Procurement runs on three jobs the agent now touches: vendor due diligence, contract redlining, and the approval cascade. Dock is the workspace where an agent posts its vendor brief, contract-risk read, and drafted requisition, and where named reviewers sign each step before money moves. The procurement suite owns the requisition, PO, and executed contract. Dock owns the interpretive trail: what the agent concluded, who approved, when.
Coupa, SAP Ariba, Ironclad, NetSuite, and Workday Strategic Sourcing stay the system of record for raw procurement data: requisitions, supplier records, contract clauses, PO state. Dock is the system of record for what the agent interprets from that data: the diligence brief, the redline recommendation, the reviewer's sign-off, the audit log. Each Dock row carries a pointer back to the platform record (coupa_requisition_id, ariba_supplier_id, ironclad_contract_id), plus agent identity, decision, reviewer, timestamp. The agent re-fetches platform data via fresh API reads when it needs current state. Dock holds the persistent interpretive layer that survives across sessions.
The diligence and approval table
| Vendor | Requisition | Ariba ID | Agent diligence note | Flags | First approver | Second approver | Status |
|---|---|---|---|---|---|---|---|
| Northwind Logistics | REQ-9821 | SUP-44120 | OFAC clear, D&B 78, refs verified | None | jordan@acme.co | cfo@acme.co | Approved |
| Helix Data | REQ-9844 | SUP-44131 | No audited financials, indemnity asymmetric | Financial, contract | sam@acme.co | pending | Held: legal |
| Bridgegate Cloud | REQ-9851 | SUP-44199 | Existing vendor, redline cuts liability cap | None | sam@acme.co | cfo@acme.co | Approved |
Each row is a hand-off contract. The agent populates the note and flags. A first approver checks the read. A second signs the irreversible side when spend or risk crosses threshold.
A worked workflow
A requisition lands in Coupa for Helix Data, a new supplier. The agent reads it, fetches the supplier record from Ariba, runs OFAC and watchlist checks, pulls the draft contract from Ironclad, and writes a diligence brief into a Dock row. The brief flags an asymmetric indemnity clause and a missing financials submission. A buyer agrees and routes to legal. Legal countersigns the redline. Only after both keys turn does the agent post the approved requisition back to Coupa and trigger the PO. Every step lives in the row's audit log. See two-key handshakes for irreversible actions on why two named humans must sign anything that moves money or paper.
Why this matters
Most procurement AI projects stall because the agent's output has nowhere durable to live. The diligence note exists only in chat. The redline sits in a draft Word file. The approval is a Slack thumbs-up. None survive an audit. None give the next agent or reviewer a stable place to start.
The cascade is the brittle part. CPOs spend most of their time on transactional work and only a slice on transformation, per the Deloitte Global CPO Survey. Agents can absorb the transactional load, but only if reads are reviewable. A row with source references and a named reviewer is reviewable. A chat transcript is not.
Procurement is a high-fraud surface. The ACFE Report to the Nations ranks unusual vendor relationships among the strongest behavioral red flags for occupational fraud. Logging the agent's diligence read against the supplier ID, with a human countersign, gives forensic teams something to trace. Benchmark research from The Hackett Group shows top performers differentiate on digital and AI deployment, not headcount, which sharpens the need for an attribution layer.
Adjacent functions follow the same pattern. See Dock for Accounting for AP and close, and Dock for Legal for contract review. The action-class framing sits in the dangerous-ops contract, the attribution side in agent audit and compliance, and the identity model in agent identity.
Start a Dock workspace for your procurement team.
FAQ
Why not let the agent push approved POs straight into Coupa? POs commit money. A platform record is irreversible once issued. Dock holds the proposed PO and the two named approvals before the agent calls the write endpoint.
Does Dock duplicate Ironclad or Ariba?
No. Ironclad keeps the contract. Ariba keeps the supplier master. Dock keeps the agent's redline, risk read, and sign-off, joined by ironclad_contract_id or ariba_supplier_id.
What stops the agent from approving its own requisitions? Action-class policy. Approvals above a configured threshold are dual-key, requiring two human identities. The agent drafts and routes. It does not turn both keys.
Where does the audit trail live for SOX review? Inside the Dock row. Every row carries agent identity, source references, each reviewer's identity and timestamp, and platform record IDs. A quarterly export is a query, not a reconstruction.