Reference Implementation

AP Resolve: Invoice Exception Agent

A reference implementation that shows how agentic workflows complete work safely using evidence, controls, and an audit trail.

Turn an "invoice exception" into a completed resolution workflow
Evidence-first outputs with citations back to system-of-record data
Safe autonomy with approvals, escalation, and logs

Open Demo View Architecture

What Makes It "Agentic"?

"Agentic" means it can take a real action in a business process, not just generate text. The agent retrieves evidence from systems of record, validates against policies, proposes specific bounded actions, and upon approval, executes those actions with full traceability.

This demo uses bounded autonomy: the agent proposes actions based on evidence and rules, then executes only after human approval. The unit of value is workflow completion (case resolved), not chat responses.

Key Principles Demonstrated

The foundational patterns that make this agent safe and effective

Unit of Value = Workflow Completion

Success is measured by cases resolved, not chat responses. The agent completes real work.

Least Privilege + Approval Gates

Agent proposes, human decides. No unilateral action on sensitive operations.

Evidence-First

All claims cite sources. Every finding links back to POs, contracts, or policies.

Observability

Structured audit log with hash chain captures every action, decision, and state change.

Escalation Path + Kill Switch

Clear escalation for edge cases. Emergency stop mechanism for immediate halt.

Decision Rules

The explicit logic that governs agent behavior - no black boxes

Escalation Triggers (Hard Blocks)

These conditions always escalate to human review - no approval option

Sanctions Violation Vendor on sanctions list → Immediate escalation, compliance review required
Vendor Mismatch Invoice vendor ≠ PO vendor → Potential fraud indicator
Low Confidence Confidence score < 60% → Insufficient evidence for automated decision
High Risk Level Risk = HIGH → Requires senior review regardless of other factors

Confidence Scoring

Agent confidence starts at 90% and adjusts based on evidence

No PO Found −40% confidence
No Contract Found −20% confidence
Receiving Not Confirmed −20% confidence
Sanctions Violation Drops to 20% immediately

Risk Level Assignment

Risk level determines review requirements and escalation paths

LOW
Default All checks pass, standard approval workflow
MEDIUM
Amount Exceeds PO Invoice total > PO approved amount
MEDIUM
Currency Mismatch Invoice currency ≠ PO currency
HIGH
Vendor Mismatch / Sanctions Triggers mandatory escalation

7 Validation Checks

Every invoice runs through these checks with evidence citations

1 PO exists in system?
2 Contract exists for vendor?
3 Amount ≤ PO approved amount?
4 Goods/services receipt confirmed?
5 Invoice vendor matches PO vendor?
6 Currency matches PO currency?
7 Vendor not on sanctions list?

Controls You Can Point To in the Demo

A checklist students can map to what they see

Least Privilege Permissions

Agent can only execute pre-defined bounded actions, never arbitrary operations
Approval Gates

Human approval required before any write operation executes
Logging and Audit Trail

SHA256 hash-chained event log captures every action with who, what, when, why
Escalation Path and Rollback

Automatic escalation for sanctions, vendor mismatch, low confidence; kill switch for emergencies

What to Watch for During the Walkthrough

Where evidence is pulled from
POs, contracts, and policies retrieved with citations
Where the agent refuses or escalates
Sanctions violations, vendor mismatches, low confidence triggers
What gets logged
Every state change, retrieval, decision with hash chain verification
What the "done state" looks like
Case resolved, ERP updated, evidence logged, audit complete