Skip to content

firmflow. β€” Future Implementation Roadmap

Version: 2.0 | Last Updated: February 2026 | Platform Status: v1.2.0 Production-Ready

This roadmap begins from the current state of the platform (v1.2.0) which is fully deployed with authentication, document management, AI analysis, compliance tracking, e-signatures, licensing, and the new tax prep pipeline. All Phase 0–5 work from the original launch roadmap is complete. This document defines the next evolution: from a functional product to a market-dominant platform.

πŸ“ Current Platform State (v1.2.0 Baseline)

βœ… What Is Already Built

Domain Features
Identity NextAuth v5, bcrypt, LDAP/AD, MFA TOTP, device binding, RBAC (5 roles)
Documents Upload, vault, versioning, AI analysis, bulk ZIP download/extract, AES-256-GCM encryption
Clients Full CRUD, risk scoring, portal access, CAC/TIN fields
Client Onboarding 4-step wizard: KYC/CAC/SCUML β†’ Engagement Letter β†’ Docs β†’ Risk Assessment
e-Signatures Full Docusign-like flow: recipients, fields, signing page, events, PDF-referenced
Compliance FIRS/LIRS task calendar, auto-solver AI, checklist items, filing period tracking
Tax Prep Pipeline 7-stage Kanban for all 9 Nigerian tax types, FIRS deadline tracking, NGN billing
SmartRequestAIβ„’ 14 AI flows on Gemini 2.5 Flash, document analysis, data extractor, vault chat
Client Portal Branded per-firm portal, document uploads, signature requests, share links
Licensing HMAC-SHA256 signed keys, edition gates (Trial/Basic/Professional/Enterprise), seat limits
Payments Paystack integration (NGN/Kobo), webhook verification, billing service
Email Resend transactional emails (invitations, resets, document requests, signatures)
Audit Trail Cryptographically chained SHA-256 audit log with tamper detection
User Settings JSON preferences (theme, language, notifications, compact mode)
Software Integrations Schema layer (QuickBooks, Xero, Sage, Tally, Drake, etc.)
Engagement Templates ICAN-compliant letter templates with variable substitution
Industry Landing Pages Accounting, Financial Services, Legal, Healthcare verticals (TODO)
Deployment Docker standalone, Next.js 15, Neon PostgreSQL

πŸ—ΊοΈ Future Roadmap: Phases 6–10

🟣 PHASE 6 β€” Workflow Automation & Deep Integrations

Target: Q2 2026 | Priority: HIGH

This phase closes the gap between task tracking and real workflow automation, and brings live data from connected accounting software.

6.1 β€” Software Integration Live Sync

Schema exists. Now build the runtime. - [ ] QuickBooks Online Pull β€” OAuth 2.0 connector; pull journal entries, trial balance, client master data - [ ] Xero Connector β€” pull invoices, bank transactions, tax codes into document requests - [ ] Sage Business Cloud β€” popular with mid-market Nigerian firms (manufacturing, agro) - [ ] Tally ERP Connector β€” REST export bridge for Tally 9.x (common in Nigerian SME manufacturing) - [ ] Scheduled Sync Jobs β€” cron-based polling, update Integration.lastSyncedAt and flag syncError - [ ] Sync Status Dashboard β€” /dashboard/settings/integrations UI with last sync, health badge, reconnect

6.2 β€” Automated Compliance Calendar

  • [ ] Auto-population of Tax Prep Jobs β€” based on client profile, auto-create recurring TaxPrepJob records for all applicable Nigerian taxes on Jan 1 of each year
  • [ ] FIRS Deadline Library β€” hardcoded Nigerian statutory deadlines (CIT 6-month rule, VAT 21st, PAYE 10th, etc.) as a queryable constant
  • [ ] Deadline Notifications β€” email + in-app alerts at T-30, T-14, T-7, T-1 days
  • [ ] SMS Notifications β€” Termii.com integration for Nigerian SMS delivery (more reliable than email for some clients)

6.3 β€” Engagement Letter Live Builder

  • [ ] Rich Text Editor β€” integRrate TipTap or ProseMirror for in-browser ICAN letter editing
  • [ ] Variable Auto-Fill β€” auto-inject {{clientName}}, {{rcNumber}}, {{tinNumber}}, {{serviceScope}} from client record
  • [ ] Letter Preview & Print β€” generate PDFs using Puppeteer or @react-pdf/renderer
  • [ ] Direct eSign From Builder β€” create signature request directly from letter builder, skipping separate flow

6.4 β€” Multi-Branch Office Support

  • [ ] Branch model β€” extend Firm with Branch sub-entity (Lagos HQ, Abuja Branch, etc.)
  • [ ] Per-branch user assignment β€” staff assigned to specific branches
  • [ ] Cross-branch document visibility β€” Partner-level: all branches; Staff: own branch only
  • [ ] Branch sync reporting β€” expand SyncNode to show branch-level health

πŸ”΅ PHASE 7 β€” Client Portal 2.0

Target: Q3 2026 | Priority: HIGH

Upgrade the client-facing portal from a document drop zone to a full self-service client experience.

7.1 β€” Client Dashboard

  • [ ] Client home page β€” show pending document requests, unsigned letters, upcoming filings
  • [ ] Filing history β€” list of all completed tax filings with dates and references
  • [ ] Status cards β€” clear "Action Required" vs. "All Clear" status per filing type

7.2 β€” Client Messaging

  • [ ] Secure in-app messaging β€” threaded messages between firm and client (no email needed)
  • [ ] Message model β€” Message table with firmId, clientId, sentById, body, attachments
  • [ ] Unread badge β€” real-time unread count in portal header (polling or WebSocket)

7.3 β€” Client Mobile App (React Native)

  • [ ] Evaluate Expo-based React Native app sharing components with portal
  • [ ] Push notifications via FCM (infrastructure already in place)
  • [ ] Document upload from phone camera (passport, utility bill, bank statement)
  • [ ] In-app signing for engagement letters

7.4 β€” Client Onboarding Self-Service

  • [ ] Client self-onboard link β€” email invite with magic link, client fills in company details
  • [ ] CAC lookup API β€” integrate CAC Public Search API to auto-verify rcNumber
  • [ ] FIRS TIN Lookup β€” integrate FIRS TIN verification endpoint (when available)

🟒 PHASE 8 β€” AI Intelligence Layer Expansion

Target: Q3–Q4 2026 | Priority: MEDIUM-HIGH

Deepen the AI from document analysis to decision intelligence.

8.1 β€” Predictive Compliance Risk

  • [ ] Cross-client pattern analysis β€” identify which clients have historically missed filing deadlines (firm-level aggregation, no cross-firm data)
  • [ ] Risk score trend β€” track RiskProfile scores over time, alert when trending upward
  • [ ] At-risk client list β€” dashboard widget: "3 clients likely to miss Q3 VAT deadline"

8.2 β€” Tax Computation Engine

  • [ ] CIT Calculator β€” automated Companies Income Tax computation from P&L data
  • [ ] PAYE Calculator β€” monthly payroll tax with graduated bands (current FIRS rates)
  • [ ] VAT Reconciliation β€” match input vs output VAT from connected accounting data
  • [ ] Education Tax (EDT) β€” 2% of assessable profit auto-computed
  • [ ] WHT Register β€” track withholding tax deducted from/to vendors and clients

8.3 β€” AI-Powered Firm Analytics

  • [ ] Revenue Velocity β€” track billing NGN per client per month across firm
  • [ ] Staff Utilization β€” track which staff members handle most jobs (via TaxPrepJob.assignedToId)
  • [ ] Deadline Compliance Rate β€” % of jobs filed before FIRS deadline per quarter
  • [ ] AI Insights Report β€” monthly AI-generated firm performance report (PDF export)

8.4 β€” Document Intelligence Upgrades

  • [ ] Batch OCR β€” extract text from scanned PDFs (non-digital CAC certificates, tax receipts)
  • [ ] Duplicate Detection β€” flag when the same document is uploaded twice by content hash
  • [ ] Document Expiry Tracking β€” flag TIN certificates, CAC annual returns, insurance docs that are about to expire
  • [ ] Private LLM Option β€” allow Enterprise firms to route AI through a self-hosted Ollama model (zero cloud dependency)

🟑 PHASE 9 β€” Industry Vertical Products

Target: Q4 2026 | Priority: MEDIUM

  • [ ] Matter management β€” Matter model: case name, court, jurisdiction, status
  • [ ] Document privilege flag β€” isPrivileged boolean on Document; only visible to designated roles
  • [ ] Court deadline calendar β€” separate from tax calendar; Nigerian court dates
  • [ ] Legal industry landing page (/industries/legal)

9.2 β€” Financial Services Module

  • [ ] KYC Document Management β€” dedicated document category for Know Your Customer files
  • [ ] CBN Reporting Templates β€” pre-built document request templates aligned to CBN KYC requirements
  • [ ] AMCON compliance tracking β€” regulatory filing tracker for financial institutions
  • [ ] Financial Services landing page (/industries/financial-services)

9.3 β€” Healthcare Practice Module

  • [ ] PHI document classification β€” isProtectedHealthInfo flag on Document model
  • [ ] PHI Audit Log β€” stricter, separate access log for any PHI document access
  • [ ] NDPA patient data retention policies β€” configurable per-category retention schedules
  • [ ] Healthcare landing page (/industries/healthcare)

9.4 β€” Industry Landing Pages (all 4 verticals)

  • [ ] /industries/accounting-tax β€” strengthen with FIRS/ICAN messaging
  • [ ] /industries/financial-services β€” CBN/AMCON/KYC messaging
  • [ ] /industries/legal β€” privilege, matter management, court deadlines
  • [ ] /industries/healthcare β€” NDPA, PHI, patient data sovereignty

⚫ PHASE 10 β€” Enterprise Scale & Pan-African Expansion

Target: 2027 | Priority: STRATEGIC

10.1 β€” Document Retention Policy Engine

  • [ ] RetentionPolicy model β€” configurable per category: "Tax records: 7 years", "KYC: 5 years", "PHI: 10 years"
  • [ ] Retention UI β€” /dashboard/settings β†’ "Retention" tab for admins
  • [ ] Scheduled Purge Jobs β€” flag and queue expired documents, send admin notification before deletion
  • [ ] NDPA Compliance Report β€” exportable data retention status report

10.2 β€” White-Label & Reseller Program

  • [ ] Custom domain per firm β€” serve portal at clients.abcaccounting.com
  • [ ] Full white-label branding β€” firm logo, colors, domain; no firmflow. branding visible
  • [ ] Reseller license tier β€” allows a large firm to sub-license firmflow. seats to smaller affiliate firms
  • [ ] Reseller admin portal β€” manage child firms, generate sub-licenses

10.3 β€” Pan-African Localization

  • [ ] Ghana GRA compliance β€” add Ghana Revenue Authority filing categories
  • [ ] Kenya KRA compliance β€” add Kenya Revenue Authority categories (VAT, PAYE, corporate tax)
  • [ ] South Africa SARS β€” localization for South African Revenue Service
  • [ ] Multi-currency billing β€” NGN, GHS, KES, ZAR
  • [ ] Locale-aware date formatting β€” regional date formats throughout UI

10.4 β€” Advanced Security Features

  • [ ] IP allowlist β€” firms can restrict login to specific office IP ranges
  • [ ] Session analytics β€” map concurrent sessions, detect anomalies
  • [ ] Zero-Knowledge Encryption opt-in β€” client-side encryption so even firmflow. cannot decrypt stored files
  • [ ] SOC 2 Type II certification β€” formal audit readiness for enterprise procurement
  • [ ] ISO 27001 alignment guide β€” documentation mapping firmflow. controls to ISO 27001 Annex A

10.5 β€” Platform API (Public)

  • [ ] Public API v1 β€” REST API for third-party integrations (with API key auth already built)
  • [ ] Webhook subscriptions β€” allow external systems to subscribe to firmflow. events (document.uploaded, signature.completed)
  • [ ] API documentation site β€” Swagger/OpenAPI spec + interactive docs
  • [ ] Developer SDK β€” TypeScript/JavaScript SDK for API consumers

πŸ“Š Consolidated Timeline

Phase Theme Target Priority Status
0 Foundation Hardening βœ… Done β€” 🟒 Complete
1 Identity & Data Layer βœ… Done β€” 🟒 Complete
2 Document & AI Features βœ… Done β€” 🟒 Complete
3 Licensing & Commerce βœ… Done β€” 🟒 Complete
4 On-Prem Packaging βœ… Done β€” 🟒 Complete
5 Pre-Launch Validation βœ… Done β€” 🟒 Complete
6 Workflow Automation & Integrations Q2 2026 πŸ”΄ HIGH πŸ”² Planned
7 Client Portal 2.0 Q3 2026 πŸ”΄ HIGH πŸ”² Planned
8 AI Intelligence Layer Q3–Q4 2026 🟠 MEDIUM-HIGH πŸ”² Planned
9 Industry Vertical Products Q4 2026 🟑 MEDIUM πŸ”² Planned
10 Enterprise Scale & Africa Expansion 2027 πŸ”΅ STRATEGIC πŸ”² Planned

πŸ† Immediate Next Actions (Q2 2026 Sprint 1)

Execute these in the first two-week sprint of Phase 6:

  1. Integration Live Sync β€” build QuickBooks OAuth flow and first sync endpoint
  2. FIRS Deadline Constants β€” create src/lib/firs-calendar.ts with all statutory deadlines hardcoded
  3. Auto-populate Tax Prep Jobs β€” cron-compatible API route that creates jobs from client profiles
  4. Engagement Letter Builder β€” integrate TipTap editor for rich-text letter editing
  5. Industry Landing Pages β€” create all 4 vertical pages (low effort, high marketing impact)
  6. SMS Notifications β€” integrate Termii.com for Nigerian compliance deadline SMS alerts

πŸ’‘ Strategic Priorities

Why Phase 6 First?

Integration sync and workflow automation directly reduce the manual labour of the accountants using firmflow. Every hour saved per client is a measurable ROI. This is what converts trial firms to long-term licensees, and what generates upsell pressure from Basic β†’ Professional β†’ Enterprise editions.

Why Client Portal 2.0 Matters

The client portal is the only part of firmflow. that the firm's clients ever see. It is the shop window. A rich, mobile-ready client experience differentiates firmflow. from paper-based workflows and WhatsApp document collection (still dominant in Nigerian practices).

The AI Moat

SmartRequestAIβ„’ trained on Nigerian tax scenarios is impossible for a generic SaaS to replicate quickly. Each new AI flow (tax computation, predictive compliance, batch OCR) deepens this moat. Invest heavily in Phases 8 flows before competitors catch up.

Pan-African > West-African

Nigeria is the beachhead. Ghana (GRA), Kenya (KRA), and eventually South Africa (SARS) represent the natural adjacent markets with similar colonial-era tax frameworks, English-language operations, and high smartphone penetration. Phase 10 unlocks this.