Enterprise Controls: RBAC, Multi-Branch, and Audit for Forwarders
Enterprise controls for freight forwarders are the governance layer of a freight platform: role-based access control down to individual fields and objects, multi-branch and multi-country structures, and a complete audit trail of every action. Zavin builds these controls into every module, so a growing forwarding group can automate operations without losing oversight.
Last updated: July 2026
- Field-level
- Access control across every object, branch, and country
- Every action
- AI and human, logged in the audit trail
- ~50%
- Routine email handled by AI — under your rules
- < 14 days
- To go live — no migration, no IT project
Automation Raises the Bar for Control
When software starts acting — replying to customers, sending quotes, creating shipments — the first question every managing director asks is the right one: who allowed that, and who can see it? An AI operating system without governance is a liability. Zavin treats enterprise controls as a core module, not an add-on negotiated into the biggest deals.
Three things work together across the whole platform: role-based access control that reaches down to individual fields, an organizational model built for multi-branch and multi-country groups, and an audit trail that records every AI action and every human edit. This page explains how each one works — and why they only work because they were built in from the start.
Role-Based Access Control, Down to the Field
Most software stops at record-level roles: you can either open something or you can't. Freight forwarding needs finer control, because the most sensitive data in the business — buy rates and margins — lives inside records that everyone needs to open to do their job.
Zavin applies permissions at the field level. The same quote record shows different things to different people:
- A pricing manager sees the full picture on a Shanghai–Rotterdam 40HC quote: buy rate, sell rate, and margin.
- A sales rep opens the same quote and sees only the sell rate — the buy side and the margin are simply not rendered.
- An operations clerk sees routing, equipment, Incoterm, and milestones, but no commercial figures at all.
- A branch accountant sees invoicing fields but cannot edit the agreed rate.
Object-Level Permissions: Who Sees Which Records
Field-level control decides what is visible inside a record. Object-level control decides which records exist for you at all. Both matter in a forwarding group, where branches often work the same trade lanes and account owners guard their customer relationships.
In Zavin, Branch A cannot read Branch B's customer contacts — a Hamburg sales team never browses the Rotterdam book of business. Shipment files, quotes, HBL and MBL documents, and rate agreements can be scoped to a branch, a country, or a named team. Head-office roles can be granted group-wide visibility for consolidated reporting without handing every branch the same reach.
Roles are defined once and enforced everywhere: in the app, in search, in reports, in exports, and in what the AI includes when it drafts an email on someone's behalf. A user who cannot see a buy rate will not find it in a spreadsheet download or an AI-written reply either.
Multi-Branch, Multi-Country by Design
Forwarding groups rarely grow as one clean company. They grow branch by branch — an office in Dubai, a joint venture in Vietnam, an acquisition in Rotterdam — each with its own customers, partners, and working habits. Zavin models that reality directly: branches and countries are first-class structures in the platform, not naming conventions in a shared database.
Each branch runs its own inboxes, quotes, and shipment files under group-wide rules. Country-level scoping keeps data partitioned where local practice or local agreements require it. Head office gets consolidated visibility — one rate database, one reporting layer, one audit trail — while each branch works its own market without seeing its neighbors' commercial details.
Onboarding a new office is not a new project. A branch is created, roles are assigned from the existing model, mailboxes are connected, and the group's rules apply from the first email. The acquisition in Rotterdam works the way the head office does — same controls, same trail, same reporting — while its commercial data stays its own.
The Audit Trail: Every AI Action, Every Human Edit
Everything that happens in Zavin is recorded: every email the AI classified, every reply it drafted or sent, every quote it priced, every shipment it created — and every human edit, approval, and override alongside it. Each entry records who acted (or which agent), what changed, and when.
That record serves three audiences. Managers use it to review the AI's work and tune automation rules with evidence rather than instinct. Compliance and finance teams use it to answer "who changed this rate and when" in seconds instead of an investigation. Enterprise IT uses it as proof that automation is governed, not loose.
Approval workflows sit on top of the trail. Quotes below a margin threshold can require sign-off before they leave the building. Specific email types can stay in drafts-only mode until a manager releases them. Escalations route to named roles, not to whoever notices first. Automation expands as confidence grows — with the trail proving every step along the way.
Data Protection Built for Enterprise Review
Customer data in Zavin is never used to train shared models. Your rates, your contacts, and your correspondence inform your own automation — not anyone else's. That line is absolute, and it is the first question most enterprise buyers ask.
Zavin supports enterprise security review processes, and a data processing agreement is available. For forwarders responding to shipper RFPs that include vendor security questionnaires, the combination of field-level access control, complete audit trails, and documented data handling gives procurement teams concrete answers instead of general assurances.
Access reviews are straightforward for the same reason. Because roles are explicit and centrally defined, an administrator can show exactly what any role can see and do — per field, per object, per branch, per country — rather than reconstructing permissions from settings scattered across a dozen tools.
Controls That Reach Every Module
Enterprise controls are not a separate admin console watching the platform from outside — they are enforced inside every module. AI Email Automation, the core of the platform, drafts replies only from data the mailbox's owner is allowed to see. Pricing & Quote Automation hides buy rates from roles that shouldn't see them. Reports respect branch scoping, so a country manager's scheduled report — delivered with an AI-written analysis — covers exactly their territory and nothing more.
This is why bolting an access-control layer onto a stack of point tools never quite works: each tool has its own idea of who a user is. In Zavin there is one identity, one role model, and one trail — from the first inbound RFQ email to the final scheduled report.
Why Legacy TMS Roles Fall Short
A legacy TMS was built for a simpler risk model: users typed data in, and roles decided which screens they could open. Field-level control is rare. Multi-country operations usually mean separate installations stitched together with exports. Audit logs, where they exist, capture database edits — not business actions a manager can actually read.
None of that anticipated AI. When software reads email and acts on it, you need permissions the AI itself obeys and a trail that explains what it did in business terms: which email, which classification, which quote, which approval. Zavin was built after that shift, so governance covers human and AI actors in one model — something a system of record retrofitted with an AI add-on cannot offer.
Live in Under 14 Days
Enterprise controls sound like an enterprise project. They aren't. Roles, branches, field-level rules, and approval thresholds are configured during onboarding, and most teams are live in under 14 days — no migration, no IT project.
Because Zavin works alongside CargoWise, Magaya, and other systems, nothing has to be ripped out to get governed automation. Start with one branch or one country, prove the model with your own traffic, and extend the same role structure as the rest of the group comes online. The controls are the same on day one as they are at fifty users — that's the point.
Connected Modules
Enterprise Controls is one module of the Zavin operating system — every module below works from the same data. See the full platform →
AI Email Automation
The core module — every action it takes runs inside your rules and lands in the trail.
Reports & Analytics
Branch-scoped reporting, delivered with an AI-written analysis.
Freight CRM
Customer records with branch- and role-scoped visibility built in.
Integrations
Works alongside CargoWise, Magaya, Gmail, and Outlook — no migration.
Enterprise Controls: Common Questions
How freight forwarders evaluate this module. Still have questions?
Your Freight Business.
Running Itself.
Zavin handles the emails, quotes, documents, and follow-ups. Your team handles the customers, the relationships, and the growth. See it working on your own shipments.
Freight forwarders & NVOCCs · No migration · No IT project · Transparent pricing