AI + ERP

AI Agents on Your GL: Safety Controls That Actually Work

Patrick Xie, del.ai·2026-06-29·1/10

Secure AI Agent Integration: Engineering Hours by ERP

Scope: GL read + write-back + audit log + rollback · mid-market implementation

NetSuite (closed API + SuiteScript)
$340k
SAP Business One (partial SDK)
$290k
Dynamics 365 BC
$200k
Odoo (open source, native access)
$40k

usedel.ai · Figures in USD thousands

Disclosure: del.ai builds and sells AI agents for Odoo ERP. We have a direct commercial interest in the claims this article makes. Where we cite internal data, we note the source and sample size.

Yes, del.ai agents touch your general ledger. That is not a bug; it is the only reason they are worth running. And knowing how to control AI agents in ERP finance (specifically, which actions are gated at the architecture level, which require human sign-off, and which can never auto-execute) is the right question to ask before any agent gets near your books.

This article answers that question directly. Not with reassurances. With the permission model, the audit log structure, and the rollback mechanics: the way you would explain it to your Controller before a board meeting or walk through it with your SOX auditor.

The short version: agents on del.ai operate inside a four-class permission taxonomy enforced at the substrate, not the model. MONEY-MOVE class actions (journal entries, cash movements, payment approvals) cannot execute without a named human in the approval chain. Everything is logged in an immutable, SOX-ready audit trail with full pre- and post-action state. Rollback takes seconds for write-class actions, minutes for financial transactions.

That is the architecture. The rest of this article is the detail behind each layer.