MYOB does not enforce a delegation of authority structure for invoice approvals natively. Bills can be entered, coded, and approved by any user with the appropriate MYOB access level - there is no routing step that prevents a bookkeeper from approving a AU$60,000 subcontractor payment even when the documented policy requires director sign-off above AU$20,000. Building an audit-ready authority structure means designing the delegation policy first and then configuring MYOB and, where needed, an AP automation layer to enforce it.
The Newcastle manufacturing incident
A bookkeeper managing AP for a manufacturing business in Newcastle received a AU$38,000 subcontractor invoice for approval. Her MYOB access allowed her to approve bills at any amount. The delegation policy said invoices above AU$20,000 required CFO sign-off. Because MYOB didn’t enforce the threshold, the policy was only as reliable as her memory of it.
When a fraudulent invoice for AU$34,000 arrived - constructed to resemble a known subcontractor - it was approved and paid before the anomaly was noticed. The amount had been chosen precisely because it sat below the level that might trigger unusual scrutiny. The gap was not a lapse in judgement. It was a gap in the system: a documented threshold policy with no enforcement mechanism.
Design the matrix before opening MYOB
The most common mistake in building a delegation of authority structure is configuring the software before defining the policy. The guide to delegation of authority for Australian SMBs covers how to design the policy framework before touching any software configuration. What gets configured is then whatever MYOB’s defaults suggest rather than what the business actually needs.
The right order is: document who holds financial authority at each level, what amounts each role can approve independently, whether categories like capital expenditure or new suppliers require different routing, and who holds delegated authority when a primary approver is unavailable. That document is the delegation matrix. The MYOB configuration should reflect it - not create it.
Roles, not names, should anchor the matrix. A matrix that lists individuals needs to be updated whenever someone leaves or changes position. An approval matrix built around roles - Financial Controller, Operations Manager, CFO, Director - survives personnel changes without requiring a configuration rebuild. A typical structure for an Australian construction or wholesale SMB: AP officer for routine invoices up to AU$2,000 from approved suppliers; Operations Manager up to AU$10,000; Financial Controller up to AU$25,000; Director above that; Board resolution for capital expenditure above the threshold or amounts requiring separate approval. Map current team members to these roles in a separate document. The matrix should survive a staffing change without requiring a rebuild.
What can MYOB enforce and what can it not?
MYOB’s user role system provides the structural foundation for segregation of duties: a user can be restricted to entering bills without the ability to approve or pay, and the approver role can be separated from the payment role. A user who processes, approves, and pays invoices operates without any independent check - the condition that enables both internal fraud and error to go undetected.
What MYOB cannot enforce is the dollar-value threshold. A user with approval access can approve a AU$500 stationery invoice and a AU$120,000 capital purchase with identical permissions. The threshold policy exists in a document. The system records whatever approval occurs, at whatever amount.
For businesses where the threshold matters - most businesses above single-approver, low-volume operations - enforcing it requires either a structured manual review process (documented and regularly audited for compliance) or an AP automation layer that routes by value before bills reach MYOB. The manual approach is workable at low volumes. At 40 or more invoices per week, it relies on consistent staff vigilance in a way that creates predictable gaps under pressure.
Segregation at the payment step
The most consequential segregation of duties control is the separation between the person who approves a bill and the person who initiates payment. In MYOB, this means restricting Pay Bills access to a small named group who do not also hold invoice approval authority. If the person who approves a fraudulent or erroneous invoice can also process the payment without a second checkpoint, the approval step provides no protection - it merely records a name against a payment that is going through regardless.
Where businesses use bank feed connections for payment processing, the banking credentials should sit with a separate named individual from the bill approver. A single person with both Adviser-level access and banking credentials can approve and pay without any independent review.
What delegation gap do auditors find?
The finding that appears most frequently in Australian SMB AP audits is not that approvals didn’t happen - it’s that the approvals that happened can’t be linked to a documented authority structure. A complete audit trail must connect each approval to the delegated authority that authorised it. The auditor asks: was the AU$45,000 invoice on 14 March approved by someone who had delegated authority for that amount? The answer depends on whether a formal matrix exists, whether the system was configured to enforce it, and whether those two things match.
A delegation matrix document and a MYOB configuration that don’t match each other are both unreliable. The auditor compares them. If the policy says amounts above AU$20,000 require CFO sign-off and the MYOB access log shows a bookkeeper approving AU$38,000 bills, the finding is the same regardless of whether those payments were legitimate. Review the matrix and the system configuration together at least annually, and whenever a key approver joins or leaves.
Sources: ATO - Record-keeping requirements for business · ASBFEO - Small business resources
Further reading: Best Invoice Approval Workflow Software Australia 2026 · Invoice Workflow Software: What It Actually Needs to Do · Invoice Approval Workflow Software: What Australian Businesses Need