Is it possible to keep versioning and audit purge for 7 years due to regulatory purposes?
There is no real value in keeping versions for multiple years, and AEM is not the right tool to fulfill regulatory requirements.
There have been a lot of discussions around this in the past because customers come up with similar requirements (e.g., using AEM as an archiving solution to comply with legal duties) on a regular basis.
The general recommendation is to go with external, specialized, and CMS-agnostic tools for archiving if the requirement comes from a legal point of view.
Reasons to not handle this inside of AEM are:
It might be challenging to render a page (or a version of a page) multiple years after it has been published. Your application will have gone through multiple release iterations, the content might have been restructured, components or rendering might have been changed. Depending on the evolution of the application/website, it’s quite unlikely that you will be able to render a page a couple of years after it has been published and get the same result.
AEM does not prevent users with appropriate permissions from changing or deleting content (including versions) in any way. A superuser could simply delete a version, and there is no way to prevent this (in contrast to “real” archiving solutions). Also, not all changes/deletions are tracked through the audit log. There are multiple ways to bypass the audit log when carrying out content changes.
The page version does not include referenced content, such as assets, xf/cf, and other content that’s not stored on a page level but referenced from other sources.
Anything happening client-side, such as personalization/targeting, A/B-testing, and similar will not be reflected in the page version.