OPS-SOP-034 — Approval Authority Matrix & Decision Thresholds
1. Purpose
This SOP defines who can authorize what — across financial commitments, vendor contracts, plan design decisions, compliance actions, and operational changes. It eliminates ambiguity, prevents unauthorized commitments, and ensures appropriate oversight at every decision level.
Key principle: When in doubt, escalate up one level. Never assume authority not explicitly granted in this matrix. Unauthorized commitments — especially financial — create legal and fiduciary exposure for the plan and its trustees.
2. Defined Authority Levels
| Level | Role | Scope |
|---|
| L1 — Operations | Operations Director | Routine operational decisions within approved budgets and vendor contracts |
| L2 — Finance | Finance / AP | Invoice approval and payment execution within established thresholds |
| L3 — Compliance | Compliance (Brooke's team) | Compliance sign-off on plan documents, marketing materials, regulatory filings |
| L4 — Legal Counsel | Dickinson Wright PLLC | Legal review and sign-off on contracts, plan amendments, filings |
| L5 — Primary Approver | Dr. Greg Naman (CEO) | Final authority on significant financial commitments, vendor contracts, plan changes |
| L5 — Backup Approver | Nora Naman | Payment transfer approvals only when Primary Approver unavailable |
3. Financial Approval Thresholds
| Amount | Approval Required | Notes |
|---|
| Up to $[TBD] | Operations (L1) + Finance (L2) | Routine vendor invoices within approved budget |
| $[TBD] – $[TBD] | Operations + Finance + Primary Approver (L5) | Non-routine or above-budget spend |
| Above $[TBD] | Primary Approver (L5) required; Legal Counsel review recommended | Capital commitments, new vendor contracts, plan design changes with cost impact |
| Any claims funding transfer | Primary Approver (L5); Backup Approver (Nora) for payment transfers only | Weekly Allied escrow funding, monthly trust transfers |
| Emergency spend (unbudgeted) | Primary Approver (L5) required regardless of amount | Document rationale and obtain retroactive Finance sign-off |
⚠ TBD: Dollar thresholds — Finance and Leadership to confirm specific amounts before this SOP goes active.
4. Vendor Contract Approval Matrix
| Contract Type | Required Approvals | Notes |
|---|
| New vendor (any amount) | Operations + Finance + Primary Approver + Legal Counsel review | Vendor Add form required; W-9 required; BAA required if PHI involved |
| Vendor renewal (existing contract) | Operations + Finance + Primary Approver | Legal Counsel review if terms changed materially |
| TPA agreement (Allied ASA) | Legal Counsel review + Primary Approver sign | ERISA plan-level document; each employer Plan Admin signs separately |
| PBM agreement (ProAct CIF) | Legal Counsel review + Primary Approver sign | Contracts with trust (Unity Care Solutions LLC), not individual employers |
| Stop-loss / reinsurance treaty | Legal Counsel + SRS + Primary Approver | HLRA treaty; facultative underwriting for large groups |
| Captive cell agreement (SRS) | Legal Counsel (Dickinson Wright captive counsel) + Primary Approver | Tony Greer / Kevin Doherty must review |
| Marketing/agency contracts | Operations + Primary Approver | All ad materials go through Compliance (Tessa) regardless |
| Legal engagement (new matter) | Primary Approver | Scope and budget confirmed before engagement |
5. Plan Design Decision Matrix
| Decision Type | Required Approvals | Notes |
|---|
| Annual plan design changes (benefit levels, deductibles, OOP) | Operations + Legal Counsel + Primary Approver; employer Plan Admin adopts via amendment | Triggers SMM distribution (60 days) |
| Mid-year plan amendment (material change) | Legal Counsel (draft) + Compliance + Primary Approver + each employer Plan Admin signature | ERISA formal amendment process; SMM required |
| New plan option (add a tier) | Legal Counsel + Actuarial (Davies) + Primary Approver + each employer | Allied system update required; new SBC required |
| Employer rate change | Operations (Gradient/Davies analysis) + Finance + Primary Approver | 30-day advance notice to employer |
| Stop-loss attachment point change | Legal Counsel + SRS + Jason Strain + Primary Approver | Must be coordinated with HLRA treaty renewal |
| New state expansion (employer group) | Compliance + Legal Counsel (Eric Gregory — state analysis) + Primary Approver | Stop-loss carrier licensing must be confirmed in new state |
6. Compliance & Regulatory Decision Matrix
| Decision Type | Required Approvals | Notes |
|---|
| SPD/SBC distribution (annual) | Legal Counsel review + Operations distribute | 90-day deadline from plan year start |
| Response to DOL inquiry or audit | Legal Counsel leads; Primary Approver informed immediately | Never respond to DOL without Legal Counsel involvement |
| MHPAEA comparative analysis release | Legal Counsel (Eric Gregory) prepares and certifies | 10-business-day DOL turnaround required; must be prepared in advance |
| Breach determination (HIPAA) | Legal Counsel + Operations Director; Primary Approver notified within 24h | See OPS-SOP-033 |
| Ad/marketing creative approval | Compliance (Tessa) required before any publication | <24h turnaround; same thread always; no exceptions |
| Form 5500 filing | Legal Counsel prepares; each employer Plan Admin signs | Due July 31 (or Oct 15 with extension) |
7. Escalation Rules
- Any commitment not covered by this matrix → escalate to Primary Approver before proceeding.
- Primary Approver unavailable >24 hours for urgent financial item → Backup Approver (Nora Naman) for payment transfers only; all other decisions wait or escalate to Legal Counsel.
- Disagreement between Operations and Finance → Primary Approver decides.
- Vendor pushback on contract terms → Legal Counsel reviews before any counter-offer is made.
- Regulatory enforcement action (DOL, IRS, HHS) → Legal Counsel engaged immediately; Primary Approver notified same day; no direct response without Legal Counsel.
8. References
- OPS-SOP-010 — Vendor Invoice Control & Payment Authorization
- OPS-SOP-025 — Invoice Approval Chain & Payment Tracker
- OPS-COMP-006 — Master Compliance Framework (Dickinson Wright)
- OPS-SOP-033 — BAA Registry & Breach Response