System audit configuration and reporting capability should allow an organization to ensure that activity conducted while using “Run as another user” capability can be identified and traced to a specific person in the event of an investigative review of activity. According to Blackbaud documentation, this could be done at the data layer, however, Products has determined that this is incorrect and that you cannot discern the difference between a "Run As" transaction and a transaction committed by an end user. You could only track the "Run As" transactions at the application layer, but this would cause a significant performance hit.