We’re experiencing a critical issue with our approval automation where high-value transaction records (>$50K) are getting stuck in pending state. The Flow Builder validation is supposed to check sensitive fields like credit_limit__c and payment_terms__c before routing to approvers, but some records bypass this validation entirely.
The approval process automation triggers correctly, but when I check the audit logs, I’m seeing incomplete field data at submission time. This is causing our finance team major delays - about 15-20 approval requests per day are affected.
Here’s the validation logic that’s failing:
IF(ISBLANK(credit_limit__c) ||
ISBLANK(payment_terms__c),
'VALIDATION_ERROR', 'PROCEED')
The records still enter the approval queue even when these fields are null. Has anyone dealt with sensitive field validation issues in Flow Builder approval processes? Need to ensure audit log monitoring captures these validation failures properly.
The ISBLANK formula you’re using won’t catch all scenarios. What if the fields contain whitespace or default values that appear populated but are functionally empty? I’d suggest using a more robust validation pattern with LEN() function to verify actual data content. Also check your field-level security settings - if the running user doesn’t have read access to those sensitive fields, the validation will always pass because it can’t evaluate the actual values. This could explain why audit logs show incomplete data.
I’m going to provide a comprehensive solution that addresses all three focus areas: sensitive field validation, approval process automation, and audit log monitoring.
Root Cause Analysis:
Your validation is failing because Flow Builder’s decision logic executes in the same transaction as record DML, but approval submission happens asynchronously. This creates a race condition where fields can be null during validation but appear populated when the approval record is created.
Solution Architecture:
- Enhanced Sensitive Field Validation in Flow:
Create a record-triggered Flow (After Save) with proper validation sequencing:
// Decision Element: Validate_Sensitive_Fields
AND(
NOT(ISBLANK(credit_limit__c)),
NOT(ISBLANK(payment_terms__c)),
LEN(TRIM(payment_terms__c)) > 0,
credit_limit__c > 0
)
- Approval Process Automation with Gating:
- Add a custom field:
Validation_Status__c (picklist: Pending, Validated, Failed)
- Flow sets this field based on validation results
- Approval process entry criteria: `Validation_Status__c = ‘Validated’
- Add a fault path in Flow that sends email alerts when validation fails
- Comprehensive Audit Log Monitoring:
- Enable Field History Tracking on all sensitive fields (credit_limit__c, payment_terms__c, Validation_Status__c)
- Create a Platform Event
Approval_Validation_Event__e that publishes validation attempts
- Build a custom audit object
Approval_Audit__c with fields:
- Flow_Interview_GUID__c
- Validation_Timestamp__c
- Field_Values_JSON__c (captures all sensitive field values)
- Validation_Result__c
- Submitted_By__c
- Flow Implementation Pattern:
// Pseudocode - Validation and Audit Flow:
1. Get Records: Fetch current record with all sensitive fields
2. Decision: Validate all required fields (formula above)
3. If VALID:
a. Create Approval_Audit__c record with field snapshot
b. Update Validation_Status__c = 'Validated'
c. Publish Approval_Validation_Event__e
d. Submit for Approval action
4. If INVALID:
a. Create Approval_Audit__c with failure details
b. Update Validation_Status__c = 'Failed'
c. Send email to record owner with missing fields
d. STOP (do not submit for approval)
Testing Protocol:
- Test with null fields, whitespace-only fields, and zero values
- Verify audit records are created before approval submission
- Confirm Field History captures all state changes
- Check that failed validations never reach approval queue
Monitoring Setup:
Create a report on Approval_Audit__c filtered by Validation_Result__c = ‘Failed’ to track validation failures. Set up a scheduled Flow that runs daily to identify records stuck in ‘Pending’ validation status for >24 hours.
This approach ensures that sensitive field validation happens before approval process automation begins, and comprehensive audit log monitoring captures every validation attempt with full context. The key is separating validation from submission and creating explicit audit trails at each step.
Additional Recommendation:
Implement a validation rule as a safety net:
AND(
ISPICKVAL(Validation_Status__c, 'Validated'),
OR(ISBLANK(credit_limit__c), ISBLANK(payment_terms__c))
)
This prevents manual approval submissions that bypass Flow validation.
Deploy these changes to sandbox first and run a full regression test with your finance team before production deployment. The audit trail will give you complete visibility into why approvals were delayed historically.
From an audit perspective, you need to implement comprehensive logging before the approval action executes. Create a custom audit object that captures the state of all sensitive fields at validation time, along with the Flow interview GUID and timestamp. This gives you a complete audit trail independent of the standard approval history. I’ve seen cases where the approval process automation starts but the validation context is lost due to transaction boundaries. Having your own audit records ensures compliance even when system logs are incomplete.