Role-Based Digital Signature Workflows for Secure Authorization of Treasury Payments in ERP Systems

Abstract

Modern enterprises rely extensively on ERP‐integrated treasury management systems for handling high-value payments, liquidity operations, and inter-bank transactions. However, traditional approval mechanisms remain vulnerable to credential misuse, manual errors, and unauthorized fund releases. To address these challenges, this study proposes a multi-level, role-based digital signature workflow that integrates elliptic curve digital signatures (ECDSA) with SAP Treasury modules to ensure secure, compliant, and traceable payment authorization. The designed architecture embeds cryptographic checks at each approval stage, allowing granular control of financial roles, such as Treasurer, Cash Manager, and Financial Controller. Blockchain-based transaction anchoring further enhances data integrity by providing immutable audit trails, thereby reducing reconciliation delays and supporting regulatory compliance. The system automates exception handling, dynamically validates role hierarchies, and minimizes approval bottlenecks during peak treasury operations. Experimental analysis demonstrates significant improvements in authorization security, non-repudiation, and auditability. Overall, the proposed workflow strengthens enterprise cybersecurity posture, ensuring trusted execution of critical treasury processes within ERP ecosystems.