The problem nobody measures
Every day, in companies of all sizes, someone sends an email requesting approval for an expense. A manager replies "ok." The purchase happens. The money leaves. And six months later, nobody can say who approved it, when it was approved, or whether the amount was within the approver's authority.
This scenario repeats across purchase orders, expense reports, budget requests, and vendor payments. These are critical financial processes that, in most organizations, run on email, chat messages, or shared spreadsheets.
The result is not just inefficiency. It is real risk.
The risks of uncontrolled approvals
Fraud
Without a formal approval flow, anyone can approve any amount. Without separation of duties — where the requester cannot be the approver — the door to fraud is open. Not because people are dishonest, but because the system allows it.
Audit failures
Internal and external auditors ask: who approved this expense? When? Based on what? If the answer is "the manager replied 'ok' by email," the evidence is fragile. Emails get lost, deleted, or fail to demonstrate that the approver had authority for that amount.
Budget overruns
Without centralized visibility, different departments approve expenses without knowing how much of the budget has already been committed. The sum of individual "oks" exceeds the planned limit. Finance finds out too late.
Operational delays
When the approval flow is unclear, requests stall because nobody knows who needs to approve. The requester does not know whether to follow up with the manager or the director. The manager does not know whether that amount needs to go to the CFO. Paralysis is frequent.
How to structure a financial approval flow
An effective financial approval process has four components: clear authority thresholds, mandatory fields, SLA per level, and an audit trail.
1. Value-based approval thresholds
The first step is defining who can approve what. The most common logic is based on value ranges:
- Up to R$ 5,000 — Automatic approval (provided the requester has available budget and the cost center is correct)
- R$ 5,001 to R$ 50,000 — Direct manager approval
- R$ 50,001 to R$ 500,000 — Area director approval
- Above R$ 500,000 — CFO + board or financial committee approval
Ranges vary by company size and culture, but the principle is universal: the higher the value, the higher the authority required.
2. Mandatory fields per request
Every financial approval request should contain, at minimum:
- Amount: the exact expense or purchase value
- Cost center: which budget the expense will be allocated to
- Justification: why the expense is necessary
- Vendor: who will receive the payment
- Invoice or fiscal document: the supporting tax document
Without these fields completed, the request should not move forward. This is not bureaucracy — it is the minimum needed for any approver to make an informed decision and for audits to have what they need.
3. SLA per approval level
Each authority level should have a maximum decision deadline:
- Automatic approval: immediate (system validation)
- Direct manager: 24 business hours
- Director: 48 business hours
- CFO / Committee: 5 business days
When the SLA is breached, the system should escalate automatically: notify the approver, then their superior, and log the delay. Without SLAs, requests sit indefinitely and the requester does not know whether to follow up or wait.
4. Complete audit trail
Each approval — or rejection — must be recorded with:
- Timestamp (exact date and time)
- Approver identification (who made the decision)
- Comments (approval justification or rejection reason)
- Authority level (confirming the approver had authority for that amount)
This trail cannot be edited or deleted. It is the immutable record proving the process was followed. When the auditor asks "who approved?", the answer is there — with time, name, and context.
Separation of duties: the non-negotiable principle
A fundamental control in any financial process: whoever requests the expense cannot be the one who approves it. This is separation of duties, the foundation of any internal control framework.
In practice, this means the system must automatically prevent the request creator from appearing as an approver. It is not guidance — it is a system-level block.
Similarly, for payments above a certain amount, dual approval may be required: two independent people must approve before the payment is released.
What changes when the process is structured
When you move away from email and implement a formal financial approval flow, the gains are immediate:
Real-time visibility: finance knows at any moment how many requests are pending, which have been approved, and the total committed value per cost center.
Cycle reduction: with defined SLAs and automatic escalation, approvals that took weeks are resolved in hours or days.
Complete traceability: every decision has a record. Audits stop being archaeology exercises in email inboxes.
Fraud prevention: separation of duties ensures no single person can create and approve an expense.
Compliance: the process documents that the company follows its own internal controls — critical information for external audits, due diligences, and certifications.
How CaseFy solves this
CaseFy lets you create configurable financial approval workflows with automatic routing based on value thresholds.
In practice, you create a process template with stages corresponding to each approval level. Mandatory fields — amount, cost center, justification, vendor, invoice — are defined in the template and validated automatically.
Routing rules direct the request to the correct approver based on value. Separation of duties is enforced by configuration: the requester is automatically excluded from the list of possible approvers.
Every action is recorded in the case timeline — creation, approval, rejection, comments, value changes. The audit trail is immutable and queryable at any time.
SLAs are configured per stage, with automatic notifications as the deadline approaches and escalation when it is breached.
The result is a process that works the same way every time, with evidence of every decision and real control over the money leaving the company.