Audit and isolation
Finance data is protected by two guarantees that work quietly in the background: an append-only audit trail and strict organisation isolation.
Append-only audit trail
Section titled “Append-only audit trail”Every money entry is recorded immutably, so the financial trail can never be tampered with.
- Creating or posting any money entry, invoice registration, payment, allocation, credit or debit note, advance or adjustment, writes an audit row capturing the user, action, entity and timestamp.
- A reversing or adjusting entry is itself audited and references the original entry it corrects.
- There is no way to edit or delete an audit row through the application.
- Audit rows belong to your organisation only and are never visible to another organisation.
This is why corrections are always made as reversing entries: the original entry stays on record, and the correction is fully traceable.
Organisation isolation
Section titled “Organisation isolation”Your financial records are strictly isolated. No other organisation can ever read or write your invoices, payments, balances or statements.
- A user in your organisation only ever lists, reads or totals your own invoices, payments and credit notes.
- Trying to open another organisation’s financial record by its link or id returns a “not found” result, never the record.
- Payments, allocations, credit notes and statement emails can only target your own organisation’s records.
- Exports and statements include only your organisation’s data.