> It’s at what level of complexity does QA become necessary.

This is a good point. My answer would be that it depends on how many depend on the software and what is the tolerance for unintended interactions that users discover?

Based on which domain the software is written/deployed in, this answer will be different.