firmflow. β Future Implementation Roadmap¶
Version: 2.0 | Last Updated: February 2026 | Platform Status: v1.2.0 Production-Ready
This roadmap begins from the current state of the platform (v1.2.0) which is fully deployed with authentication, document management, AI analysis, compliance tracking, e-signatures, licensing, and the new tax prep pipeline. All Phase 0β5 work from the original launch roadmap is complete. This document defines the next evolution: from a functional product to a market-dominant platform.
π Current Platform State (v1.2.0 Baseline)¶
β What Is Already Built¶
| Domain | Features |
|---|---|
| Identity | NextAuth v5, bcrypt, LDAP/AD, MFA TOTP, device binding, RBAC (5 roles) |
| Documents | Upload, vault, versioning, AI analysis, bulk ZIP download/extract, AES-256-GCM encryption |
| Clients | Full CRUD, risk scoring, portal access, CAC/TIN fields |
| Client Onboarding | 4-step wizard: KYC/CAC/SCUML β Engagement Letter β Docs β Risk Assessment |
| e-Signatures | Full Docusign-like flow: recipients, fields, signing page, events, PDF-referenced |
| Compliance | FIRS/LIRS task calendar, auto-solver AI, checklist items, filing period tracking |
| Tax Prep Pipeline | 7-stage Kanban for all 9 Nigerian tax types, FIRS deadline tracking, NGN billing |
| SmartRequestAIβ’ | 14 AI flows on Gemini 2.5 Flash, document analysis, data extractor, vault chat |
| Client Portal | Branded per-firm portal, document uploads, signature requests, share links |
| Licensing | HMAC-SHA256 signed keys, edition gates (Trial/Basic/Professional/Enterprise), seat limits |
| Payments | Paystack integration (NGN/Kobo), webhook verification, billing service |
| Resend transactional emails (invitations, resets, document requests, signatures) | |
| Audit Trail | Cryptographically chained SHA-256 audit log with tamper detection |
| User Settings | JSON preferences (theme, language, notifications, compact mode) |
| Software Integrations | Schema layer (QuickBooks, Xero, Sage, Tally, Drake, etc.) |
| Engagement Templates | ICAN-compliant letter templates with variable substitution |
| Industry Landing Pages | Accounting, Financial Services, Legal, Healthcare verticals (TODO) |
| Deployment | Docker standalone, Next.js 15, Neon PostgreSQL |
πΊοΈ Future Roadmap: Phases 6β10¶
π£ PHASE 6 β Workflow Automation & Deep Integrations¶
Target: Q2 2026 | Priority: HIGH
This phase closes the gap between task tracking and real workflow automation, and brings live data from connected accounting software.
6.1 β Software Integration Live Sync¶
Schema exists. Now build the runtime. - [ ] QuickBooks Online Pull β OAuth 2.0 connector; pull journal entries, trial balance, client master data - [ ] Xero Connector β pull invoices, bank transactions, tax codes into document requests - [ ] Sage Business Cloud β popular with mid-market Nigerian firms (manufacturing, agro) - [ ] Tally ERP Connector β REST export bridge for Tally 9.x (common in Nigerian SME manufacturing) - [ ] Scheduled Sync Jobs β cron-based polling, update
Integration.lastSyncedAtand flagsyncError- [ ] Sync Status Dashboard β/dashboard/settings/integrationsUI with last sync, health badge, reconnect
6.2 β Automated Compliance Calendar¶
- [ ] Auto-population of Tax Prep Jobs β based on client profile, auto-create recurring TaxPrepJob records for all applicable Nigerian taxes on Jan 1 of each year
- [ ] FIRS Deadline Library β hardcoded Nigerian statutory deadlines (CIT 6-month rule, VAT 21st, PAYE 10th, etc.) as a queryable constant
- [ ] Deadline Notifications β email + in-app alerts at T-30, T-14, T-7, T-1 days
- [ ] SMS Notifications β Termii.com integration for Nigerian SMS delivery (more reliable than email for some clients)
6.3 β Engagement Letter Live Builder¶
- [ ] Rich Text Editor β integRrate TipTap or ProseMirror for in-browser ICAN letter editing
- [ ] Variable Auto-Fill β auto-inject
{{clientName}},{{rcNumber}},{{tinNumber}},{{serviceScope}}from client record - [ ] Letter Preview & Print β generate PDFs using Puppeteer or
@react-pdf/renderer - [ ] Direct eSign From Builder β create signature request directly from letter builder, skipping separate flow
6.4 β Multi-Branch Office Support¶
- [ ] Branch model β extend
FirmwithBranchsub-entity (Lagos HQ, Abuja Branch, etc.) - [ ] Per-branch user assignment β staff assigned to specific branches
- [ ] Cross-branch document visibility β Partner-level: all branches; Staff: own branch only
- [ ] Branch sync reporting β expand
SyncNodeto show branch-level health
π΅ PHASE 7 β Client Portal 2.0¶
Target: Q3 2026 | Priority: HIGH
Upgrade the client-facing portal from a document drop zone to a full self-service client experience.
7.1 β Client Dashboard¶
- [ ] Client home page β show pending document requests, unsigned letters, upcoming filings
- [ ] Filing history β list of all completed tax filings with dates and references
- [ ] Status cards β clear "Action Required" vs. "All Clear" status per filing type
7.2 β Client Messaging¶
- [ ] Secure in-app messaging β threaded messages between firm and client (no email needed)
- [ ] Message model β
Messagetable withfirmId,clientId,sentById,body,attachments - [ ] Unread badge β real-time unread count in portal header (polling or WebSocket)
7.3 β Client Mobile App (React Native)¶
- [ ] Evaluate Expo-based React Native app sharing components with portal
- [ ] Push notifications via FCM (infrastructure already in place)
- [ ] Document upload from phone camera (passport, utility bill, bank statement)
- [ ] In-app signing for engagement letters
7.4 β Client Onboarding Self-Service¶
- [ ] Client self-onboard link β email invite with magic link, client fills in company details
- [ ] CAC lookup API β integrate CAC Public Search API to auto-verify
rcNumber - [ ] FIRS TIN Lookup β integrate FIRS TIN verification endpoint (when available)
π’ PHASE 8 β AI Intelligence Layer Expansion¶
Target: Q3βQ4 2026 | Priority: MEDIUM-HIGH
Deepen the AI from document analysis to decision intelligence.
8.1 β Predictive Compliance Risk¶
- [ ] Cross-client pattern analysis β identify which clients have historically missed filing deadlines (firm-level aggregation, no cross-firm data)
- [ ] Risk score trend β track
RiskProfilescores over time, alert when trending upward - [ ] At-risk client list β dashboard widget: "3 clients likely to miss Q3 VAT deadline"
8.2 β Tax Computation Engine¶
- [ ] CIT Calculator β automated Companies Income Tax computation from P&L data
- [ ] PAYE Calculator β monthly payroll tax with graduated bands (current FIRS rates)
- [ ] VAT Reconciliation β match input vs output VAT from connected accounting data
- [ ] Education Tax (EDT) β 2% of assessable profit auto-computed
- [ ] WHT Register β track withholding tax deducted from/to vendors and clients
8.3 β AI-Powered Firm Analytics¶
- [ ] Revenue Velocity β track billing NGN per client per month across firm
- [ ] Staff Utilization β track which staff members handle most jobs (via
TaxPrepJob.assignedToId) - [ ] Deadline Compliance Rate β % of jobs filed before FIRS deadline per quarter
- [ ] AI Insights Report β monthly AI-generated firm performance report (PDF export)
8.4 β Document Intelligence Upgrades¶
- [ ] Batch OCR β extract text from scanned PDFs (non-digital CAC certificates, tax receipts)
- [ ] Duplicate Detection β flag when the same document is uploaded twice by content hash
- [ ] Document Expiry Tracking β flag TIN certificates, CAC annual returns, insurance docs that are about to expire
- [ ] Private LLM Option β allow Enterprise firms to route AI through a self-hosted Ollama model (zero cloud dependency)
π‘ PHASE 9 β Industry Vertical Products¶
Target: Q4 2026 | Priority: MEDIUM
9.1 β Legal Practice Module¶
- [ ] Matter management β
Mattermodel: case name, court, jurisdiction, status - [ ] Document privilege flag β
isPrivilegedboolean on Document; only visible to designated roles - [ ] Court deadline calendar β separate from tax calendar; Nigerian court dates
- [ ] Legal industry landing page (
/industries/legal)
9.2 β Financial Services Module¶
- [ ] KYC Document Management β dedicated document category for Know Your Customer files
- [ ] CBN Reporting Templates β pre-built document request templates aligned to CBN KYC requirements
- [ ] AMCON compliance tracking β regulatory filing tracker for financial institutions
- [ ] Financial Services landing page (
/industries/financial-services)
9.3 β Healthcare Practice Module¶
- [ ] PHI document classification β
isProtectedHealthInfoflag on Document model - [ ] PHI Audit Log β stricter, separate access log for any PHI document access
- [ ] NDPA patient data retention policies β configurable per-category retention schedules
- [ ] Healthcare landing page (
/industries/healthcare)
9.4 β Industry Landing Pages (all 4 verticals)¶
- [ ]
/industries/accounting-taxβ strengthen with FIRS/ICAN messaging - [ ]
/industries/financial-servicesβ CBN/AMCON/KYC messaging - [ ]
/industries/legalβ privilege, matter management, court deadlines - [ ]
/industries/healthcareβ NDPA, PHI, patient data sovereignty
β« PHASE 10 β Enterprise Scale & Pan-African Expansion¶
Target: 2027 | Priority: STRATEGIC
10.1 β Document Retention Policy Engine¶
- [ ] RetentionPolicy model β configurable per category: "Tax records: 7 years", "KYC: 5 years", "PHI: 10 years"
- [ ] Retention UI β
/dashboard/settingsβ "Retention" tab for admins - [ ] Scheduled Purge Jobs β flag and queue expired documents, send admin notification before deletion
- [ ] NDPA Compliance Report β exportable data retention status report
10.2 β White-Label & Reseller Program¶
- [ ] Custom domain per firm β serve portal at
clients.abcaccounting.com - [ ] Full white-label branding β firm logo, colors, domain; no firmflow. branding visible
- [ ] Reseller license tier β allows a large firm to sub-license firmflow. seats to smaller affiliate firms
- [ ] Reseller admin portal β manage child firms, generate sub-licenses
10.3 β Pan-African Localization¶
- [ ] Ghana GRA compliance β add Ghana Revenue Authority filing categories
- [ ] Kenya KRA compliance β add Kenya Revenue Authority categories (VAT, PAYE, corporate tax)
- [ ] South Africa SARS β localization for South African Revenue Service
- [ ] Multi-currency billing β NGN, GHS, KES, ZAR
- [ ] Locale-aware date formatting β regional date formats throughout UI
10.4 β Advanced Security Features¶
- [ ] IP allowlist β firms can restrict login to specific office IP ranges
- [ ] Session analytics β map concurrent sessions, detect anomalies
- [ ] Zero-Knowledge Encryption opt-in β client-side encryption so even firmflow. cannot decrypt stored files
- [ ] SOC 2 Type II certification β formal audit readiness for enterprise procurement
- [ ] ISO 27001 alignment guide β documentation mapping firmflow. controls to ISO 27001 Annex A
10.5 β Platform API (Public)¶
- [ ] Public API v1 β REST API for third-party integrations (with API key auth already built)
- [ ] Webhook subscriptions β allow external systems to subscribe to firmflow. events (document.uploaded, signature.completed)
- [ ] API documentation site β Swagger/OpenAPI spec + interactive docs
- [ ] Developer SDK β TypeScript/JavaScript SDK for API consumers
π Consolidated Timeline¶
| Phase | Theme | Target | Priority | Status |
|---|---|---|---|---|
| 0 | Foundation Hardening | β Done | β | π’ Complete |
| 1 | Identity & Data Layer | β Done | β | π’ Complete |
| 2 | Document & AI Features | β Done | β | π’ Complete |
| 3 | Licensing & Commerce | β Done | β | π’ Complete |
| 4 | On-Prem Packaging | β Done | β | π’ Complete |
| 5 | Pre-Launch Validation | β Done | β | π’ Complete |
| 6 | Workflow Automation & Integrations | Q2 2026 | π΄ HIGH | π² Planned |
| 7 | Client Portal 2.0 | Q3 2026 | π΄ HIGH | π² Planned |
| 8 | AI Intelligence Layer | Q3βQ4 2026 | π MEDIUM-HIGH | π² Planned |
| 9 | Industry Vertical Products | Q4 2026 | π‘ MEDIUM | π² Planned |
| 10 | Enterprise Scale & Africa Expansion | 2027 | π΅ STRATEGIC | π² Planned |
π Immediate Next Actions (Q2 2026 Sprint 1)¶
Execute these in the first two-week sprint of Phase 6:
- Integration Live Sync β build QuickBooks OAuth flow and first sync endpoint
- FIRS Deadline Constants β create
src/lib/firs-calendar.tswith all statutory deadlines hardcoded - Auto-populate Tax Prep Jobs β cron-compatible API route that creates jobs from client profiles
- Engagement Letter Builder β integrate TipTap editor for rich-text letter editing
- Industry Landing Pages β create all 4 vertical pages (low effort, high marketing impact)
- SMS Notifications β integrate Termii.com for Nigerian compliance deadline SMS alerts
π‘ Strategic Priorities¶
Why Phase 6 First?¶
Integration sync and workflow automation directly reduce the manual labour of the accountants using firmflow. Every hour saved per client is a measurable ROI. This is what converts trial firms to long-term licensees, and what generates upsell pressure from Basic β Professional β Enterprise editions.
Why Client Portal 2.0 Matters¶
The client portal is the only part of firmflow. that the firm's clients ever see. It is the shop window. A rich, mobile-ready client experience differentiates firmflow. from paper-based workflows and WhatsApp document collection (still dominant in Nigerian practices).
The AI Moat¶
SmartRequestAIβ’ trained on Nigerian tax scenarios is impossible for a generic SaaS to replicate quickly. Each new AI flow (tax computation, predictive compliance, batch OCR) deepens this moat. Invest heavily in Phases 8 flows before competitors catch up.
Pan-African > West-African¶
Nigeria is the beachhead. Ghana (GRA), Kenya (KRA), and eventually South Africa (SARS) represent the natural adjacent markets with similar colonial-era tax frameworks, English-language operations, and high smartphone penetration. Phase 10 unlocks this.