The Approval Click Was Your Policy

A founder I work with at a $9M software company approved every vendor payment over $5,000 himself. It took ten minutes a day, and he liked the visibility. This spring he wanted to hand accounts payable to an AI agent so he could stop being the bottleneck. The vendor demo was clean. Then they asked him for his approval policy, the set of rules the agent would run inside, and he couldn't produce one. There wasn't a document. There was him, looking at each payment and deciding.

That's the whole story of finance AI in 2026, compressed.

Governed autonomy needs a rule you never wrote down

The pitch this year shifted. Last year every finance AI kept a human in the loop, pausing for approval before it did anything. Vendors now sell the opposite, what they're calling governed autonomy. You set policies once, the agent executes inside them, and a person designs the guardrails instead of clicking approve forty times a day. Auditoria pitched the framing hard at Workday's developer conference this month, and it's spreading fast across the AP tooling space.

It's a genuinely better model. The agent can't run faster than your approval rules, and rules scale where a person doesn't. But it assumes the rules exist somewhere a machine can read them. Deloitte's number tells you they usually don't: 46% of finance organizations call governance a top AI risk, and only 21% say they have a mature governance model. The gap isn't whether the agent can do the work. It's that nobody wrote down what the work is supposed to do.

You can't hand an agent a gut feeling

When you approve every payment yourself, you don't have a policy. You have a person. An agent can't inherit a person.

What the founder discovered, sitting with the implementation team, is that his approval click was carrying a dozen unwritten rules. He paid the AWS bill without thinking but held any new SaaS vendor until he'd asked what it was for. Recurring contractors went through. Round-dollar invoices from names he didn't recognize got a second look. He knew which two vendors always billed early and which one padded hours in Q4. None of that lived in a system. It lived in his head, and it fired in the half-second before he clicked.

Writing it down was the actual project. It took two afternoons, and most of that time went to edge cases he'd handled so automatically he'd forgotten they were decisions. That's the part the vendor demo skips. Configuring the agent is an hour. Extracting the policy from the person is the work.

What to write before you turn it on

Start with the thresholds you already enforce by gut. A dollar line above which something needs a second set of eyes. A list of vendors that are always fine and a definition of what makes one not fine: a new payee, a changed bank account, an amount outside the normal range. The exceptions that route to a human, and who that human is.

Then watch it for a month before you trust it. Governed autonomy only works if you can see what the agent did and why, by transaction type, not just that a payment cleared. A clean run isn't proof the rules are right. It's proof nothing unusual showed up yet.

Hand off the clicking. Just don't pretend the judgment behind it will come along for free.