Xero has a bill approval workflow. It works. It is also far more limited than most businesses expect when they go looking for it, and the limitations are not obvious until you are 50 invoices deep and realise that the project manager just approved a AU$75,000 subcontractor payment with the same permissions they used for a AU$200 office supplies bill.
This article walks through exactly how to set up bill approvals in Xero, what the native workflow actually does, where it stops, and what to do when your business needs more than a single approval step with no threshold enforcement.
How Xero bill approval actually works
Xero does not have an “approval workflow” feature in the way most people imagine. There is no settings page where you configure routing rules or define approval chains. The approval mechanism is built into user permissions and bill statuses.
Here is how it works, step by step.
Step 1: Set up user roles correctly
The approval workflow starts in Settings > Users. Xero has three user role levels that matter for bill approval:
- Invoice Only (Draft): Can create bills, but every bill they enter lands in the Awaiting Approval queue. They cannot approve or pay bills. This is the role for AP officers or staff who enter invoices.
- Standard: Can create, view, and approve bills. A Standard user can move a bill from Awaiting Approval to Awaiting Payment. They cannot process payments.
- Adviser: Full access. Can create, approve, and pay bills. Can also bypass the Awaiting Approval queue entirely by creating a bill and approving it in the same action.
The critical setup decision: the person entering bills should hold the Invoice Only role. The person approving bills should hold Standard access. Payment access should sit with a third person or be restricted to Adviser-level users who are not the same people entering or approving bills.
This separation is your basic segregation of duties. If one person can enter, approve, and pay a bill, the approval step is decorative.
Step 2: Enter a bill for approval
When an Invoice Only user creates a bill in Xero under Business > Bills to pay > New Bill, they fill in the supplier, amounts, account codes, and tax treatment, then click Save. The bill goes into Awaiting Approval status automatically. There is no “submit for approval” button. The status assignment is driven by the user’s role, not by a setting they select.
Step 3: Approve the bill
The approver (Standard or Adviser user) navigates to Business > Bills to pay and filters by the Awaiting Approval tab. They open each bill, review the details, and click Approve. The bill moves to Awaiting Payment.
That is the entire workflow. There is no batch approval. Each bill is approved individually. There is no approval notification system beyond Xero’s standard activity feed. There are no approval comments, no rejection reasons logged, and no audit trail beyond “User X approved this bill on this date.”
What Xero’s native bill approval does
To be clear about what you get:
- Bills entered by Invoice Only users require approval before they can be paid
- One authorised user approves each bill individually
- Approved bills move to Awaiting Payment, where a separate user can process payment
- Xero records who approved the bill and when in the bill history
For a business with one AP officer, one approver, and 20 invoices a month from known suppliers, this is functional. The approver sees every bill. The volume is low enough to review each one carefully. The supplier list is stable.
What Xero’s native bill approval does not do
Here is where the gaps become material. Xero’s approval workflow does not:
Enforce approval thresholds. A Standard user can approve a AU$500 bill and a AU$150,000 bill with the same click. There is no way to configure rules like “invoices above AU$10,000 require the CFO” or “invoices above AU$50,000 require dual approval.” The delegation-of-authority policy exists in a document. Xero does not enforce it.
Route bills to different approvers. Every bill in the Awaiting Approval queue is visible to every user with Standard or Adviser access. There is no routing by supplier, category, cost centre, tracking category, or entity. The AP officer has to manually tell the right person to approve the right bill, or the approver has to know which bills are theirs.
Support multi-level approval chains. One person approves. That is the only option. Sequential approval (operations manager then CFO), parallel approval (two department heads), or conditional escalation do not exist in Xero’s native workflow.
Validate supplier bank details. If a supplier’s bank account number changes between invoices, Xero does not flag it. The bill is approved on the same screen as every other bill. Payment redirection fraud, which the ACCC reported cost Australian businesses AU$152.6 million in 2024, works by changing bank details on a legitimate-looking invoice. Xero’s approval step does nothing to catch it.
Detect duplicate invoices before approval. If the same invoice is entered twice, or a supplier resubmits with slight variations, Xero does not compare it against existing bills in the approval queue or in the ledger. The approver has to spot it manually.
Match invoices against purchase orders. If a PO was raised in Xero, the approver has to manually open the PO in another tab and compare it line by line against the bill. There is no automated matching, no variance flagging, and no exception routing.
Produce a controls-grade audit trail. Xero records that approval happened. It does not record what was checked, whether the amount was within the approver’s authority, whether any exceptions were noted, or what the supplier’s bank details were at the time of approval. For an ATO query or external audit, this trail answers “who clicked approve” but not “what controls were applied.”
What Xero does vs what you probably need
| Capability | Xero native | What most industrial businesses need |
|---|---|---|
| Basic approve/reject | Yes | Yes |
| Approval thresholds by dollar value | No | Yes - enforced, not advisory |
| Multi-level approval routing | No | Yes - sequential and parallel |
| Routing by supplier, category, or entity | No | Yes |
| Vendor bank detail validation | No | Yes - blocking flag before approval |
| Duplicate detection before approval | No | Yes - at intake, not at ledger |
| PO matching | No | Yes - two-way, line-level |
| Audit trail with control evidence | Partial - who approved, when | Full - what was checked, authority level, exceptions |
| Mobile approval | Via Xero app (limited) | Yes - full context on mobile |
| Batch operations | No | Yes |
If you are a sole trader or a two-person operation, the left column is enough. If you have multiple approvers, invoices that vary in value from AU$200 to AU$200,000, and suppliers who occasionally change bank details, the left column leaves you exposed.
The workarounds businesses use (and why they break)
Before investing in a dedicated tool, most businesses try to bridge the gaps manually. Common workarounds:
Email chains for routing. The AP officer emails specific invoices to specific approvers based on an internal policy. The approver reviews the email, logs into Xero, finds the bill, and approves it. This works at low volume. At 40 invoices a week, the email thread becomes the bottleneck. Approvers miss emails. Bills sit in the queue. Month-end becomes a scramble.
Spreadsheet threshold tracking. The AP officer maintains a spreadsheet that logs each bill, the amount, and which approver should sign off based on the delegation-of-authority policy. This is a manual control that works until the person maintaining the spreadsheet is on leave, or until the spreadsheet falls behind the actual bill queue by two days.
Verbal approvals. The site manager walks past the finance desk and says “yeah, approve that one.” No record. No evidence. No audit trail.
Each of these workarounds works for a while. None of them scale. And none of them produce evidence that the control was applied, which is what matters when something goes wrong or an auditor asks questions.
The ATO expects businesses to maintain records that demonstrate who authorised expenditure and at what level. A delegation-of-authority policy that exists only in a PDF and is enforced only by memory does not meet that standard once invoice volumes and approval complexity grow.
When to move beyond Xero’s native approval
The signals are consistent across businesses:
- A second approver is needed and there is no way to route bills to the right person
- Invoice volume passes 30-40 per week and manual routing becomes unreliable
- A duplicate invoice gets through and is paid before anyone notices
- A supplier changes bank details and no one flags it before payment
- An auditor asks how approval thresholds are enforced and the answer is “the AP officer knows the policy”
- The business adds a second Xero organisation and needs consistent controls across both
Any one of these is enough. Most businesses hit two or three before they act.
How Pulsify extends Xero’s bill approval workflow
Pulsify sits upstream of Xero. Invoices flow into Pulsify first, where they are captured, coded, validated, and routed through a configurable approval workflow. Only after approval does the bill sync to Xero as an authorised entry ready for payment.
Xero remains your ledger. Pulsify handles the approval process and the controls layer that Xero was not built to provide.
Specifically, Pulsify adds to the Xero bill approval workflow:
Threshold-enforced approval routing. Define dollar-value thresholds per role. A project manager can approve up to AU$10,000. A financial controller up to AU$50,000. Above that, it escalates to a director automatically. The system blocks an approval attempt that exceeds the approver’s limit. No workaround, no override.
Multi-level and conditional routing. Configure sequential chains, parallel approval, dual sign-off above a threshold, and routing by supplier, category, cost centre, or entity. The rules match your delegation-of-authority policy and the system enforces them.
Vendor bank detail validation. Every incoming invoice is checked against the supplier’s historical bank details. A changed BSB or account number generates a blocking flag before the invoice reaches the approval queue. The approver does not see the bill until the change has been investigated.
Duplicate detection at intake. Invoices are checked against existing records the moment they enter the system. Exact matches and near-matches are flagged and quarantined before they reach an approver.
Two-way PO matching. Pulsify compares invoices against open purchase orders at the line-item level. Variances are flagged as exceptions. Matched invoices flow through without manual comparison.
Bidirectional Xero sync. Pulsify pulls your chart of accounts, tracking categories, tax rates, and supplier list from Xero so coding is accurate from the start. Approved invoices publish directly as bills in Xero. No re-entry. No CSV import. The sync works both ways.
Complete audit trail. Every action is recorded: who captured the invoice, how it was coded, what validation checks ran, who approved it, when, and what their delegation limit was. The trail is immutable and exportable.
The result is that Xero does what it does well - recording, reconciliation, BAS, reporting - while Pulsify handles what happens before the bill reaches Xero. The approval workflow becomes a control system, not a queue to clear.
For a detailed comparison of how Pulsify stacks up against other approval workflow tools for Xero, see our comparison of the best invoice approval workflow software for Xero.
See how Pulsify works, review approval workflow capabilities, or start a free trial.
Sources: Xero Central - Add and approve a bill · ATO - Record-keeping requirements for business · ACCC - Targeting scams report
Further reading: Best Invoice Approval Workflow Software for Xero · Invoice Automation: Data Entry vs Controls · Invoice Approval Software: Native vs Dedicated Tools