It’s 6:15 PM on a Friday. A VP of Finance submits a $2.1M vendor payment for final approval. The CFO is on a plane. The finance director who’s the designated backup approver is showing as unavailable in the system, not because she’s unavailable, but because the backup-approver logic in your payment automation was hardcoded nine months ago against a roster that nobody updated when the org chart changed. The payment misses its cut-off. Your treasury team spends two days unwinding the downstream effects. A customer delivery slips.
The failure had nothing to do with whether anyone approved or denied the payment. The approval logic worked fine on paper. The integration layer underneath it didn’t — the same layer the guide to integrating legacy systems with modern platforms argues is where these projects actually succeed or fail.
The approval UI is not the problem
The market for approval workflow tooling is thick. Finance platforms, AP automation vendors, BPA tools, most of them are genuinely good at the visible surface of the problem: the form, the routing rule, the email notification, the audit trail PDF. They have solved “who needs to click approve and in what order.”
What they haven’t solved, and mostly don’t talk about, is what happens when those approval events need to cross system boundaries reliably. When “approved” in your finance platform needs to trigger a payment instruction in your banking connector, which needs to write a record to your ERP, which needs to notify a vendor portal that has its own API quirks, which needs to tag the event in your audit ledger before the approval expires.
That sequence is an orchestrated pipeline with multiple failure modes. The gap between “the button lit up green” and “the money moved correctly and the ledger matches” is exactly the gap that integration infrastructure either closes or leaves open.
Most multi-approval failures aren’t approval failures. They’re integration failures wearing approval clothing.
You’re the ones who get paged when the finance workflow halts mid-chain. You didn’t build the approval UI. But you own the pipes underneath it. And the pipes are the part nobody drew on the architecture diagram.
Why payment workflows break differently than other automations

A purchase order approval or an expense report routing is largely self-contained. The approval decision happens, a record updates, an email fires. If something fails, a human notices within hours and resubmits.
Payment approval chains have different physics. They’re time-sensitive in ways other approvals aren’t: banking cut-off windows, settlement cycles, payment rail SLAs. The same vendor invoice might route through two approvers at $50K and four approvers at $500K, with a parallel compliance check above $100K. They involve external systems, bank APIs, payment processors, ledger systems, that don’t retry cleanly and that have their own notion of idempotency. And they carry audit obligations where every state transition needs a timestamped record, not just the final outcome.
The failure modes are predictable:
- A step times out because a downstream banking API is slow, and the workflow doesn’t retry. It just stops.
- The approval routing is hardcoded against a user list, so when someone goes on leave, the queue backs up silently until someone investigates.
- An approval fires the downstream step twice because the integration doesn’t handle delivery guarantees. The duplicate gets caught by the bank, but not before a reconciliation nightmare.
- The audit team asks “what happened with the October 15th payment” and the answer involves someone with access to four different system logs, none of which talk to each other.
None of these are exotic. They’re the standard production experience of a payment approval chain built on integration infrastructure that wasn’t designed for it.
The approval logic is usually right. The orchestration that executes it in production is what fails.
What the integration layer actually needs

The approval routing itself is about 20% of the engineering problem when you’re automating multi-approval workflows for payments. The rest is the integration infrastructure that carries approval state across systems without losing anything.
Four things the infrastructure has to handle in production:
Durable event delivery. When an approval event triggers a downstream call to a payment API, an ERP write, a banking webhook, that call will eventually fail. The network will misbehave. The target system will be briefly unavailable. The integration layer needs to capture that failure with full payload context and make it replayable, not silently swallow it and leave the workflow in an ambiguous state. Dead-letter handling isn’t optional for payment workflows. It’s the mechanism that keeps a failed API call from becoming a failed payment you only discover at month-end reconciliation.
Data-driven routing. The approval hierarchy for a $2.1M payment is not the same as for a $50K payment, and it may not be the same next quarter as it is today. Hardcoding routing logic into workflow definitions means every org chart change or threshold update is an engineering ticket. Decision Tables, condition rows that workflows invoke at runtime, let compliance and finance own the rules directly without touching workflow code. The table changes; the workflow doesn’t. In regulated environments, audit trails need to show who changed a rule and when. That’s only possible when the rule isn’t baked into the workflow definition.
Queryable traces, not just an audit log. There’s a real difference between “the vendor’s interface recorded that an approval occurred” and “I can query the distributed trace for this specific $2.1M payment and see exactly what happened at each step, how long it took, and where it slowed down.” The first is how you answer a compliance question after the fact. The second is how you debug production. Payment workflows need both, but the integration infrastructure needs to emit structured, queryable telemetry into your existing observability stack, not trap it inside the finance platform’s UI.
Predictable cost at volume. Payment approval automation often gets built on usage-metered platforms because they’re cheap to start. The problem arrives when the workflow is handling real volume: month-end payment batches, quarterly close, peak trading days. On platforms that bill per execution, retries count, loop iterations count, and the runs that failed partway through often count too. The integration layer under a payment workflow needs a pricing model that doesn’t penalize you for running it reliably.
The right architecture question isn’t “which approval tool should we use.” It’s “what integration infrastructure can carry approval state across systems without dropping it.”
What this looks like in a real workflow
An invoice arrives from a vendor, via email, API, or EDI depending on the vendor’s capabilities. It lands in the finance system, triggers an OCR or structured parsing step to extract line items, and routes to an initial AP review. If it passes that, the amount and vendor category determine the approval hierarchy: two approvals in parallel, then a sequential compliance check, then a final CFO sign-off above a certain threshold.
Each of those transitions is an event. Each event needs to reach the next system in the chain, the ERP, the payment rail, the audit ledger, with delivery guarantees, idempotency controls to prevent duplicates, and enough telemetry that you can answer “what happened to invoice #4821” without opening five different dashboards.
The integration patterns for this aren’t exotic: Saga for multi-step state management across systems, Idempotent Receiver to handle duplicate delivery from banking webhooks, dead-letter handoff for the failures that need human review rather than silent discard, and the Circuit Breaker for external payment APIs that occasionally go slow and shouldn’t drag the entire pipeline into a timeout cascade.
These are standard enterprise integration patterns. The question is whether the platform you’re using actually implements them, or whether you’re hand-rolling them in Lambda functions that no one documents.
The observability question nobody asks until it’s late
The operational capability that consistently gets undersold in payment workflow automation: the ability to answer “why did this specific approval chain take four days” or “show me every payment above $500K that touched the compliance step in Q4.”
Those aren’t edge case questions. They come up in audits, in renewal negotiations with finance platforms, in post-mortems when a quarterly close is late. Answering them requires the integration layer to emit structured telemetry against every step of every run, not aggregated summaries, not the UI’s built-in analytics, but real distributed traces your team can query in the same tools they use for everything else.
OpenTelemetry is the standard. Workflows that emit OTel-format traces can be queried in Datadog, Grafana, Honeycomb, or whatever your team already runs. The integration becomes a first-class citizen of your observable surface instead of a black box you have to log into separately to investigate.
If your current integration layer doesn’t export OTel traces, or gates trace access behind a higher-tier plan, that gap shows up in the first serious production incident. Not as a nice-to-have. As the reason the post-mortem takes three hours instead of thirty minutes.
Koodisi ships OpenTelemetry from the Community tier, so a payment workflow is observable from the first day of a trial. The $399/mo Professional tier removes execution caps entirely, no per-execution billing, no overage invoices, which matters specifically for month-end and quarter-end payment batches where volume spikes are predictable and shouldn’t carry a surprise line item. If you want the longer argument for treating integrations as owned software rather than rented recipes, it’s in why unobservable integration stacks are the real hidden bill.
The approval logic is probably not what breaks your payment workflow in production. Check the pipes.