Most fintech teams build their audit trails in the application layer. An ORM plugin here. A middleware hook there. A background job that "eventually" writes to an audit table.
Then — six months into production — an auditor asks a question that breaks everything. "Can you prove this record was never modified between 2:14am and 6:30am on March 12th?" And suddenly the team is debugging race condition