Turn expense policy gaps into savings with Toyota

Most T&E programs rely on a fundamental assumption that doesn't hold up at scale: that managers will catch policy violations before they're reimbursed. Toyota was processing over 10,000 expense reports a month, and that assumption was leaving tens of thousands of non-compliant submissions untouched. And nobody knew.

Toyota's T&E leader, Shirley Yu, has over four years in the role and a background spanning healthcare, telecom, tech, and automotive. In this on-demand webinar, she walks through exactly how Toyota uses AppZen Expense Audit to find policy gaps, sharpen their guidelines, and educate employees at scale. The result is hundreds of thousands of dollars in recovered spend, a 30% drop in repeat violations, and a T&E policy that grew from 13 pages to 16, with every addition backed by real data.

Whether you're managing a team of two auditors or relying entirely on manager review, this session shows how data from spend visibility tools can both catch violations and fix the policies that create them.

The problem with manager-only review

Before AppZen Expense Audit, Toyota had no dedicated AP or T&E audit function. Every expense report went directly to a manager for approval. Shirley describes the reality bluntly: some managers rubber-stamped everything; others scrutinized every $5 tip. There was no consistent middle ground, and no data to show what was slipping through.

The only second-level control was a threshold rule, in which expense reports over $10,000 were flagged for AP review. Before Expense Audit, that caught 2,500 reports. AppZen flagged 38,000. That's 35,500 reports that would have been processed without any secondary review, paid, gone, and unrecoverable.

The scale throws this gap into sharp relief. At over 10,000 expense reports per month across US organizations, Toyota needed something more systematic than hoping managers would catch what they'd always missed. Automated risk detection gave them the visibility to act.

How AppZen turned data into policy

Toyota's T&E policy was intentionally vague. As a Japanese company, the culture values respect for people. In practice, this means giving employees a framework and trusting their judgment, rather than a 40-page rulebook of mandates. Words like "should" and "expected to" were used deliberately, not carelessly.

The problem was that vague language produced inconsistent behavior at scale. AppZen's reporting and analytics dashboard made the patterns visible: the same flags appearing across entire organizations, not isolated incidents. That data gave Shirley's team the evidence to go back to HR and the policy team and point out that this isn't an employee problem, it's an ambiguity problem. Here's the proof.

Since implementing AppZen in April 2023, Toyota's T&E policy has grown from 13 pages to 16. Every addition was driven by data, not instinct. Learn how AI is reshaping how finance leaders approach compliance.

Real use cases from Toyota's audit program

Mileage + fuel double-dipping

Toyota's policy has always stated that the IRS mileage reimbursement rate covers wear, maintenance, and fuel. Employees cannot claim both mileage and fuel on the same report. A rule existed, but without enforcement, far too many violations went through in the first tracked year.

AppZen flagged these as same-expense violations. Employees who had "always done it this way" were now seeing their reports rejected with a direct citation from the policy. By 2025, violations dropped by 30%, and they continue to fall as behavioral patterns shift.

The policy response was straightforward: change "should not" to "cannot." One word, backed by data.

Duplicate submissions

Duplicate expenses aren't usually fraud. Most often, they're forgotten receipts. An employee submits $80 for airport parking in September, then finds the receipt in their pocket in October and submits it again. A manager reviewing the second report has no reason to remember approving the first.

AppZen caught $378,000 in duplicate submissions in 2025 alone. When a duplicate is detected, the system surfaces the original report ID, eliminating the most common employee pushback of, "This isn't a duplicate." Over the past two and a half years, Shirley estimates the total saved is approaching $1 million.

Before AppZen, 100% of duplicates were missed. After, nearly all are caught before reimbursement.

Cash line validation

For card charges, Toyota pays American Express directly and the company settles the corporate card balance, not the employee. If an employee submits an Amex charge as an out-of-pocket expense, Toyota would reimburse the employee and pay Amex, sometimes paying twice for the same transaction.

AppZen's cash line validation reads receipts, identifies the last four digits of the card used, matches it to the employee's corporate card on file, and flags the discrepancy before approval. In 2025, this saved Toyota nearly $400,000.

This risk model is particularly valuable for companies like Toyota where the payment flow is less intuitive for employees, and where the cost of missing it compounds across thousands of reports.

Non-conforming receipts

Like most T&E systems, Toyota's required an attachment for reimbursement, but it didn't verify what that attachment contained. Employees were submitting hotel reservation confirmations instead of itemized folios, or photos of their dinner group instead of receipts. As long as something was attached, the report moved forward. One employee submitted a photo of their dinner party as support for a group meal costing over $1,000. No receipt, no totals.

AppZen flags receipts where totals are unverified, line items are missing, or the document doesn't reflect actual charges. For hotel stays, Toyota requires itemization by expense type and by day, a requirement that also serves the travel services team, which uses the data to verify corporate negotiated rates with Hyatt, Marriott, and other chains.

AppZen flagged that dinner party photo, by the way. The report was rejected.

P-card vs. corporate Amex misuse

Toyota maintains two separate card programs with distinct policies: a travel card (American Express, primarily for travel-related expenses) and a P-card (for conference registrations, licenses, supplies, and group events). Using the wrong card affects volume rebates negotiated under each agreement.

AppZen surfaced three notable cases: a $78,000 hotel deposit for a conference block booked on an individual Amex card; $16,000 in MacBooks and iPads purchased at Best Buy on a personal card (flagged by AppZen's electronics detection); and a $50,000 employee recognition shopping spree that bypassed payroll, creating untracked tax implications.

In each case, the issue wasn't intent. It was a lack of clear guidance on which card applied in which situation. Data from AppZen made the training gaps visible. See how AppZen supports broader regulatory compliance programs.

Airfare and car rental upgrades

Toyota's travel policy restricts cabin class based on flight duration and job level. Economy is standard for most domestic flights. The policy implied upgrades weren't allowed, but it never said so explicitly. When employees upgraded at the kiosk for $150 and submitted the charge, it went through.

AppZen's upgrade detection, combined with a zero-dollar threshold on the "other airfare charges" expense category, now flags every upgrade automatically. The policy response added half a page of explicit guidance covering every scenario, including when upgrades are prohibited, when they require manager approval, and how to handle reimbursements if an upgrade has already been processed.

AppZen can also detect premium car rental upgrades, prepaid fuel, and satellite radio charges on car rental invoices. Toyota doesn't yet require itemized car rental receipts, but with AppZen surfacing the data on how often upgrades occur, a policy change is under consideration. Someone recently expensed a Mustang upgrade. That's the kind of specific, verifiable example that makes a policy case impossible to argue against.

When Shirley Yu joined Toyota four years ago, she was surprised to find no dedicated T&E audit function. A second-level review existed only for reports over $10,000 and caught only 2,500 reports annually. Everything else relied on manager approval alone.

Toyota began rolling out AppZen Expense Audit in April 2023, onboarding one organization at a time over six months. By end of 2023, all US organizations were live. Last year, Expense Audit flagged 38,000 reports for manual review, which was 15x the volume previously receiving a second look. And it identified over $700,000 in rejected or prevented spend through duplicate detection and cash line validation alone.

The team now runs a dedicated T&E Teams channel with weekly office hours, intranet policy updates, and campus monitors displaying recent changes. Managers receive dashboard links showing their team's submission patterns. The shift from reactive to proactive is both operational and cultural.

What you'll see in this webinar

Who should watch this webinar

Key takeaways

Continue learning

Explore more resources on AI-powered expense management and see how leading enterprises are transforming their T&E operations.