AlfaTechLabs
Let's TalkBook a Demo
← Back to portfolio
Built for the UAE ● Live in production Enterprise · 1,400 reqs/mo SLA 24h · audit-grade

Nine steps. One engine. Every approval, on the record.

A rules-based approval-routing platform for a UAE enterprise procurement team — replacing a fragile email-and-PDF process with a configurable routing graph, parallel-and-serial reviewers, escalation timers, and a tamper-evident audit ledger.

0
requests · monthly
0%
cycle-time reduction
0%
audit coverage
0 reviewers
avg path length
The engine

Routing, escalation, sign-off — visible end-to-end.

A live view of one in-flight purchase request, the rules that routed it, the reviewers it touched, and the moment it was signed. Everything is on the record.

approvals.acmegroup.ae / request · 4892
⌘K?

Request #4892 · IT Hardware refresh · AED 280,000

Initiator · Hessa A. · IT & Operations · raised 06-May-2026 09:14
IN FLIGHT SLA · 18h remaining Capex template
REQUEST RULE ENGINE REVIEWERS · PARALLEL SIGN-OFF PR-4892 AED 280,000 capex · 32 SKUs vendor: Tier-1 ITS Threshold amount > 250K? YES → CFO + Legal 280K FA Faisal A. · Dept head approved · 09:42 ✓ 28 min RM Reem M. · CFO approved · 11:14 ✓ 1h 32m JM Jasem M. · Legal in review · 18h SLA 38% Sign-off awaiting all 3 PDF + audit hash → ERP + vendor escalates to General Counsel at +24h approved in review requested · rule applied: capex > 250K → CFO + Legal in parallel
Audit ledger · this requesttamper-evident · hash-chain · live
HA
Hessa A. raised request #4892 · AED 280,000
capex · 32 SKUs · vendor: Tier-1 ITS · justification attached
SUBMITTED 09:14
SY
System · routed via Capex template · rule: amount > 250K → CFO + Legal in parallel
policy version 3.2 · effective 01-Jan-2026 · hash 8f3a2c…
ROUTED 09:14
FA
Faisal A. · Dept head · approved with note "in line with FY26 plan"
decision time 28 min · attached: capacity-plan-fy26.pdf
APPROVED 09:42
RM
Reem M. · CFO · approved · budget line confirmed
decision time 1h 32m · budget-line: ITS-2026-Q2 · remaining AED 740K
APPROVED 11:14
JM
Jasem M. · Legal · request received · vendor T&Cs check started
SLA 24h · 18h remaining · auto-escalates to General Counsel at +24h
IN REVIEW 11:14

A representative request. Names, request numbers and figures shown are illustrative — every deployment runs on the client's own approval matrix and policy library.

Anatomy

Six capabilities. Engineered around one outcome.

An approval that lands faster, with fewer phone calls — and a record an auditor can replay clause-by-clause.

01 — Rule engine

Configure your policy in plain language. The engine does the routing.

A declarative rules language for the procurement policy itself. Thresholds, vendor categories, project codes, classification, geography — combined into routing rules that procurement officers can edit themselves.

  • Declarative policy DSL · readable by non-engineers
  • Versioned rules · diffable, reviewable, signed
  • Dry-run mode: simulate a new policy on the last 90 days
  • Hot reload · zero-downtime deploys
  • Per-business-unit policy · group-wide override
policy.capex.v3.2.dsl · last edit Reem M.
// Capex policy · v3.2 · effective 2026-01-01

when request.type == "capex" and request.amount > 250_000 then
  require [
    approver.dept_head,                  // serial
    parallel [
      approver.cfo,
      approver.legal_counsel           // runs in parallel
    ]
  ]
  sla { dept_head: 8h, cfo: 24h, legal_counsel: 24h }
  on_breach escalate_to approver.general_counsel

when request.type == "capex" and request.amount > 50_000 then
  require [ approver.dept_head ]
  sla { dept_head: 24h }

// recurring vendors with valid framework agreement skip dept-head
when vendor.tier == "recurring" and vendor.framework is active then
  skip approver.dept_head
  audit_note "framework-agreement bypass"
02 — Routing templates

Three templates cover 92% of requests. The other 8% get a human.

Out-of-the-box routing for Capex, Opex and Recurring-vendor purchases — each tunable to your organisation's structure. Edge cases route to a procurement officer who can configure or override, with the audit log making the override visible.

  • Capex template: serial dept-head → parallel CFO + Legal
  • Opex template: dept-head only (under threshold) or finance manager
  • Recurring-vendor: framework-agreement bypass with audit note
  • Custom templates: scope, geography, classification, project code
  • Override workflow with required justification & sign-off
Templates · last 30 days · live
Capex312 reqs · 22%
Capital expenditure · IT hardware, fit-out, equipment. Threshold-aware routing with parallel CFO/Legal at 250K.
Initiator Dept-head CFO ∥ Legal Sign-off
Opex762 reqs · 54%
Operating expenditure · supplies, maintenance, services. Lighter routing — dept-head only under 50K.
Initiator Dept-head Sign-off
Framework218 reqs · 16%
Recurring vendor with active framework agreement. Skips dept-head; audit-note records the bypass.
Initiator Sign-off
108 requests · 8% · routed to procurement officer for manual override → all logged, justified, signed.
03 — SLAs & escalation timers

Reviewers don't sit on requests — the engine doesn't let them.

Per-stage SLAs with escalation timers. If a reviewer is on leave or hasn't actioned the request inside their window, the engine auto-escalates to the named delegate or to a senior reviewer.

  • Per-stage SLA configurable in the policy DSL
  • Auto-escalate to named delegate when reviewer is on leave
  • Escalate to senior reviewer when SLA breached
  • WhatsApp / Teams / email reminder cadence
  • Out-of-office calendar integration · proactive routing
SLA performance · last 30 days
Median time-to-first-review4.2h
Was 38h before deployment
Median request cycle11.8h
−71% vs paper baseline
SLA breached2.1%
Auto-escalated · 38 in 30d
Auto-routed to delegate141
When reviewer was OOO
Re-routed manually28
By procurement officer · all logged
Cycle for capex > 250K22.8h
Even with parallel CFO + Legal
04 — Tamper-evident audit ledger

An auditor can replay any request. Forensically.

Every state change is appended to a hash-chained ledger. The full request — including the policy version that was active when it was raised — can be replayed years later. Auditor evidence packs export in one click.

  • Append-only ledger · hash-chain across entries
  • Policy version pinned per request · forensic replay
  • Signed PDF evidence pack · regulator-ready
  • Configurable retention · 7 years default
  • Dual-key verification on dispute · external auditor friendly
Ledger entries · request #4892
HA
Hessa A. raised request
hash 8f3a2c…b918 · prev a219cd…
v3.2 09:14:02
SY
System applied Capex template
hash c41f9a…d228 · rule: capex.threshold.parallel
RULE 09:14:03
FA
Faisal A. approved · serial step 1 of 2
hash 3e88aa…ff14 · attached: capacity-plan-fy26.pdf · sha256 verified
SIGN 09:42:11
RM
Reem M. approved · parallel step 2a of 2
hash 7c1aaf…2901 · budget line: ITS-2026-Q2
SIGN 11:14:38
SY
System chain integrity verified · 5 entries · OK
last verified 12:08:14 · scheduled re-verify in 6h
CHAIN OK 12:08
05 — Reviewer experience

Approve from your phone in two taps. With evidence.

Reviewers don't open the laptop unless they have to. Push notifications, a one-screen request summary with the relevant clauses pre-quoted, and tap-to-approve / tap-to-question. With audit hash applied automatically.

  • Mobile push notifications · iOS · Android
  • One-screen summary: amount, vendor, justification, policy clause
  • Tap to approve · tap to question · tap to delegate
  • Comments are part of the audit trail · attachable evidence
  • Out-of-office handover · with named delegate & coverage window
Reviewer · mobile · request preview
Approval needed
PR-4892 · IT Hardware refresh
SLA 18h
AmountAED 280,000
InitiatorHessa A. · IT & Ops
VendorTier-1 ITS · framework
Budget lineITS-2026-Q2
Stage2 of 3 · CFO sign
view 32 SKUs view justification view policy v3.2
Approve
Question
06 — Integrations

Plays nicely with the ERP, the e-signature, the directory you already run.

SAP, Oracle, Microsoft Dynamics, Workday — the engine reads your master data and writes back the signed PO. SSO via your existing IdP. No double entry, no parallel master data.

  • SAP, Oracle, Microsoft Dynamics, Workday · vendor & budget master
  • DocuSign · Adobe Sign · qualified e-signature on output PDFs
  • Azure AD · Okta · Active Directory for SSO and reviewer roster
  • Exchange / Google Calendar for OOO awareness
  • WhatsApp Business · Teams · Slack for in-line approvals
Connected systems · this client
SAP S/4HANA · vendor master
14,820 vendors · sync every 4h · last 11:42
live
SAP S/4HANA · budget & cost-centres
2,108 cost-centres · 38 cost-objects · sync hourly
live
Azure AD · reviewer roster
182 reviewers · OOO calendar enabled · MFA enforced
live
DocuSign · evidence pack signing
Qualified signature · UAE legal-form ready
live
Microsoft Teams · in-line approval card
Reviewer can approve in DM without leaving Teams
live
Stack

A workflow engine that fits.

Modular, container-shipped, and integration-friendly with the systems your CFO already paid for.

SAP
ERP
Oracle
ERP
MS Dynamics
ERP
Workday
HR · Cost
DocuSign
e-Sign
Adobe Sign
e-Sign
Azure AD
SSO · MFA
Okta
SSO
Teams · Slack
Approvals
WhatsApp
Approvals
Postgres
Data
REST · Webhook
Anything
In production

Three procurement teams. Same engine, configured differently.

Anonymized at the client's request. Industry, scale and outcomes are real and verifiable on request under NDA.

Conglomerate · 1,400 reqs/mo

Capex requests cleared in a day, not a week.

Diversified holding · 14 BUs · 1,400 monthly requests

The procurement team used to run a 9-step, mostly-email approval process where requests went stale waiting for a reviewer who was on leave. Now requests route around OOO automatically and the median capex cycle is under 24 hours.

"We saved 380 reviewer-hours in the first month — and zero of those reviews were skipped."

— group head of procurement

−71%
cycle time
100%
audit coverage
14 BUs
on one engine
1,400
requests/month
Government-related · capex

An audit-grade trail that satisfies the regulator the first time.

Public-sector entity · capex committee · regulator-facing

Audit prep used to be a six-week scramble — collating emails, PDFs, Excel signatures and meeting minutes. The first regulator visit after deployment was the first one to finish in a single afternoon.

"The auditors said it's the cleanest evidence pack they've seen all year. We didn't have to defend a single decision."

— compliance director

100%
audit coverage
1 day
audit prep · was 6 weeks
7 yr
tamper-evident retention
0
decisions challenged
Financial-services · vendor onboarding

Vendor onboarding turned into a self-service flow with a real reviewer at the gate.

Banking-adjacent FS · 220 active vendors

Vendor onboarding used to take 4–6 weeks of email back-and-forth between procurement, legal, risk and IT. The same flow now runs through the engine: vendor uploads docs, reviewers act on a single screen, and the vendor master in SAP gets the green flag automatically.

"Vendors comment on it. They go from 'painful old bank' to 'shockingly modern' in their first interaction with us."

— head of vendor management

−68%
vendor onboarding time
100%
KYC docs verified
220
vendors live
SAP
vendor master in sync
Implementation

Live in 10 weeks. Carefully.

Procurement is high-trust. We move slowly on policy and quickly on plumbing — because the engine is only useful if your reviewers actually open it.

Talk through your rollout
Week 1–2 · Discovery

Map your policy & your matrix

Review existing procurement policy, approval matrix, current cycle times, regulator/audit requirements. Define gold metrics and a backlog of test cases (real recent requests).

Week 3–4 · Provision

Stand up the environment

VPC or on-prem cluster. SSO with your IdP. ERP connectors. Calendar & OOO awareness. Reviewer roster imported. Audit ledger configured.

Week 5 · Codify policy

Translate the policy into the DSL

Write Capex, Opex, Recurring-vendor templates against your real policy. Dry-run them on the last 90 days of requests. Tune until expected outcomes match.

Week 6 · Internal beta

Procurement officers run shadow flows

Procurement officers raise duplicate requests in the new engine alongside the old process. Compare outcomes. Identify edge cases. Adjust rules.

Week 7–8 · Reviewer training

Train reviewers · enable mobile

One-hour session per reviewer cohort. Mobile push wired up. OOO delegate registration. The engine starts sending real requests for one BU.

Week 9–10 · BU-by-BU rollout

One BU at a time

Each BU goes live on a Monday morning, with daily check-ins for the first week and weekly for the next month. Old process retired only after the new one has handled a full month of that BU's traffic.

Compliance

Built for audited environments.

We design to the strictest framework in the room. SOC 2, ISO 27001, UAE NESA, and sector-specific frameworks on request.

SOC 2 · Type II
Security
ISO 27001
Infosec
ISO 9001
Quality
UAE NESA
Sovereign
UAE PDPL
Privacy
GDPR-equiv
Privacy
SOX-ready
Controls
PCI-DSS
Payments
AES-256
Encryption
Hash-chain
Audit
Common questions

The things every procurement and finance head asks.

If yours isn't here, ask us — we welcome the questionnaire and the audit conversation.

Send your questionnaire
Can we configure the rules ourselves?

Yes. The policy DSL is designed to be readable and writeable by procurement officers, not engineers. Rule changes are versioned, diffable, dry-runnable against the last 90 days of requests, and require sign-off before they go live. We train your team to own the rules — we're not a managed service for your policy.

How does it handle parallel reviewers and partial approvals?

Both serial and parallel reviewer chains are supported. A single rule can specify "dept-head, then [CFO and Legal in parallel], then sign-off". Partial approvals (one reviewer says yes, another flags a question) hold the request in a clear "pending question" state with the audit trail intact. Nothing advances until the question is resolved.

What happens if a reviewer is on leave?

The engine reads your Exchange / Google Calendar OOO and reroutes proactively to the named delegate before the request even lands. If a reviewer becomes unreachable mid-flight (sudden leave, illness), the SLA timer escalates to a senior reviewer or named delegate. All re-routings are logged with the reason.

Does it integrate with our ERP?

Yes — SAP, Oracle, Microsoft Dynamics and Workday are all live in production deployments. The engine reads your vendor master, budget lines and cost centres, and writes back signed POs. We use your existing master data; we don't ask you to maintain two copies.

Is the audit log tamper-evident?

Yes. Every entry is hash-chained to the previous entry. Tampering with any entry breaks the chain and is detectable instantly. Chain integrity is verified continuously. For disputes, dual-key verification is supported with an external auditor's key — they can prove independently that the ledger has not been altered.

Can reviewers approve from their phone?

Yes. iOS & Android push notifications, with a one-screen request summary and tap-to-approve. The mobile view is the audit-equivalent of the desktop — same hash, same trail. We have CFOs running their entire approval queue from the phone.

How long does it take to deploy on our process?

Standard rollout is 10 weeks for a multi-BU enterprise. The biggest variable is policy translation — codifying your existing approval matrix into the DSL. Faster is possible if your policy is already clean and documented; slower if discovery uncovers undocumented exceptions (it usually does).

What's pricing?

A platform subscription scaled by monthly request volume and number of integrated systems, plus a one-time implementation fee. Sovereign / on-prem deployments are quoted separately. We share a worked example in the discovery call — no obligation.

Want full ops visibility too? — read the Business Tracking deep-dive →
Book a workflow walkthrough

See it on your approval matrix.

45 minutes. Bring your policy and your three most painful approval flows. We'll show you how the engine would have routed them.