AI receipts (audit trail)

Every AI action in Ochre leaves a receipt. Drafted, sent, suppressed, edited, or fallback-rerouted: all of it is logged with the data you need to audit it later.

If you cannot audit your AI, you cannot trust it.

What is in a receipt

For every AI reply, the receipt records:

• Model. Which model produced it (e.g. Claude Sonnet 4.6).
• Provider. Anthropic or OpenAI.
• Tokens in. Input prompt size.
• Tokens out. Output draft size.
• Cost. Dollars to your provider, exact.
• Confidence. 0 to 100 score.
• KB sources. Articles cited.
• Auto-labels. Topic, priority, and label confidence.
• Action taken. Sent, drafted, suggested, suppressed.
• Reason for action. "auto-send (above 85% floor)", "drafted (below floor)", "suppressed (bypass label: bug)", and so on.
• Fallback used. If the primary key failed, what happened.

Where receipts live

Two places:

1. Inline on the conversation. Click the receipt icon on any AI reply.
2. AI → Receipts. A searchable, filterable feed of every receipt across the workspace.

Aggregated views (cost by model, fallback rate, daily spend) live on the AI → Spend page and on the AI overview at /ai.

What you can filter on

• Time range.
• Model and provider.
• Action taken (sent, drafted, suggested, suppressed).
• Confidence range.
• Topic.
• Channel.

Use those to answer questions like:

• "What did our auto-sent replies cost last week?"
• "When did we last fall back to OpenAI?"
• "Which auto-sent replies have the lowest confidence?"

Receipts and trust

The receipts feed is the single best way to build trust before turning Autopilot mode on.

For two weeks in draft mode:

1. Read 10 receipts a day.
2. Note any drafts that would have been bad to auto-send.
3. Adjust Voice and tone, Confidence thresholds, or Guardrails and bypass labels accordingly.

After two weeks, you should be able to scan receipts in seconds and see clean patterns. That is the green light for Autopilot.

Cost auditing

Receipts give you a per-reply dollar number. The Spend page aggregates daily spend, model mix, and savings versus the per-resolution prices the legacy helpdesks charge.

If a number looks weird, drill into individual receipts. The most common cause of a cost spike is a long-thread bug elsewhere or a misconfigured automated email loop.

Caps are enforced separately. See Spend caps and alerts.

Suppressed replies

When the AI stays silent due to a confidence floor or a bypass label, a "suppressed" receipt is still logged. It captures:

• What the AI would have said.
• Why it was suppressed.

This is useful when reviewing whether a guardrail is too aggressive. If you find lots of suppressed replies that look fine, loosen the floor.

Retention

Receipts are retained for the lifetime of the conversation, plus an extra 90 days after the conversation closes. Past that, the per-reply detail is removed and only aggregates remain.

If you need longer retention for compliance, contact us.

Compliance

Receipts capture every AI decision. They are exportable as CSV via support for SOC 2 and similar reviews. The org-level audit log covers admin state changes (key rotations, integration connects, role changes) — receipts and the audit log are complementary, not duplicates.

What is not in a receipt

• The full prompt sent to the model. We log inputs metadata, not the literal prompt template.
• The customer's PII outside the message itself.
• Private API keys.

If you need to debug a specific reply, the receipt has enough detail to reconstruct the decision. If you need more, contact support.

Recommended workflow

• Read 10 receipts a day during onboarding.
• Watch the daily spend chart and the fallback rate weekly.
• Review heavily-edited or low-confidence drafts in Quality assurance review.
• Export monthly receipts via support if you want longer-term analysis.

Related

• Autopilot mode
• Confidence thresholds
• Spend caps and alerts
• Quality assurance review
• Learned Q&A library