Internal controls

Invoice approvals and IBAN changes

IBAN changes and invoices above a threshold are exactly the actions where the system should require a second pair of eyes.

Published: 2026-05-11Updated: 2026-05-115 min read

Operational accountability in a small company does not start with a large ERP. It starts by preventing sensitive actions without approval.

Which actions to approve

Typical rules include invoice above an internal threshold, IBAN change, user role change, sending a sensitive document, or unlocking a locked period.

Rules should be simple, readable, and tied to a concrete role such as OWNER, ADMIN, or ACCOUNTANT.

Audit and comment

Approval without a comment is often not enough. A sensitive change should keep reason, time, person, and both previous and new state.

This record helps with monthly control and later reconstruction of an error.

FAQ

Is invoice approvals and iban changes legal or accounting advice?

No. OnlineOffice provides working tools and materials. Important outputs should be reviewed against the specific situation.

Related links

Control CenterEnterprise FAQDemo centerInternal controls

Related articles

4-eyes principle in small companiesA second pair of eyes helps with invoices, bank accounts, payouts, and documents.What is an audit trailAudit trail helps explain changes and prepare evidence for internal control.Internal controls for an accounting firmAn accounting firm needs to know what is done, pending, and changed.
Back to blog