Agentic Expense Reporting System

An AI system that photographs receipts and auto-approves reimbursements is fast — but fragile in ways that cost real money. A single unflagged hallucination by the extraction agent writes a wrong number into the spreadsheet, and it cascades silently: the computation agent trusts it, the decision agent trusts that, and the company overpays or underpays with no component knowing anything went wrong. Auto-approving everything also ignores the parts a business actually cares about: high-value sign-off, fraud risk, and — once you expand into the EU — data-privacy obligations on personal and payment data.

Redesigned the system across six product decisions so it can ship without those risks. A confidence gate blocks low-confidence extractions before they reach the spreadsheet, killing the hallucination cascade at its source. A tiered approval gate routes by stakes — auto-pay under $500, one human approver above it, and two approvers from two different departments for high-risk expenses (large amount, reporting-line conflict, or high-fraud category). EU privacy controls add encryption in transit, EU-hosted retention-limited storage, minimal-field reads, and a no-training DPA clause on the third-party LLM. A final cost analysis shows where the agents' running costs actually concentrate. Delivered as a runnable Python package with 24 tests that pass with no API key and no network — so the design is demonstrably real, not just a diagram.