugin.Id = BingWebSearch (public web access) indicators

Setup & Configuration

Step 1: Verify Unified Audit Log Status

Navigate to Microsoft Purview portal
Go to Audit in the left navigation
Verify the status shows "Recording" -- if not, click Start recording user and admin activity
Note: It may take up to 24 hours for audit events to begin appearing after initial enablement

Step 2: Verify Copilot Events Are Captured

In the Purview Audit search interface, set the date range to the past 7 days
In the Activities filter, search for "Copilot" and select CopilotInteraction
Click Search and verify results appear
If no results appear and Copilot is actively in use, verify licensing and wait 24-48 hours for event pipeline propagation

Step 3: Configure Audit Retention Policies (E5 / Audit Premium)

In Purview, navigate to Audit > Audit retention policies
Click + New audit retention policy
Configure:
- Name: FSI-Copilot-Audit-Retention-6Year
- Description: Retains Copilot interaction audit events for 6 years per SEC 17a-4
- Record type: CopilotInteraction
- Duration: 6 years (or as required by your regulatory obligations)
- Priority: Set higher than default policies
Click Save
Create a second policy for agent record types:
- Name: FSI-Agent-Admin-Audit-Retention-6Year
- Record types: AgentAdminActivity, AgentSettingsAdminActivity
- Duration: 6 years
- Priority: Same as the Copilot interaction policy

Step 4: Configure Management Activity API Export

For automated export of audit data to external systems:

# Register the Management Activity API subscription for Audit.General
$tenantId = "your-tenant-id"
$authToken = "your-oauth-token"

# Start a subscription for Audit.General content (includes CopilotInteraction)
Invoke-RestMethod -Method Post -Uri "https://manage.office.com/api/v1.0/$tenantId/activity/feed/subscriptions/start?contentType=Audit.General" -Headers @{ Authorization = "Bearer $authToken" }

Step 5: Integrate with Microsoft Sentinel (Recommended)

In Microsoft Sentinel, navigate to Data connectors
Enable the Microsoft 365 data connector
Under Configuration, confirm Exchange, SharePoint, and Teams checkboxes are selected (these capture Copilot events from their respective workloads)
Create analytics rules for Copilot-specific alert scenarios (see Control 4.x for Sentinel rule templates)

Financial Sector Considerations

Regulatory Examination Response

When a FINRA or SEC examiner requests records of AI-assisted activities, the Copilot audit log serves as the primary evidence source. Firms should:

Maintain pre-built audit search queries for common examiner requests (e.g., "all Copilot interactions by registered representatives in Q4 2025")
Document the audit log schema and data dictionary for examiner reference
Prepare explanatory materials describing what Copilot audit events represent and their limitations
Test audit data export workflows quarterly to verify they produce examination-ready output
Include AgentId and AgentName in examination packages to demonstrate which agents were used by which users

Cross-Workload Correlation

Copilot interactions often span multiple workloads in a single user workflow (e.g., a user drafts a client letter in Word Copilot, then sends it via Outlook Copilot). Audit analysis should correlate events across workloads using UserId and timestamp proximity to reconstruct complete interaction chains.

Volume Planning

Large FSI deployments may generate significant audit log volume. Plan for:

Storage capacity in archival systems based on estimated Copilot adoption rates
API throughput limits when extracting large volumes of audit data
Search performance considerations when querying multi-year audit datasets
Cost implications of long-term audit data storage in Azure or third-party archival — evaluate PAYG billing vs. E5 Audit Premium licensing based on event volume projections

Data Sovereignty

For firms operating across jurisdictions, verify that audit log data residency aligns with regulatory requirements. Microsoft 365 audit logs are stored in the tenant's primary data location. Firms with multi-geo configurations should verify Copilot audit data residency.

Verification Criteria

#	Verification Step	Expected Outcome	Governance Level
1	Search for CopilotInteraction events in Purview Audit	Events appear within 24-48 hours of Copilot usage	Baseline
2	Verify audit log shows "Recording" status	Status is active	Baseline
3	Export Copilot audit events to CSV	CSV contains valid CopilotInteraction records with expected fields including AgentId/AgentName where applicable	Baseline
4	Verify Audit (Premium) is licensed and enabled	Audit Premium features available in Purview portal	Recommended
5	Confirm custom retention policy is active	6-year retention policy shows "Enabled" status	Regulated
6	Verify Management Activity API subscription is active	API returns CopilotInteraction events in Audit.General content type	Recommended
7	Confirm Sentinel receives Copilot audit events	Copilot events appear in Sentinel logs within expected latency	Recommended
8	Run a mock examination data extraction	Complete audit data export for a specified user/date range within 4 hours	Regulated
9	Verify WORM archival integrity	Archived audit data is immutable and passes integrity verification	Regulated
10	Review audit log completeness report	No gaps in Copilot event capture for licensed users over 30-day sample	Regulated
11	Search for AgentAdminActivity events	Agent configuration change events appear for known agent modifications	Recommended
12	Verify PAYG billing controls (if applicable)	Budget caps and spend alerts are active; monthly spend within approved limits	Regulated

Additional Resources

Microsoft Purview Audit documentation
Audit (Premium) in Microsoft Purview
Search the audit log in Microsoft Purview
Office 365 Management Activity API reference
Microsoft Sentinel data connector for Microsoft 365
Microsoft Open-Source Copilot Analytics Tools - Companion repositories from Analytics Hub for audit export, evidence collection, and downstream reporting
FINRA Rule 4511 (Books and Records)
SEC Rule 17a-3 / 17a-4
Control 3.2 -- Data Retention Policies
Control 3.11 -- Record Keeping and Books-and-Records Compliance
Related Controls: 3.2 Data Retention Policies, 3.11 Record Keeping, 4.5 Usage Analytics, 4.11 Sentinel Integration

FSI Copilot Governance Framework v1.2.1 - March 2026