Clear stale iouReportID on DM chat after IOU is moved to a new workspace

[wildan-m]

Explanation of Change

In a 1:1 DM, when the recipient taps "Pay with business account" on a manual expense and cancels the bank-account setup, createWorkspaceFromIOUPayment in src/libs/actions/Policy/Policy.ts optimistically converts the IOU report into an Expense report under a new workspace and updates the old DM chat in three ways: it nullifies the old REPORT_PREVIEW, sets hasOutstandingChildRequest: false, and appends a MOVED action.

It never clears chatReport.iouReportID on the DM, so the field still points at the report that has just been moved to a different policy. When the sender then creates another expense in the same DM, getMoneyRequestInformation resolves the moved report via chatReport.iouReportID, shouldCreateNewMoneyRequestReport reuses it because it is still OPEN, and the moved expense "comes back" to the DM preview alongside the new transaction. Opening the preview shows a header from the new workspace's policy, and the newly created expense errors out because the participants/policy no longer match.

This PR extends the optimistic merge on the old DM chat to also clear iouReportID: null, and mirrors the rollback in the failure entry by restoring the prior iouReportID. With the pointer cleared, getMoneyRequestInformation no longer resolves the moved report from the DM, so a fresh IOU report is built for the next expense and the duplicate preview / mismatched header / new-transaction error all disappear.

This mirrors the precedent already set by other flows that remove an IOU report from a DM:

• src/libs/actions/IOU/PayMoneyRequest.ts clears iouReportID on payment success.
• submitReport in src/libs/actions/IOU/index.ts clears it when a report is submitted to a workspace.
• DeleteMoneyRequest.ts clears it when the last transaction on a DM's IOU report is deleted.

createWorkspaceFromIOUPayment was simply missing the equivalent step. The change is scoped entirely to the optimistic/failure onyxData built inside that function — its only caller is src/components/KYCWall/BaseKYCWall.tsx, which is unaffected.

Fixed Issues

$ #81636
PROPOSAL: #81636 (comment)

Tests

Test data setup:

• Two test accounts, User A (sender) and User B (recipient), neither with a paid workspace.
• Both accounts must have USD set as their default currency under Settings → Preferences → Default currency. The "Pay with business account" option is gated by IOU currency; with mismatched or non-USD defaults the menu may not surface for User B.
• Sign in as both in two separate browsers/devices, or use one browser with multi-account.

Steps:

1. As User A, open the 1:1 DM with User B and create a manual expense addressed to User B (any small amount, any merchant). Send it.
2. As User B, open the same DM and the new expense, then tap Pay with business account.
3. In the bank-account setup screen that opens, tap Cancel / close / back out without completing the setup.
4. Verify the moved-to-workspace flow completes: the DM shows a "moved this report to the workspace chat" system message, and the original report preview disappears from the DM.
5. As User A, return to the same DM and create a second manual expense addressed to User B (any small amount, any merchant).
6. Verify the DM now shows only the new expense's report preview — the previously-moved expense does NOT re-appear in the DM preview.
7. Tap the new report preview and verify it opens a report whose header shows User A's personal space (not User B's new workspace).
8. Verify no error message appears when interacting with the new expense.
9. Verify no errors appear in the JS console.

Offline tests

1. Repeat steps 1-3 above while online to set up a moved IOU report.
2. Go offline and perform step 5 (create a second expense as User A).
3. Verify the offline UI shows only the new expense in the DM preview (not the previously-moved one), and the new report opens against User A's personal space.
4. Reconnect and verify the optimistic state stays consistent once the server response settles.

QA Steps

Same as tests.

• Verify that no errors appear in the JS console

PR Author Checklist

• I linked the correct issue in the ### Fixed Issues section above
• I wrote clear testing steps that cover the changes made in this PR
  • I added steps for local testing in the Tests section
  • I added steps for the expected offline behavior in the Offline steps section
  • I added steps for Staging and/or Production testing in the QA steps section
  • I added steps to cover failure scenarios (i.e. verify an input displays the correct error message if the entered data is not correct)
  • I turned off my network connection and tested it while offline to ensure it matches the expected behavior (i.e. verify the default avatar icon is displayed if app is offline)
  • I tested this PR with a High Traffic account against the staging or production API to ensure there are no regressions (e.g. long loading states that impact usability).
• I included screenshots or videos for tests on all platforms
• I ran the tests on all platforms & verified they passed on:
  • Android: Native
  • Android: mWeb Chrome
  • iOS: Native
  • iOS: mWeb Safari
  • MacOS: Chrome / Safari
• I verified there are no console errors (if there's a console error not related to the PR, report it or open an issue for it to be fixed)
• I followed proper code patterns (see Reviewing the code)
  • I verified that any callback methods that were added or modified are named for what the method does and never what callback they handle (i.e. toggleReport and not onIconClick)
  • I verified that comments were added to code that is not self explanatory
  • I verified that any new or modified comments were clear, correct English, and explained "why" the code was doing something instead of only explaining "what" the code was doing.
  • I verified any copy / text shown in the product is localized by adding it to src/languages/* files and using the translation method
    • If any non-english text was added/modified, I used JaimeGPT to get English > Spanish translation. I then posted it in #expensify-open-source and it was approved by an internal Expensify engineer. Link to Slack message: N/A — no copy added.
  • I verified all numbers, amounts, dates and phone numbers shown in the product are using the localization methods
  • I verified any copy / text that was added to the app is grammatically correct in English. It adheres to proper capitalization guidelines (note: only the first word of header/labels should be capitalized), and is either coming verbatim from figma or has been approved by marketing (in order to get marketing approval, ask the Bug Zero team member to add the Waiting for copy label to the issue)
  • I verified proper file naming conventions were followed for any new files or renamed files. All non-platform specific files are named after what they export and are not named "index.js". All platform-specific files are named for the platform the code supports as outlined in the README.
  • I verified the JSDocs style guidelines (in STYLE.md) were followed
• If a new code pattern is added I verified it was agreed to be used by multiple Expensify engineers
• I followed the guidelines as stated in the Review Guidelines
• I tested other components that can be impacted by my changes (i.e. if the PR modifies a shared library or component like Avatar, I verified the components using Avatar are working as expected)
• I verified all code is DRY (the PR doesn't include any logic written more than once, with the exception of tests)
• I verified any variables that can be defined as constants (ie. in CONST.ts or at the top of the file that uses the constant) are defined as such
• I verified that if a function's arguments changed that all usages have also been updated correctly
• If any new file was added I verified that:
  • The file has a description of what it does and/or why is needed at the top of the file if the code is not self explanatory
• If a new CSS style is added I verified that:
  • A similar style doesn't already exist
  • The style can't be created with an existing StyleUtils function (i.e. StyleUtils.getBackgroundAndBorderStyle(theme.componentBG))
• If new assets were added or existing ones were modified, I verified that:
  • The assets are optimized and compressed (for SVG files, run npm run compress-svg)
  • The assets load correctly across all supported platforms.
• If the PR modifies code that runs when editing or sending messages, I tested and verified there is no unexpected behavior for all supported markdown - URLs, single line code, code blocks, quotes, headings, bold, strikethrough, and italic.
• If the PR modifies a generic component, I tested and verified that those changes do not break usages of that component in the rest of the App (i.e. if a shared library or component like Avatar is modified, I verified that Avatar is working as expected in all cases)
• If the PR modifies a component related to any of the existing Storybook stories, I tested and verified all stories for that component are still working as expected.
• If the PR modifies a component or page that can be accessed by a direct deeplink, I verified that the code functions as expected when the deeplink is used - from a logged in and logged out account.
• If the PR modifies the UI (e.g. new buttons, new UI components, changing the padding/spacing/sizing, moving components, etc) or modifies the form input styles:
  • I verified that all the inputs inside a form are aligned with each other.
  • I added Design label and/or tagged @Expensify/design so the design team can review the changes.
• If a new page is added, I verified it's using the ScrollView component to make it scrollable when more elements are added to the page.
• I added unit tests for any new feature or bug fix in this PR to help automatically prevent regressions in this user flow.
• If the main branch was merged into this PR after a review, I tested again and verified the outcome was still expected according to the Test steps.

Screenshots/Videos

Android: Native

Kapture.2026-05-15.at.06.53.17.mp4

Android: mWeb Chrome

Kapture.2026-05-15.at.06.56.57.mp4

iOS: Native

Kapture.2026-05-15.at.06.13.36.mp4

iOS: mWeb Safari

Kapture.2026-05-15.at.06.33.52_compressed.mp4

MacOS: Chrome / Safari

Kapture.2026-05-15.at.06.02.44.mp4

[wildan-m]

@jayeshmangwani in account B, can you see "Pay with bank account" option? mine only show "Mark as Paid"

[wildan-m]

@cristipaval @jayeshmangwani this PR's optimistic clear works for the receiver (the one tapping "Pay with business account"), but the bug still reproduces from the sender's side because the move event pushed to the sender doesn't
include iouReportID: null on the parent DM. The sender's DM keeps pointing at the moved report, so a new expense created there attaches to it and the duplicate-preview bug returns.

I verified locally: manually merging {iouReportID: null} into the sender's DM and then submitting a fresh expense correctly routes it to a brand-new IOU report.

Could the BE include iouReportID: null in the CreateWorkspaceFromIOUPayment response's onyxData — specifically on the old DM chat report (the one whose IOU just got moved to the new workspace), so the cleared
pointer reaches the sender too? PayMoneyRequest, submitReport, and DeleteMoneyRequest already do the equivalent on the parent chat when their flow removes the IOU.

[cristipaval]

hey @wildan-m, yes, it makes a lot of sense to clear out that iouReportID from the backend. I'll open a backend PR

[wildan-m]

@cristipaval any updates?

[cristipaval]

@cristipaval any updates?

Hmm.. it looks like the backend PR is still awaiting review. I'll bump the internal engineer

[cristipaval]

Hey @wildan-m, the backend fix has been deployed.

[melvin-bot]

@jayeshmangwani Please copy/paste the Reviewer Checklist from here into a new comment on this PR and complete it. If you have the K2 extension, you can simply click: [this button]

[wildan-m]

@cristipaval works fine, thanks!

[jayeshmangwani]

Reviewer Checklist

• I have verified the author checklist is complete (all boxes are checked off).
• I verified the correct issue is linked in the ### Fixed Issues section above
• I verified testing steps are clear and they cover the changes made in this PR
  • I verified the steps for local testing are in the Tests section
  • I verified the steps for Staging and/or Production testing are in the QA steps section
  • I verified the steps cover any possible failure scenarios (i.e. verify an input displays the correct error message if the entered data is not correct)
  • I turned off my network connection and tested it while offline to ensure it matches the expected behavior (i.e. verify the default avatar icon is displayed if app is offline)
• I checked that screenshots or videos are included for tests on all platforms
• I included screenshots or videos for tests on all platforms
• I verified that the composer does not automatically focus or open the keyboard on mobile unless explicitly intended. This includes checking that returning the app from the background does not unexpectedly open the keyboard.
• I verified tests pass on all platforms & I tested again on:
  • Android: HybridApp
  • Android: mWeb Chrome
  • iOS: HybridApp
  • iOS: mWeb Safari
  • MacOS: Chrome / Safari
• If there are any errors in the console that are unrelated to this PR, I either fixed them (preferred) or linked to where I reported them in Slack
• I verified proper code patterns were followed (see Reviewing the code)
  • I verified that any callback methods that were added or modified are named for what the method does and never what callback they handle (i.e. toggleReport and not onIconClick).
  • I verified that comments were added to code that is not self explanatory
  • I verified that any new or modified comments were clear, correct English, and explained "why" the code was doing something instead of only explaining "what" the code was doing.
  • I verified any copy / text shown in the product is localized by adding it to src/languages/* files and using the translation method
  • I verified all numbers, amounts, dates and phone numbers shown in the product are using the localization methods
  • I verified any copy / text that was added to the app is grammatically correct in English. It adheres to proper capitalization guidelines (note: only the first word of header/labels should be capitalized), and is either coming verbatim from figma or has been approved by marketing (in order to get marketing approval, ask the Bug Zero team member to add the Waiting for copy label to the issue)
  • I verified proper file naming conventions were followed for any new files or renamed files. All non-platform specific files are named after what they export and are not named "index.js". All platform-specific files are named for the platform the code supports as outlined in the README.
  • I verified the JSDocs style guidelines (in STYLE.md) were followed
• If a new code pattern is added I verified it was agreed to be used by multiple Expensify engineers
• I verified that this PR follows the guidelines as stated in the Review Guidelines
• I verified other components that can be impacted by these changes have been tested, and I retested again (i.e. if the PR modifies a shared library or component like Avatar, I verified the components using Avatar have been tested & I retested again)
• I verified all code is DRY (the PR doesn't include any logic written more than once, with the exception of tests)
• I verified any variables that can be defined as constants (ie. in CONST.ts or at the top of the file that uses the constant) are defined as such
• If a new component is created I verified that:
  • A similar component doesn't exist in the codebase
  • All props are defined accurately and each prop has a /** comment above it */
  • The file is named correctly
  • The component has a clear name that is non-ambiguous and the purpose of the component can be inferred from the name alone
  • The only data being stored in the state is data necessary for rendering and nothing else
  • For Class Components, any internal methods passed to components event handlers are bound to this properly so there are no scoping issues (i.e. for onClick={this.submit} the method this.submit should be bound to this in the constructor)
  • Any internal methods bound to this are necessary to be bound (i.e. avoid this.submit = this.submit.bind(this); if this.submit is never passed to a component event handler like onClick)
  • All JSX used for rendering exists in the render method
  • The component has the minimum amount of code necessary for its purpose, and it is broken down into smaller components in order to separate concerns and functions
• If any new file was added I verified that:
  • The file has a description of what it does and/or why is needed at the top of the file if the code is not self explanatory
• If a new CSS style is added I verified that:
  • A similar style doesn't already exist
  • The style can't be created with an existing StyleUtils function (i.e. StyleUtils.getBackgroundAndBorderStyle(theme.componentBG)
• If the PR modifies code that runs when editing or sending messages, I tested and verified there is no unexpected behavior for all supported markdown - URLs, single line code, code blocks, quotes, headings, bold, strikethrough, and italic.
• If the PR modifies a generic component, I tested and verified that those changes do not break usages of that component in the rest of the App (i.e. if a shared library or component like Avatar is modified, I verified that Avatar is working as expected in all cases)
• If the PR modifies a component related to any of the existing Storybook stories, I tested and verified all stories for that component are still working as expected.
• If the PR modifies a component or page that can be accessed by a direct deeplink, I verified that the code functions as expected when the deeplink is used - from a logged in and logged out account.
• If the PR modifies the UI (e.g. new buttons, new UI components, changing the padding/spacing/sizing, moving components, etc) or modifies the form input styles:
  • I verified that all the inputs inside a form are aligned with each other.
  • I added Design label and/or tagged @Expensify/design so the design team can review the changes.
• If a new page is added, I verified it's using the ScrollView component to make it scrollable when more elements are added to the page.
• For any bug fix or new feature in this PR, I verified that sufficient unit tests are included to prevent regressions in this flow.
• If the main branch was merged into this PR after a review, I tested again and verified the outcome was still expected according to the Test steps.
• I have checked off every checkbox in the PR reviewer checklist, including those that don't apply to this PR.

Screenshots/Videos

Android: HybridApp

Android-1.mov

Android: mWeb Chrome

mweb-chrome-1.mov

iOS: HybridApp

iOS-1.mov

iOS: mWeb Safari

mweb-safari-1.mov

MacOS: Chrome / Safari

web-1.mov

[jayeshmangwani]

LGTM 🚀

[melvin-bot]

@cristipaval looks like this was merged without a test passing. Please add a note explaining why this was done and remove the Emergency label if this is not an emergency.

[cristipaval]

it was all green

[OSBotify]

✋ This PR was not deployed to staging yet because QA is ongoing. It will be automatically deployed to staging after the next production release.

[github-actions]

🚧 @cristipaval has triggered a test Expensify/App build. You can view the workflow run here.

[github-actions]

🧪🧪 Use the links below to test this adhoc build on Android, iOS, and Web. Happy testing! 🧪🧪
Built from App PR #89551.

Android 🤖	iOS 🍎
❌ FAILED ❌	https://ad-hoc-expensify-cash.s3.us-east-1.amazonaws.com/rock-artifacts/ad-hoc/rock-ios-device-AdHoc-1b5fd75-d1139c3-6c49afbd1e8a9ed1fb01f1863829e2e328f4c726/index.html
The QR code can't be generated, because the Android build failed

Web 🕸️
https://89551.pr-testing.expensify.com

---

👀 View the workflow run that generated this build 👀

[OSBotify]

🚀 Deployed to staging by https://github.com/cristipaval in version: 9.3.80-0 🚀

platform	result
🕸 web 🕸	success ✅
🤖 android 🤖	success ✅
🍎 iOS 🍎	success ✅

Bundle Size Analysis (Sentry):

• Android
• iOS

[MelvinBot]

No help site changes required.

This PR is a bug fix that clears a stale iouReportID on DM chats after an IOU report is moved to a new workspace. The changes are limited to internal Onyx optimistic/failure data management in Policy.ts and a corresponding unit test. No user-facing features, workflows, UI elements, or settings were added or changed.

[OSBotify]

🚀 Deployed to production by https://github.com/luacmartins in version: 9.3.81-2 🚀

platform	result
🕸 web 🕸	success ✅
🤖 android 🤖	success ✅
🍎 iOS 🍎	success ✅