project-proposal-2025

ExpenseFlow

Abstract

Have you ever had to explain a suspiciously large ‘business lunch’, wonder where all your money went, or chase down friends for their share of last night’s dinner? With ExpenseFlow, budget leaks become a thing of the past and you’ll never have to play detective with your finances again. ExpenseFlow is a comprehensive expense management tool aimed at both individuals and businesses. It simplifies financial tracking, budgeting and reporting through an intuitive interface. With automated document scanning, customisable reports and real-time monitoring, ExpenseFlow empowers users to gain financial clarity and control. For businesses, it streamlines approval workflows, and ensures compliance for smarter financial decisions. For individuals, it offers easy budget management and spending analysis. Whether managing corporate finances or personal budgets, ExpenseFlow makes expense management effortless and transparent.

Author

Name: Lucas Hicks

Student number: 47440085

Functionality

The functionality that the full system should have is:

• Users
  • Create and manage a user account that stores all user information.
  • Access expense data across many devices using a single account.
  • MFA login for each user account with their preferred SSO providers.
• Friends/Groups
  • Search for and add friends using their username, QR codes and links.
  • Create and manage groups of people to split expenses for trips, festivals or general use.
  • Assign roles to different users (admin, member) in the group.
• Expenses
  • Add and categorise expenses (e.g., Food, Home, Health/Medical, etc.).
  • Set up recurring expenses (e.g., subscriptions) with automated reminders.
  • Split expenses with user/groups with custom amounts/percentages.
  • Add notes, tags and other attachments to each expense.
  • Utilise data extraction to autofill expense information (item costs, quantities, etc.) from provided attachments.
  • Add custom expense categories for better expense tracking.
• Budgeting
  • Set individual budgets for each category with daily, weekly and monthly limits.
  • Get notifications when users approach budget limits.
  • Create different budgets for different departments or projects (Business).
• Approvals (Business)
  • Create approval chains for various business expense.
  • View the approval status of each expense.
• Integration
  • Integrate with various banks to automate expense management.
  • Provides a robust API for other systems to integrate with the system.
• Audit Logging
  • For both personal and business use cases, each action completed within the system will be logged.

Scope

The scope for the project’s MVP will include:

• Users
  • Login/create account functionality through a SPA web application.
  • Data access expense data across many devices using a single account.
  • MFA login for each user account (done through a third-party provider).
• Friends/Groups
  • Search for and add friends using their username only.
  • Create and manage groups of people with their username.
• Expenses
  • Add and categorise expenses (e.g., Food, Home, Health/Medical, etc.).
  • Split expenses with user/groups with custom amounts/percentages.
  • Add notes, tags and other attachments to each expense.
  • Utilise data extraction to autofill expense information (item costs, quantities, etc.) from provided attachments.
• Budgeting
  • Set individual budgets for each category with daily, weekly and monthly limits. Approvals (Business)
  • Create an approval step for expenses with 1 approval step as opposed to a chain with many steps.
  • View the approval status of each expense.
• Audit Logging
  • Expense creation/modification will be logged.
  • Approvals will be logged.

Quality Attributes

Overview

The three chosen quality attributes deemed to be the most important are security, reliability and extensibility. However, it should be noted that the following attributes were also considered but were not ultimately chosen.

• Availability - users (especially business users) may need to use the system across many different times zones and devices, demanding the tool to be available with minimal downtime
• Interoperability - many companies use multiple different planning tools and therefore, for ExpenseFlow to be usable in business environments, it should be able to be easily integrated. This was not deemed to be as important as it is primarily focused on business use cases.
• Scalability - As more and more users join the platform, the system must be able to handle high amounts of load.

Security

Security in the context of quality attributes is a measure of how a software system remains protected from threats, unauthorised access and data breaches.

As ExpenseFlow handles financial data, including receipts, invoices and payments information, the system will be handling sensitive information. There are several laws in place (in Australia) to ensure privacy, security and transparency when handling user data (Privacy Act 1988, Consumer Data Right, etc.). As a result, security is one of the most important attributes of the system.

Testing and measuring of the system’s security can be done through penetration testing (e.g., using ZAP, or intruder), looking at authorisation and authentication success/fail rates and through regular code/security audits.

Reliability

Reliability is a measure of how a system consistently performs its intended function without failures or errors.

Since financial data directly impacts the decisions of both businesses and individuals, even minor data inconsistencies or failures can lead to significant issues for the systems users. Data inconsistencies and/or lost data can cause misreported financials for users.

To assess the system’s reliability, system consistency will be measured using metrics such as error rates. Additionally, the system’s ability to maintain correct functionality under various conditions will be closely monitored and evaluated.

Extensibility

Extensibility is a measure of how easy a system can be modified to add new features, functionalities and integrations without significant change.

This attribute is especially important for ExpenseFlow within a business use-case as often times different businesses have varying cost structures and procedures to manage their expenses. By developing the solution with this key attribute in mind, it can be ensured that the product can be easily extended to support businesses and other third party integrations (noted: this overlaps with interoperability).

Extensibility can be tested by evaluating how easily new features, modules, or integrations can be added without disrupting existing functionality. This can involve performing regression testing using automated test suites, and validating system behaviour with new features. Additionally, testing scenarios that simulate feature flag toggling or version upgrades can help ensure the stability and maintainability of the system.

Evaluation

Overview

For the MVP, the evaluation approach will be scaled to focus on critical aspects while balancing time and resource constraints.

Security

• Implement MFA in the system for user login
• Implement MFA in the system for expense approval steps
• Use an automated vulnerability scanning tool (e.g., Intruder) to identify security vulnerabilities in the system’s infrastructure.
• Measure success and failure rates for login attempts, multi-factor authentication (MFA) triggers, and SSO integrations.
• Conduct regular team code reviews to assess any new features added to the system

Reliability

• Develop a wide range of unit tests to test core functionality.
• Develop integration tests to simulate a user, later checking whether or not there are any data inconsistencies.
• Perform routine inspection of any unexpected errors

Extensibility

• Create tests to validate that extensions or modifications to the system do not break existing functionality.
• Create CI pipelines to ensure that the above tests are run frequently with every system change
• Track the number of dependencies between code modules to ensure that the system isn’t highly coupled
• Integrate a feature flag mechanism that toggles new modules/functionalities to ensure that the system reverts gracefully and that no unexpected side effects occur