The correct service to implement is CloudTrail, as it provides the ability to log, continuously monitor, and retain account activity related to actions across the firm's cloud infrastructure. This fulfills the need for compliance auditing by tracking user activities, API calls, and other actions taken within the environment. CloudWatch monitors performance metrics, which does not fulfill the company's requirement for action auditing. Security Hub is used for security checks and aggregate security findings, but not for tracking detailed user actions and API usage. Amazon Inspector is an automated security assessment service to help improve the security and compliance of applications deployed on the environment, not for auditing interactions with the infrastructure.