I kind of like this new system … since @alberto has already implemented it via a "Payment Queue" section in Dynalist, we have to update the "Submitting a Payment Request" documentation very soon to avoid confusing people about which process to follow.
However, let's first try this proposed process (I just did) and discuss necessary improvements:
As somebody who invoices Edgeryders, I want to be able to submit that damn invoice somehow and be done. I do not want to have to talk to the Project Manager to get her approval for the invoice, and her explicit authorization that I may create a payment queue task for it, because that means waiting for some hours or days for an answer before I'm done with submitting the invoice.
From that perspective, the option in your process of just sending the invoice to the Project Manager (who will then approve it, upload it and create a payment queue task) seems better. But it puts all the load on the project manager – exactly what we wanted to avoid with giving everyone access to FreeAgent.
What alternatives do we have? Here's my idea:
People upload their invoices to FreeAgent by themselves, and that is all they have to do to submit their invoice.
All project managers log in to FreeAgent once per week until Sunday evening and authorize invoices they find there related to their projects. This is done by adding "authorized by " to the description, so that the bills overview list already shows which bills are authorized and which are not. Dynalist can contain tasks with deadlines for each project manager, so reminder e-mails are sent before each weekly deadline (in the next version of Dynalist Companion that @anu is about to finish).
The Paying Director logs in to FreeAgent on Monday and pays the outstanding, authorized bills if there are no apparent issues with them. Similarly, weekly Dynalist notification e-mails can be sent.
This process forces Project Managers to take a look at FreeAgent weekly, which is "not necessarily a bad thing" The proposed means of expressing authorization could easily be forged as FreeAgent has no version history of bills records – but the same problem applies to payment queue tasks created in Dynalist. I do not think we need to have a tamper-proof system here at the moment, as forgery would lead to ending a relation with a contractor immediately. However if we want a tamper-proof system in the future, we can easily create one: project managers would add a TAN (a single use transaction number, as used in online banking until recently) to each authorization, and the paying director would confirm that it's a valid TAN of that project manager by looking it up in a secondary access-protected list, and then deleting it from there to prevent double use.