We recently implemented a desktop flow automation for processing high-value purchase requisitions that require human verification before final submission. The flow handles data extraction from legacy ERP screens, but we needed a compliance checkpoint where approvers can review extracted data, make corrections if needed, and provide explicit approval before the transaction proceeds.
Our implementation uses Power Automate desktop flows for the RPA portion, with a cloud flow triggering approval actions through Teams adaptive cards. The human-in-the-loop step captures structured approval data including reviewer comments, timestamp, and any field modifications. We also configured comprehensive audit logging to track every interaction - from initial data capture through approval decision to final submission.
The solution maintains full traceability for compliance audits while keeping the process efficient. Approvers receive notifications within 2 minutes of data extraction, and the entire flow from trigger to completion averages 8-12 minutes including human review time. Our audit logs capture approval metadata in Dataverse with retention policies aligned to regulatory requirements.
This is a solid approach for combining automation with governance controls. How are you handling the scenario where an approver needs to modify extracted data? Does the desktop flow re-execute with corrected values, or do you update the target system directly from the cloud flow?
How granular is your audit logging? We’re looking at similar requirements and need to capture not just approval decisions but also which specific fields were viewed, how long the approver spent reviewing, and any attachments they referenced. Does Power Automate provide that level of detail out of the box?
What’s your approach for handling approval timeouts? In financial processes, we can’t leave transactions pending indefinitely. Do you have escalation workflows or automatic rejections after a certain period?
We implement a three-tier timeout strategy. Initial approval request has a 4-hour SLA with Teams notification. At 3 hours, an escalation reminder goes to the approver and their backup. If no response after 4 hours, the request escalates to a manager-level approver with extended 2-hour window. After total 6 hours with no action, the transaction is automatically rejected and logged as timeout with email notification to the requester. All timeout events are captured in audit logs with escalation chain details for compliance review.
Our audit logging captures approval timestamp, decision outcome, reviewer identity, and field-level changes with before/after values. For viewing duration, we calculate the time between adaptive card delivery and response submission. Attachment tracking requires custom telemetry - we log when documents are accessed through the card’s file preview feature using Application Insights integration. The standard Power Automate run history provides execution metadata, but we supplement with custom Dataverse records for detailed compliance reporting.