An AI accountant is not an accountant. Machine learning tools in accounts payable can extract invoice data, suggest account codes, flag anomalies, and surface exceptions for review. What they cannot do is sign a payment, take legal responsibility for an approval decision, or absorb the consequences when something goes wrong. Most content on this topic stops at the first list. The governance question nobody addresses clearly is the second: who is legally accountable when an AI-assisted payment turns out to be fraudulent, incorrect, or unauthorised? The answer, under every current legal framework in Australia, is a human being.
That distinction matters because the gap between what AI does well and what humans must retain is exactly where Australian finance teams are making decisions right now, often without a clear framework for where the line sits.
What does machine learning do in AP automation?
AI in accounts payable is most valuable where the task is repeatable, pattern-based, and high-volume. Three functions stand out.
Data extraction and structuring. PDF invoices arrive in dozens of formats. Machine learning models, trained on large volumes of documents, use OCR for invoice processing to identify line items, amounts, supplier details, GST treatment, and payment terms without manual re-keying. This is where the technology is most mature and most reliable. The error rates for structured extraction from standard invoice formats are low, and the productivity gains are real.
Coding suggestions. Once an invoice is extracted, the system needs to decide how to code each line item. AI approaches this by learning from coding history: if a particular supplier’s labour line has been coded to a specific account 47 times, the model will suggest that code again on the 48th invoice. This is not intelligent reasoning. It is pattern matching. It works well for stable, recurring suppliers and breaks down when a new supplier appears, when a line item is ambiguous, or when the historical coding was itself inconsistent.
Anomaly flagging. When supplier details change, when an invoice amount sits outside historical norms, or when a potential duplicate arrives, machine learning can surface those signals before the invoice reaches the approval queue. This is arguably where AI adds the most protective value in AP, because these are exactly the moments when payment redirection fraud and business email compromise succeed. The model is not making a judgement call. It is identifying a statistical deviation and routing it for human review.
All three of these functions support human decision-making. None of them replace it.
What is the governance question no one is answering?
Here is the tension that sits underneath almost every “AI accountant” conversation: the marketing language has outpaced the legal and governance reality.
Software vendors regularly describe their tools as AI-powered, autonomous, and capable of processing invoices end-to-end. What they rarely explain is what happens when that processing produces an incorrect payment. Who carries the liability?
Under Australian law, the answer is unambiguous. AI systems have no legal personhood. They cannot be held responsible for decisions. The Department of Industry Science and Resources’ legal landscape guidance on AI in Australia confirms there is no legislative framework that transfers liability from the organisation deploying an AI system to the system itself. Courts consistently assign liability to the organisations and professionals deploying AI, not to the technology.
In practical terms, this means a finance team that allows an AI tool to approve and route a payment without human sign-off has not removed accountability from the process. They have just made it harder to explain where the control was.
Where Human Approval Authority Is Non-Negotiable
The legal position translates into three specific areas where human approval authority must remain intact, regardless of how capable the AI layer is.
Payment authorisation. No AI system should have the authority to initiate or approve a payment without a human reviewing and signing off on the instruction. This is not a technology limitation that will eventually be overcome. It is a governance requirement. Payment redirection scams cost Australian businesses AU$152.6 million in 2024, a 66% increase from the prior year, according to the ACCC’s National Anti-Scam Centre. Many of those losses occurred in businesses that had automation in place but lacked the human checkpoint at the point of payment.
Bank detail change approvals. When a supplier’s bank account details change, no automated system should process that change as routine. This is the single most exploited vector in business email compromise. The AI model sees a supplier name it recognises and processes the invoice. But the bank details on that invoice are different from every previous payment. A Victorian construction company lost AU$900,000 in 2024 when attackers compromised a supplier’s email and substituted their own bank details on an otherwise legitimate invoice. The email came from the supplier’s genuine address. A system designed to flag that deviation and halt it for human review would have caught it.
Threshold-based approval limits. Delegation of authority frameworks exist for a reason. Different roles within a business have different authorisation limits. An AI system that routes invoices based on amount must be paired with enforced approval workflows that match those limits in real time. Segregation of duties requires that the person processing an invoice is not also the person approving payment. If an automated workflow removes the friction but also removes the control, it has not solved the problem.
The Scenario Where This Goes Wrong
A financial controller at a Brisbane wholesale distributor adopted an AP automation platform that used AI to process and code invoices, routing them to Xero once matched. The platform flagged exceptions for review, but the exception threshold was set at 15% variance from historical amounts. A supplier invoice arrived with standard amounts but with changed bank details. The AI matched it on amount and coding history. No exception was triggered because the financial control was configured around price variance, not supplier detail changes. The invoice was published to Xero and paid before anyone reviewed the bank detail change. The AU$47,000 payment could not be recovered.
The failure was not the AI. The failure was the configuration of what the AI was asked to check. And behind that configuration decision sat a human being who was accountable for it.
AP automation that does not include vendor validation as a core control function is not safer automation. It is faster exposure.
What AI Does Well: The Legitimate Value in AP
Reducing manual re-keying errors. According to global benchmarks from DocuClipper, 39% of invoices processed manually contain errors. Machine learning extraction concentrates errors in the genuinely ambiguous cases rather than distributing them across all invoices.
Consistent line-item coding. Before AI-assisted coding, a bookkeeper managing accounts for multiple clients might code the same supplier’s freight line to three different accounts across three clients, because there is no enforced rule and the decision is made fresh each time. After AI-assisted coding, the suggestion is drawn from supplier history, and the coding is consistent unless there is a specific reason to override it.
Exception surfacing before the ledger. The most productive use of AI in AP is to separate the invoices that need attention from those that do not. A finance team that reviews every invoice is spending most of its time reviewing invoices that are routine and correct. AI can handle the routine cases and concentrate human attention on the exceptions: the duplicate, the price mismatch, the changed bank detail, the new supplier without a verified ABN. The 15 minutes of human review that remains is not optional. It is the control.
Duplicate detection before publication. AI can compare incoming invoices against invoice history and flag potential duplicates before they reach the ledger. Paying a supplier twice is a recoverable error. Paying a fraudulent duplicate is sometimes not.
The 50% Problem: AI-Generated Fraud
Around 50% of business email compromise emails are now AI-generated, according to security industry research. This creates an uncomfortable symmetry: the same technology being adopted to speed up AP processing is also being used to make fraudulent invoices more convincing.
An AI-generated fraudulent invoice is formatted correctly, addresses the right contact, references the right project or supplier relationship, and is grammatically indistinguishable from a legitimate document. A finance team relying on visual inspection to catch fraud is working against increasingly sophisticated tools.
Without a structured validation layer that checks supplier details against historical behaviour before an invoice is approved and published to the accounting system, a faster AP process is also a faster fraud pathway.
What “AI Accountant” Tools Actually Cannot Do
- Take legal responsibility for a payment. No AI system can be sued, prosecuted, or held professionally liable under Australian law. The person or organisation that deployed the tool retains all accountability.
- Exercise judgment on genuinely novel situations. AI coding suggestions work on historical patterns. A new supplier, an unusual invoice structure, or a transaction that sits outside the historical range requires a human decision.
- Verify the real-world legitimacy of a supplier. AI can check whether an ABN is correctly formatted. It cannot verify whether the business associated with that ABN is legitimate, or whether a contract was entered into in good faith.
- Approve exceptions. Exception handling exists precisely for situations where the automated logic cannot produce a confident answer. Routing those exceptions back through AI rather than to a qualified human defeats the purpose of the exception system.
- Sign a bank transfer. No AI tool should have authority to initiate a payment without a human authoriser completing the approval step.
Configuring AI Controls Correctly
The difference between AI that reduces risk and AI that compounds it often comes down to configuration decisions made at setup.
Exception thresholds must cover supplier detail changes, not just amount variances. A threshold set at 15% variance on invoice amount will not catch a payment redirection fraud where the amount is correct. The validation layer needs to check bank account details, supplier name formats, ABN, and GST registration status.
Approval workflows must reflect your actual delegation of authority. If your business requires two approvers for invoices above AU$10,000, the automated routing must enforce that in the workflow, not just document it in a policy. Approval workflows that are configurable but not enforced are not controls. They are suggestions.
Audit trail must be complete. For every invoice processed, the system should record what the AI recommended, what a human reviewed, and who authorised the payment. An audit trail that only records the final approval does not satisfy the segregation of duties requirement.
Human review of exceptions must be prompt. An exception queue that sits unreviewed for three days defeats the purpose of real-time flagging. The control is not just the flag. It is the review that follows it.
Practical Implications for Australian Finance Teams
- Map your current approval workflows and identify every point where a human is currently in the loop. Automation should maintain those control points, not remove them.
- Review what your exception thresholds are configured to catch. If they only flag amount variances, add supplier detail change detection.
- Confirm your audit trail records AI recommendations separately from human approvals. You need to be able to reconstruct what happened at each step.
- Check whether your delegation of authority policy is enforced in your workflow software or just documented. A policy in a PDF is not a control.
- Train anyone processing invoices on what AI-generated fraud looks like. Faster processing is safer only when the human review that remains is a genuine checkpoint, not a rubber stamp.
Sources: ACCC - Targeting Scams Report 2024 · Karbon - State of AI in Accounting 2025 · ATO - Record-keeping requirements for business
Further reading: Best AP Automation Software Australia 2026 · What a Modern AP System Needs to Do · The Real Cost of Manual AP