Compliance audits in the Vault
The Vault is where every generated document your HQ account has produced lives, permanently, in one library. Compliance audits are one of four document types that land there. A compliance audit is…
On this page
What this is
The Vault is where every generated document your HQ account has produced lives, permanently, in one library. Compliance audits are one of four document types that land there. A compliance audit is a generated report, delivered as a PDF with a companion XLSX, tied to a specific period, and timestamped the moment it was produced. Once generated, it does not change. That is the whole point: when you need to show a franchisee, your board, outside counsel, or a franchise-relations review exactly what the record said for a given stretch of time, you hand over the document that was generated then, not a live number that could have moved since.
Compliance audits sit alongside three sibling document types in the same library: Discovery Day Packs (Item-19-style disclosure outputs), quarterly reviews (board-ready snapshots), and member cohort reports. All four are generated documents captured with a period, a generation date, and download links, and all four render with the same tile anatomy. Compliance audits get their own row in the Vault so you can go straight to them without scrolling past the other three types.
Note
A compliance-audit document in the Vault is not the same thing as the network audit trail on the Brand Compliance page. The document covered here is a generated snapshot, a PDF (and XLSX, where available) authored at a point in time and then stored, unchanged, forever. Brand Compliance's audit trail is a different, continuously updated feed of individual franchisee compliance events. See Brand Compliance: the network audit trail for that separate feature.
Where to find it
Open Vault from the HQ sidebar at hq.verinode.ai/vault. (The older /documents URL still works and redirects here.) The page header reads Vault, and the whole page is one continuous scroll, not a tabbed surface. If your role has document-generation permission, a Generate report → button sits in the top right; it links to the Discovery Day builder, which is where the report-creation flow actually lives. The Vault itself is a library and an index, not a generator: nothing on this page manually triggers a new compliance audit. Compliance audits are produced by Verinode on their own schedule and simply appear in the library, in the Recent row and in the Compliance audits row, once a new one is ready.
The Vault at a glance
At the top of the page sits a hero panel labeled Generated documents. It shows:
- Headline number: the total count of documents ever generated, across all four types.
- Pill next to it: reads "N new 30d" when at least one document generated in the last 30 days, "Library current" once the library has at least one document but nothing new in that window, or "Nothing yet" before anything has ever been generated.
- Description line: before anything has been generated, this reads "Generated reports land here as Discovery Day Packs, quarterly reviews, compliance audits, and member cohorts ship. PDFs are stored with their period and a link back to the franchisee data they cite." Once at least one document exists, it switches to a running tally, for example "3 Discovery Day Packs · 2 quarterly reviews · last generated 4 days ago."
Below that, three secondary figures break the library down by type: Discovery Day Packs (sub-label "Item-19-style outputs"), Quarterly reviews (sub-label "Board-ready snapshots"), and Compliance audits (sub-label "Audit + cohort artifacts").
The Compliance audits row
Scroll past the hero and the Recent row (the twelve newest documents across all four types, useful for a quick "what just landed" check) to the Compliance audits row. This row is the same underlying document library filtered down to one type, so it behaves exactly the same as every other row on the page, it just shows only compliance audits, most recently generated first.
Each compliance-audit tile carries:
- Label: "Compliance audit."
- Headline: the period the audit covers, shown as a month-to-month range (for example "2026-04 → 2026-06") when the report has a defined period on file, or the generation date on its own (for example "2026-07-01") when it doesn't.
- Sub-line: "PDF + XLSX available" once both files are ready, or "Generation incomplete" if the report record exists but the files haven't finished generating.
- Meta line: "Generated" followed by a relative time, "today," a day count, then a month count the further back it goes.
- Accent color: compliance-audit tiles carry a distinct red accent, the same tone the platform uses elsewhere for items that warrant attention, which visually separates this row from the copper, green, and yellow tones used for the other three document types. It's a visual grouping cue for the row, not a judgment on any individual document's content.
A compliance-audit document can also surface in the Recent row at the same time it appears in Compliance audits, whenever it happens to be among the twelve newest documents of any kind. That is the same document showing up in two places, not a duplicate.
Opening a compliance audit
Click any compliance-audit tile and its PDF opens in a new browser tab. If a PDF isn't available but the XLSX is, the XLSX opens instead. If a tile reads "Generation incomplete," neither file exists yet, and clicking it does nothing until generation finishes and the tile updates on your next visit to the page.
Because the file that opens is the exact document generated on that date for that period, and it is never edited in place, downloading it again next month gets you the same artifact you saw today. If your program's requirements change and you want an updated compliance picture, that shows up as a new compliance audit with a later generation date and a new period, sitting alongside the earlier one rather than replacing it. The library keeps every version, so you can always point to which document represented compliance status as of which date.
Their role as defensible audit artifacts
This is what separates a compliance audit from watching a live view elsewhere: a live view reflects the current state and keeps moving; a compliance audit is a fixed document that says what the state was on the day it was generated, and it stays that way permanently. That distinction matters whenever a compliance question moves outside an internal conversation, into a franchisee dispute, a board discussion, a legal review, or an external audit, situations where you need to produce something dated and unchanging rather than a live number someone could argue had shifted since. Because every compliance audit is retained in the Vault indefinitely with its period and generation date intact, you can always go back and hand over the specific document that was current on a specific day.
The Vault holds this at the network level, in aggregate. A compliance audit reports on your program's standing as HQ sees it; it does not expose a single franchisee's private day-to-day business records, which stay with that franchisee. That boundary is part of what makes the artifact usable outside your own organization: it is a document about program compliance, not a copy of an individual member's raw operator data.
Empty states
- Nothing generated at all, of any kind: the hero's pill reads "Nothing yet," its description line reads the full explanatory copy above, and the Recent row shows "No documents generated yet. Use the Generate button to run a Discovery Day Pack or open the Discovery Day surface for the full builder." (That copy points at Discovery Day specifically, because it's the one document type you can trigger manually from this page; compliance audits are not started from here.)
- Compliance audits specifically is empty, other kinds exist: the Compliance audits row on its own reads "No compliance audits yet," while the hero and other rows continue to reflect whatever has already been generated.
These empty states are independent. A network can already have quarterly reviews and Discovery Day Packs on file, so the hero and Recent both show real tiles, while Compliance audits still reads its own "not yet" line, because that kind hasn't produced a document yet.
How to use it
- 1Open
hq.verinode.ai/vault. - 2Read the hero's Compliance audits figure for the total count, and check the pill for whether anything new generated in the last 30 days.
- 3Scroll to the Compliance audits row and find the period you need, the headline on each tile is the period range, not the generation date, so match it against the window you're being asked about.
- 4Click the tile. Its PDF opens in a new tab; the XLSX opens instead when there's no PDF. Either way you're looking at the same document you'd hand to anyone asking for proof of compliance status for that period.
- 5If you need a document from a period that hasn't been generated yet, there's no button on this page for that. A new compliance audit appears here once Verinode produces one; check back, or watch the Recent row for it landing.
Heads up
A tile reading "Generation incomplete" means the report record exists but its files haven't finished writing. Don't treat an incomplete tile as evidence of anything, wait for it to resolve to "PDF + XLSX available" before relying on it.
Related reading
- Vault: the HQ document library
- Quarterly reviews in the Vault
- Discovery Day Packs in the Vault
- Brand Compliance: the network audit trail
- Broadcast read tracking and 90-day trends
Data sources
Data sources
- 1.Compliance-audit report records: period, generation date, and file links. Verinode HQ reporting pipeline.
- 2.Document counts and 30-day new-document tally. Verinode HQ reporting pipeline.