ClaimAgent: AI-Orchestrated Reimbursements

Inspiration

Anyone who has worked in a mid-size company knows the drill — you go on a business trip, collect a stack of receipts, open a spreadsheet, manually type in every line item, email it to your manager, wait two weeks, and then follow up three times before the money shows up in your account. Meanwhile on the finance side, someone is manually cross-checking every claim against a policy document, hunting for duplicates, and chasing employees for missing receipts.

We wanted to prove that this entire loop — from receipt to bank transfer — could run autonomously without anyone touching a keyboard. But we also knew that giving an LLM full authority over financial payouts was a bad idea. So the real challenge we set for ourselves was: can we combine the flexibility of AI language understanding with the rigidity of traditional corporate governance rules? That's what ClaimAgent is — a no-touch reimbursement pipeline where AI handles the fuzzy parts and deterministic code enforces the hard rules, with a human always in the loop before money moves.

What It Does

ClaimAgent takes an employee from "I have a receipt" to "money is in my account" with zero manual steps in between.

An employee either emails their receipt to a designated inbox or submits it through our web portal at reimbursement-intake.onrender.com. From that point the system takes over completely:

Ingests and Extracts — the receipt is downloaded and run through UiPath Document Understanding, which pulls out vendor, date, amount, currency, and an OCR confidence score as structured fields. Classifies and Validates — a LangGraph coded agent using gpt-4o via the UiPath LLM Gateway semantically classifies the expense type, validates the business justification in plain English, and flags potential duplicates. If the LLM returns low confidence or is unavailable, a deterministic fallback keeps the case moving. Applies Policy Rules — the claim is evaluated against category-specific spend limits, date windows, receipt requirements, and pre-approval thresholds — all driven by a single configuration file. Routes the Decision — low-risk claims under threshold are auto-approved; clear violations are rejected immediately; borderline cases go to a human reviewer via a React-based Action Center app. Pays and Closes — on approval, a Stripe PaymentIntent is created and confirmed in real time. Both the claimant and the finance team receive a polished HTML email — the approval email includes a personalized note written by the LLM, the rejection email always surfaces the reviewer's exact reason.

How We Built It

We built ClaimAgent on UiPath Maestro Case Management and divided the work into tightly scoped, independently deployable stages so the team could work in parallel without stepping on each other.

RPA and Document Understanding handle the intake side — cross-platform Portable workflows read the Gmail inbox, download attachments, upload them to an Azure Blob Storage bucket, and pass the blob path downstream. We had to refactor these from Windows-only workflows because the staging tenant runs serverless with no VM capacity.

Coded Agents in Python and LangGraph power the intelligence — Stage 3 classification uses a two-node graph: an LLM node for semantic understanding and a deterministic node that enforces the final routing decision. Stage 6 notification uses the same pattern: LLM writes a warm personalised note, deterministic code composes the full HTML email and calls Gmail via Integration Service.

API Workflows in JavaScript handle the policy evaluation and Stripe payout. These are stateless, fast, and fully testable with uip api-workflow run --no-auth locally.

A Coded Action App in React/Vite renders the HITL approval form inside UiPath Action Center — it shows expense type, risk score, and classification confidence, accepts optional reviewer notes, and emits Approve or Reject as the case outcome.

The routing decision is enforced by a deterministic policy matrix — not the LLM. Given claim amount A, category limit L_c, auto-approval threshold T_c, risk score R, duplicate flag U, and business purpose validity B:

Reject if A > L_c or duplicate detected Auto-Approve if risk is Low and A ≤ T_c and business purpose is valid and receipt is attached Manager-Review otherwise

The LLM never touches this logic. It only interprets free-text fields.

Challenges We Ran Into

Cloud licensing hit us on day one. Our Python coded agents were blocked from running serverless because the tenant showed zero AgentService capacity. We built a full offline evaluation harness using uip codedagent eval so we could validate all classification and notification logic locally while we waited to confirm the cloud license was actually active (it was — the readout was wrong).

Cross-platform RPA migration was more involved than expected. The staging tenant has no Robot Units — only Serverless Platform Units. That means every Windows RPA workflow had to be converted to Portable. We rewrote file I/O operations, replaced Windows-only activities, extracted and repackaged the compiled Document Understanding DLL as a standalone NuGet feed package, and verified everything ran clean on the Linux serverless runtime.

Upstream data was messier than the schema implied. The IDP extractor sometimes returned an empty amount field — the figure was buried in the email body as plain text. We wrote a regex backfiller that extracts amount and currency from the body when the structured field is blank. Stripe also threw 400s when metadata[reason] exceeded 500 characters and when amount was zero — we added a clip helper and a per-currency minimum charge floor to handle both gracefully.

Deploying everything as one solution surfaced a packaging gap. The uip CLI doesn't auto-generate entry-points.json or bindings_v2.json for API workflow projects — without them, Orchestrator throws error 2005 on install. We had to hand-author both files for each API workflow, which wasn't documented anywhere we could find.

Accomplishments We're Proud Of

Getting all five sub-projects — Classification Agent, Policy Check, Stripe Payout, Notification Agent, and Rejection Notifier — bundled into a single ReimbursementApiSolution that deploys and activates in one command was genuinely satisfying. A lot of hackathon projects have pieces that sort of work independently; ours runs as a unified deployed artifact on a real cloud tenant.

We're also proud of the end-to-end live validation. Job 68355379 ran on the actual hackathon tenant and completed Stages 1 through 4 in sequence — IntakeBot, ReceiptExtractor, Classification, and PolicyCheck — all Successful, all serverless. A real Stripe PaymentIntent reached succeeded status against the live Stripe API. These aren't mocked results.

The HITL experience came together better than we expected. The Action Center app renders correctly on mobile, shows risk score and confidence in plain language, and the reviewer's notes flow directly into the rejection email. The whole human approval loop works end-to-end in a browser with no installs.

What We Learned

LLMs are semantics engines, not decision engines. GPT-4o is remarkably good at reading a free-text business justification and deciding if it sounds legitimate. It is not something you want making the final call on whether £800 gets paid out. Every routing decision in ClaimAgent is made by code. The LLM's output is an input to that code, not the output of the system.

Defensive boundary engineering is not optional in distributed pipelines. Every stage had to be hardened against missing values, over-length strings, blank emails, and zero amounts — because every one of those failure modes actually happened during development. If you don't handle it, a live run will find it.

Audit traceability has to be designed in from the start. Every stage in our pipeline emits a structured JSON block that captures the inputs, outputs, and decision rationale. When we needed to debug a routing failure mid-hackathon, we could reconstruct exactly what each agent saw and decided. That would have been impossible without intentional audit design from day one.

What's Next for ClaimAgent

Fraud and anomaly detection. Rule-based duplicate detection catches exact matches. The next layer is behavioural — flagging employees who submit unusually high volumes in short windows, catching split-billing attempts designed to stay under approval thresholds, and identifying cross-department patterns that look like policy gaming.

Broader ERP integrations. Stripe in test mode proved the payout pattern works. The natural next step is wiring the same API workflow pattern into SAP Concur, Workday, and Oracle NetSuite for real enterprise disbursements. The workflow interface is already abstracted enough that swapping the payment backend is a config change, not a rewrite.

Conversational intake. Right now employees submit via web form or email. A Slack or Teams bot that lets you photograph a receipt, paste it into a chat message, and get a case ID back in 30 seconds would remove the last bit of friction. The backend already handles the rest — the intake channel is the only thing that would change.

Built With

+ 114 more
Share this project:

Updates

posted an update

Full Source Code Now Public — Try the Live Demo Too

Everything behind ClaimAgent — the Maestro Case, the agents, the intake app, the Consensus Engine, and the admin dashboard — is now open in one repo, and the app itself is live for anyone to try.

The README covers the full architecture, how to run it locally, and a walkthrough of all four Version 2 improvements (with screenshots) we've been posting about.

Source code: github.com/Subharjun/ReimbursementFullSolution-source Live demo: reimbursement-intake-v2.onrender.com

Submit a real claim on the live site and watch it move through the pipeline — intake, classification, fraud screening, policy checks, human review, and payout — end to end, no mock data.

Feel free to explore the code, try the demo, or open an issue if something's unclear — this is meant to be a real, working reference, not just a slide deck.

Log in or sign up for Devpost to join the conversation.

posted an update

Improvement 1: Receiver Email Notification

Version 1 worked — claims got processed. But feedback kept saying the same thing: the person a claim reached had no idea it had arrived until they happened to check.

So version 2 fixed it — the moment a claim reaches the concerned person, they get an automatic email. No manual follow-up, no "did you get my claim?" pings.

A small addition on paper, but it came straight from real users — and it's the difference between an automation that technically works and one that actually removes friction for the people using it.

Receiver email notification

Improvement 2: Live Status Tracker for the Submitter

Once someone submitted a claim in version 1, it disappeared into the system. This one didn't come from a complaint — it came up in our own internal discussion. We asked ourselves a simple question: if I submitted this claim, wouldn't I want to know where it is right now?

That became the live tracker in version 2. The submitter can check, in real time, exactly where their claim stands — submitted, under review, approved, paid out.

Some of the best improvements don't come from bug reports — they come from the team honestly asking what the experience is missing.

Live status tracker

Improvement 3: Customized Human-in-the-Loop Approval Email

In version 1, the human review step was clunky — reviewers had to dig through the system to find what they were even supposed to approve or reject.

The push to fix this came from a mentor's feedback, which genuinely changed how we thought about the whole thing. Version 2 gives reviewers a custom email built for that exact decision — the context is already there, with a simple Approve/Reject action.

We didn't try to remove humans from the loop; some decisions need a person's judgment. We just made it effortless for that person to make the call quickly, instead of hunting for information first.

HITL approval email

Improvement 4: Manager/Director Dashboard

Version 1 proved the automation worked. What it couldn't do was answer the question leadership actually cares about: is this saving us anything?

A mentor's feedback really reshaped our thinking here — that a working automation means little if you can't show the value behind it. That lesson became the admin dashboard in version 2, built for managers and directors, tracking:

  • Total number of claims processed
  • Time saved vs. the manual process
  • Estimated FTE (people-hours) saved
  • Overall business ROI

It turned "we built something cool" into "here's the number behind it."

Manager/director dashboard

Log in or sign up for Devpost to join the conversation.