What is an invoice approval workflow in accounts payable?

A controlled flow runs: invoice received and captured -> data extracted -> GL coding applied -> matched against PO/receipt where applicable -> routed to the approver(s) the rules select -> approver reviews the invoice, its coding, and supporting documents -> approves, rejects, or questions it -> once fully approved, AP performs a final authorization check -> the invoice posts to the ERP and becomes eligible for payment. Every transition should be timestamped and attributable to a named user.

An "ok to pay" email is weak evidence: it is separable from the invoice, doesn't prove what version the approver saw, can be forwarded or altered, and forces reconstruction at audit time. Strong evidence is a system-recorded approval tied to the specific invoice record, showing the approver's identity, timestamp, the amount and coding at the moment of approval, and any comments. A Slack message has the same weaknesses as email - acceptable as a stopgap only if it's permanently attached to the invoice record.

Coding assigns the accounting treatment (GL account, dimensions, entity); approval is the business authorization that the spend is legitimate and correct; posting records the validated liability in the ERP. They are separate control points and should be performed - or at least reviewable - by different people.

Largely yes, with different scopes: a delegation of authority (DOA) is the board-anchored policy granting spending authority by role and amount; an approval or authorization matrix is its tabular expression; the workflow is the system enforcement of both.

The right approver is whoever can verify the spend is legitimate and correct - usually the budget owner or the person who received the goods or services. Title matters less than knowledge plus formal authority; the DOA defines the dollar level at which more senior sign-off is added.

Invoice approval says "this liability is valid and correctly recorded." Payment approval says "release these funds, from this account, by this method, now." Well-controlled processes keep them as two separate gates with different (or at least separable) approvers.

An approval carries authority and accountability; a review is advisory verification (a coder check, a quality look). Reviews that influence the decision should still be captured in the audit trail - auditors increasingly ask who saw the invoice, not just who signed it.

Not necessarily. If the PO was approved under the DOA and the invoice matches it within tolerance (quantity, price, and receipt where required), the match can serve as the approval - that's the control logic behind skip-approval designs. Exceptions and over-tolerance variances must still route to a human.

One intake point, coding before routing, rules-based routing aligned to a current DOA, authority limits enforced in-system, exception paths (reject, question, reassign) that stay inside the system, segregation between entry, approval, and payment, and a complete audit trail nobody can edit.

In Stampli, the invoice is the workspace - the approval decision lives with the invoice image, coding, PO context, questions, and comments rather than in a detached queue or inbox. Configurable, ERP-aligned rules route each invoice at dispatch; approvers act from desktop or mobile; and every dispatch, approval, rejection, question, and reassignment is captured in an immutable activity record, so the decision is provable without reconstruction.