You can trace the DML statements using LOGMINER and in 9i, the functionality of LOGMINER has been increased to a great extent. Simple SQL statement like you mentioned can be issued against redologs to know what changes were made to the database in the past.
I would recommend LogMiner like Mr. Raminder said.
It will not cause you to create an over head on the day to day operations, and this type of "investigation" should rarely take place anyway. If you are trying to figure out a "who done it"! scenario where too many people have SQL access to the DB, then I would recommend tighteting your security and putting audit trails on applications. This is not what a DBA should be doing on a regular basis!