Financial controls · governance interna
Financial controls policy
8 controles internos · 6 separation of duties (current vs post-tracción) · 8 fraud prevention measures · 8 Stripe governance rules · 5 pre-revenue caveats honest disclosure. Governance financiera adaptada single-founder pre-revenue · escalable post-team-growth.
8 controles internos
Spend approval tiers
≤50€/mes auto-approve · 50-200€/mes founder review email · >200€/mes founder approval explicit + ADR si nueva categoría · audit log inmutable
Vendor payment governance
ALL vendors invoiced · NO cash payments · NO crypto · solo SEPA + tarjeta corporativa · audit log per-transaction · monthly reconciliation
Reconciliation monthly
Cada mes founder reconcilia: Stripe revenue · vendor invoices · bank statements · tax obligations · accountant review trimestral
Revenue recognition
MRR registered en mes facturación · anual prepayments deferred over 12m · cancellations + refunds tracked separately · GAAP-aligned principles
Cost classification
COGS (infra · LLM tokens) vs OPEX (salarios futuro · marketing) tracked separated · enables unit economics analysis transparente
Founder personal vs business expenses
Strict separation · personal Stripe account NEVER used business · business account NEVER used personal · documented separation
Tax compliance Spain
IVA · IRPF · Modelo 036/037 · RETA · quarterly statements vía accountant · timely filing · NEVER late · sanciones AEAT documented
Audit trail completo
Cada transacción documentada · receipt + purpose + category + approver · 7 años retention · accessible inspecciones AEAT
Separation of duties · current vs post-tracción
| Aspect | Current (pre-revenue) | Post-tracción (planned) |
|---|---|---|
| Authorize spending | Solo founder | Founder + co-founder ≥200€ · approval matrix |
| Record transaction | Founder + automated Stripe | Founder + accountant + automated |
| Reconcile accounts | Founder solo + accountant trimestral | Accountant + CFO/finance hire monthly |
| Audit + review | External accountant + ChatGPT adversarial | Internal audit + external annual |
| Asset custody | Founder solo (single signer) | Dual-signature high-value transactions |
| Vendor selection + approval | Founder + vendor onboarding checklist | Founder + advisor review high-impact vendors |
Fraud prevention · 8 measures
- NO cash transactions EVER · 100% digital audit trail
- Vendor list pre-approved · new vendor requires checklist completion (ver /vendor-onboarding-checklist)
- Unusual transaction alerts (>2x baseline) · founder reviews immediate
- Refunds require justification documented · NO blanket refunds · per-case audit
- Founder card limit controlled · prevents large unauthorized charges
- Stripe Connect (futuro) NO yet · cuando active · per-tenant balance reconciliation
- Annual external audit accountant · catches drift early · independent perspective
- ChatGPT auditor adversarial monthly · reviews patterns · flags anomalies
Stripe governance · 8 reglas
- Stripe livemode actualmente: enabled but ZERO production transactions · pre-revenue stance
- Pre-revenue commitment: PAUSE livemode hasta CIF + Modelo 036 + first real client onboarded
- Test mode usage continuo · validate flows · pricing changes · no risk real money
- Webhook signing HMAC-SHA256 · idempotency keys mandatory (ver /webhook-signing-strategy)
- Refunds tracked separate · case-by-case · audit reasoning
- Disputes managed promptly · 7 días response · evidence ready
- Tax handling automatic vía Stripe Tax · EU VAT calculated · invoices compliant
- Subscription cancellations preservadas history · re-activation paths documented
Pre-revenue caveats · 5 puntos honest
- 0 clientes pagantes actualmente · controles validan más sobre vendor spending que revenue
- Founder solo = inherent risk · mitigations: documentation + automation + external accountant
- Co-founder/CFO hire planned post-tracción primeros 5-10 clientes · dual-control activated
- Annual revenue muy bajo (test mode only) · simplifica compliance pero NO exime obligaciones
- Pendientes founder bloqueando primer cobro: Modelo 036 + RETA + pausar Stripe livemode
¿Tu finance team necesita financial controls deep-dive?
Para Enterprise procurement risk-averse · sample audit log · accountant credentials · tax compliance evidence · disponibles bajo NDA. Útil compliance procurement large-scale.