logo
Sign UpSign InTry for free
Process map · controls · benchmarks

The Payroll Process

The end-to-end payroll process, from time capture through gross-to-net calculation to disbursement and tax filing, as a BPMN map, with the roles, controls and KPI benchmarks that make it auditable.
Jack Finnegan, Founder & CEO, BA Copilot

By Jack Finnegan · Updated 22 June 2026

Get expert help

Open in editor

Payroll processing workflow

Payroll is the gross-to-net process that runs from collecting and approving time through to paying employees and depositing and filing payroll taxes: time capture, input validation, gross-pay calculation, pre-tax deductions, tax withholding (federal, state, local and FICA), post-tax deductions, run reconciliation and approval, net-pay disbursement, tax deposit/filing and GL posting. It is one of the highest-compliance-risk processes in any organisation because it touches the FLSA, IRS deposit deadlines and employee trust, so the role separation (segregation of duties) that drives the swimlanes is itself a control requirement under COSO, SOX §404 and SOC 1.

  1. Time and attendance are collected and approved at the end of the pay period.
  2. Gross pay is calculated from hours, salary and variable pay.
  3. Taxes and deductions are applied to arrive at net pay.
  4. The run is reconciled and approved; exceptions are corrected and recalculated.
  5. Net pay is disbursed and payroll taxes are filed and deposited.
Opens this exact map in the BA Copilot editor, edit it with AI, no setup.

The process in depth

The steps, key risks and controls, and the KPIs.

Steps

  1. 1. Collect and approve time and attendance

    Automatable

    At the end of the pay period, collect hours worked, overtime, paid time off and shift data from timekeeping, and have managers approve them. Under the FLSA, non-exempt employees must be paid at least minimum wage and 1.5x the regular rate for hours over 40 in a workweek, so accurate time capture is a legal requirement, not just a convenience. Handoff: employee/manager to payroll.

  2. 2. Capture changes and validate inputs

    Automatable

    Apply new hires, terminations, pay-rate changes, W-4 updates, benefit elections and garnishments, then validate against the employee master. Decision #1, exempt vs non-exempt: non-exempt employees route through hours/overtime calculation; exempt salaried employees skip overtime. Bad inputs here (a missed W-4 change, a wrong status) are a common, costly source of payroll corrections.

  3. 3. Calculate gross pay

    Automatable

    Compute gross pay from hours and salary plus variable pay (overtime, bonuses, commissions, shift differentials). For hourly workers, gross = rate x hours (with overtime at 1.5x); for salaried, gross = annual salary / pay periods. This is the start of the gross-to-net calculation.

  4. 4. Apply pre-tax deductions

    Automatable

    Subtract pre-tax deductions (401(k), HSA/FSA, Section 125 health premiums) to arrive at taxable wages. These reduce the wage base for federal and, often, state withholding, so the order of operations matters for compliance.

  5. 5. Calculate and withhold taxes

    Automatable

    Withhold federal income tax (per Form W-4 and IRS Pub 15 tables), state and local income tax, and FICA: Social Security at 6.2% and Medicare at 1.45% (employee and employer each). Employer-side payroll taxes (the matching FICA, FUTA/SUTA) are accrued here. Multi-state and local rules make this the highest-compliance-risk calculation step.

  6. 6. Apply post-tax deductions and arrive at net pay

    Automatable

    Subtract post-tax deductions (Roth contributions, wage garnishments, union dues, post-tax benefits) to reach net pay. Garnishments carry their own legal priority and caps, so they are validated separately. Net pay = gross minus pre-tax minus taxes minus post-tax.

  7. 7. Reconcile and approve the payroll run

    Automatable

    Reconcile the run: compare against the prior period, check for outliers and negative net pay, and confirm totals tie out before approval. Decision #2, reconciles and approved? Exceptions are corrected and the affected calculation is re-run; a clean run is approved. Independent review here is the key detective control. Handoff: payroll to controller/approver.

  8. 8. Disburse net pay

    Release net pay via direct deposit (ACH), cheque or pay card, and publish payslips. Funding and release should sit with someone other than whoever entered and approved the run (segregation of duties). Treasury/bank executes; the employee receives funds.

  9. 9. Deposit and file payroll taxes

    Automatable

    Deposit withheld and employer taxes on the IRS schedule (monthly or semiweekly per the lookback; next business day if $100,000+ accumulates), then file Form 941 quarterly, plus state filings, and W-2/W-3 annually. Late or short deposits draw penalties, so deadlines are non-negotiable. Handoff: payroll/treasury to IRS and state agencies.

  10. 10. Post to GL, reconcile and retain records

    Automatable

    Post the payroll journal to the general ledger, reconcile the payroll clearing/liability accounts and bank, and retain records: the FLSA requires payroll records be kept at least three years (and wage-computation records two years). Maps to the close and to audit evidence under SOC 1 / SOX.

Risks & controls

Risk
Mitigating control & framework

Misclassification and overtime errors, treating a non-exempt worker as exempt or miscalculating overtime, leading to unpaid wages and back-pay liability.

Control: Apply FLSA exempt/non-exempt tests correctly; calculate overtime at 1.5x over 40 hours/week; keep auditable time records. Missing or incorrect time punches are a frequent, costly source of payroll corrections.

FrameworkFLSA (29 USC §§206-207); 29 CFR Part 516 (recordkeeping)

Inaccurate tax calculation or withholding (wrong federal/state rates, missed W-4 changes, multi-state errors).

Control: Use current IRS Pub 15 tables and Form W-4; automate state/local rules; reconcile tax totals each run. W-4 setup errors and untimely system entry rank high in the EY cost-per-error data.

FrameworkIRS Publication 15 (Circular E); IRC withholding rules

Missed or late payroll tax deposits / filings, triggering IRS failure-to-deposit penalties.

Control: Determine the correct deposit schedule from the lookback ($50,000 threshold), observe the monthly/semiweekly deadlines and the $100,000 next-day rule, and automate deposits and Form 941/W-2 filing.

FrameworkIRS Pub 15 §11 (Depositing Taxes); IRS Topic 757

Lack of segregation of duties, one person can add an employee, run payroll and release the payment (fictitious/ghost employees, unauthorised rate changes).

Control: Split incompatible duties (master-data changes vs calculation vs approval vs disbursement vs reconciliation); enforce via role-based system access and independent run approval.

FrameworkCOSO 2013 Principle 10; SOX §404; GAO Green Book Principle 10

Direct-deposit / bank-detail change fraud (an attacker submits "new" bank details for a real employee).

Control: Out-of-band verification before any direct-deposit change; dual approval of bank-detail changes; hold the first payment on changed banking until confirmed.

FrameworkCOSO 2013 Principle 10 (control activities); SOC 1 control objectives

Inadequate records / weak controls at an outsourced provider, leaving the employer exposed on audit and compliance.

Control: Retain FLSA payroll records for at least three years; obtain and review the provider’s SOC 1 (SSAE 18) report and implement the complementary user-entity controls it assumes.

Framework29 CFR Part 516; AICPA SSAE 18 / SOC 1

KPIs & benchmarks

Payroll accuracy rate (error rate)
~80% accuracy
Industry average (≈20% error rate); ~15 corrections per pay period

Share of payroll runs/payslips processed without an error requiring correction.

EY, 2022 payroll-errors survey, 2022
Cost per error (correction)
$291 per error
$281 direct + $10 indirect; ~1 in 5 US payrolls contains an error

Average direct + indirect cost to detect and fix one payroll error.

EY, 2022 payroll-errors survey, 2022
Cost per payslip (fully loaded)
Track your own
No single clean benchmark; public sources vary by market, headcount and service model

All labour, software and overhead to produce one payslip, divided by payslip volume.

Payroll cost-pricing practitioner guide (Cercli; directional)
Time to run payroll
≤15 minAutomated
vs ~5 hours avg

Elapsed processing time to complete one payroll run.

Lift HCM / ADP payroll software ROI article
% of payroll automated
26.2% still manual
Share of global organisations still relying heavily on manual payroll processes

Share of organisations / processing that runs without manual handling.

Global Payroll Agility Report 2025, 2024-2025
On-time payment rate
Near-perfect targetPractitioner
Not a measured figure; 32% of teams need 2+ cycles to fix an error (ADP)

Share of pay runs completed and paid on or before the scheduled pay date.

ADP, The potential of payroll in 2024: Global payroll survey, 2024

Thinking about automating Payroll?

See which steps can be automated, and what each one saves.

See what to automate
Best-in-class benchmarks
Time to run payroll
~5 hoursto≤15 min
manual to automated(Lift HCM / ADP payroll software ROI article)
Payroll error rate
~1 in 5toCaught early
manual (ey) to pre-run check(EY, 2022 payroll-errors survey)

Get it built for you

Don't want to build the Payroll automation yourself? We personally match you to a vetted automation specialist who builds it for you, scoped to your systems and volume.

Vendor-neutral
Vetted automation specialist

Hands-on with finance & back-office tooling; they scope, build, and hand over the working automation.

Matched to your stack

We match on your ERP / systems, process volume, and timeline, not a generic agency pool.

You stay in control

Fixed scope agreed up front. No long-term lock-in; you own the result.

Frequently asked questions

What are the steps in the payroll process?

Collect and approve time, capture and validate input changes, calculate gross pay, apply pre-tax deductions, calculate and withhold taxes (federal, state, local and FICA), apply post-tax deductions to reach net pay, reconcile and approve the run, disburse net pay, deposit and file payroll taxes, and post to the GL and retain records.

What is gross-to-net in payroll?

Gross-to-net is the calculation from gross pay to take-home pay: start with gross (salary or hours x rate plus overtime and variable pay), subtract pre-tax deductions, withhold federal/state/local income tax and FICA (Social Security 6.2%, Medicare 1.45%), then subtract post-tax deductions. The result is net pay.

Why does payroll need segregation of duties?

Because payroll moves money to people, no single person should add an employee, run payroll and release the payment. Separating those duties is a control requirement under COSO 2013 Principle 10, SOX §404 and SOC 1 reporting, and it is what makes the process swimlanes necessary.

What are the main payroll compliance requirements?

The FLSA sets minimum wage, overtime (1.5x over 40 hours/week) and recordkeeping (payroll records kept at least three years; 29 CFR Part 516). IRS Publication 15 (Circular E) sets tax withholding and deposit deadlines, including monthly/semiweekly schedules and the $100,000 next-day deposit rule.

Related

How to automate payroll

A step-by-step guide to automating payroll time capture, calculation, tax filing and reconciliation.

Is payroll automation worth it?

Run your payslip volume through the ROI calculator against cited benchmarks.

Best payroll software

Compare Gusto, QuickBooks Payroll, ADP, Paychex and Deel on footprint fit and verified ratings.

Cosmic background pattern
Decorative rectangle pattern

Want this mapped and automated for your business?

Get a process specialist to map your real gross-to-net flow and automate it around your payroll system and tax/compliance needs, without eroding segregation of duties.

Sources

  1. EY (Ernst & Young), Cost and Risks Due to Payroll Errors: 2022 HR/Payroll Survey (508 US professionals, Dec 2022)
  2. EY survey press release: payroll errors average $291 each (Business Wire, Dec 2022)
  3. ADP, The potential of payroll in 2024: Global payroll survey (mean payroll accuracy 78%; 32% need 2+ cycles to resolve underpayments)
  4. Payslip, Payroll Automation in 2026 (Global Payroll Agility Report 2025: 26.2% still manual)
  5. US DOL, Fact Sheet #21: Recordkeeping Requirements under the FLSA
  6. 29 CFR Part 516, Records to Be Kept by Employers (FLSA recordkeeping; three-year payroll retention)
  7. US DOL, Wages and the Fair Labor Standards Act (minimum wage, overtime at 1.5x after 40 hours)
  8. IRS, Publication 15 (2026), (Circular E), Employer’s Tax Guide; Section 11 Depositing Taxes
  9. IRS, Employment Tax Due Dates (monthly vs semiweekly deposit schedules; $100,000 next-day rule)
  10. IRS, Topic no. 757, Forms 941 and 944 deposit requirements ($50,000 lookback threshold)
  11. AICPA SSAE 18 / SOC 1 reporting on controls relevant to internal control over financial reporting (payroll service providers)
  12. COSO, Internal Control – Integrated Framework (2013), Principle 10 (control activities / segregation of duties)
  13. Sarbanes-Oxley Act of 2002, §404 (internal control over financial reporting; PCAOB copy)
  14. GAO, Standards for Internal Control in the Federal Government (Green Book), GAO-14-704G, Principle 10
  15. IRS, Tax Withholding / FICA rates (Social Security 6.2%, Medicare 1.45% employee + employer)
  16. Payroll pricing / cost model practitioner guide (cost varies widely by market and service model)
  17. Lift HCM payroll software ROI article (cites Complete Payroll Solutions for ~5 hours per pay period and ADP for 75% of automated customers running payroll in 15 minutes or less)
  18. ADP, cost-benefit analysis of in-house vs outsourced payroll (directional; no single public % savings figure)
  19. Capterra product listing for Gusto (live-fetched 2026-06-22)
  20. Capterra product listing for QuickBooks Payroll (live-fetched 2026-06-22)
  21. Capterra product listing for ADP Workforce Now (live-fetched 2026-06-22)
  22. Capterra product listing for Paychex Flex (live-fetched 2026-06-22)
  23. Capterra product listing for Deel (live-fetched 2026-06-22; 4.8 rating already verified)
  24. Vendor pricing & integration pages (live-fetched 2026-06-21): gusto.com/product/pricing, ADP, Paychex, Deel, Intuit QuickBooks Payroll
  25. Tech.co, Paychex Payroll Pricing (Flex Essentials $39/mo + $5/employee; Paychex publishes no public price)