System Design: Expense Reimbursement with Pluggable Rules and Group Constraints

Context

Design an enterprise expense reimbursement platform where administrators can add or modify approval policies without redeploying code. The system must evaluate expenses at both item and group levels (e.g., per trip/project/report) and return explainable decisions with clear separation of item-level versus group-level reasons.

Requirements

1. Policy management and explainability

• Admins can add/modify rules (e.g., per-category caps, receipt required, merchant whitelist, per-diem by city) without code deploys.
• Support versioning, effective date windows, and immutable historical evaluation (replay) with explainable outcomes.

2. Grouping and group-level policies

• Group expenses by a condition (e.g., same business trip, project, report, or cost center).
• Enforce group policies (e.g., total per trip ≤ $2,500).

3. Conflict resolution and decision clarity

• When an item passes item-level rules but the enclosing group fails (e.g., a $20 meal is valid individually, but the trip totals $3,000 and exceeds a $2,500 cap), return a decision that:
  • Distinguishes item-level vs group-level reasons.
  • Identifies which items are failing only due to group constraints.

4. Data model and scale

• Propose a data model (users, expenses, categories, receipts, trips/projects, reports, groups, rules, rule versions, evaluations, audit logs).
• Discuss indexing and partitioning for scale.

5. Rule engine

• Design a rule DSL/config schema, execution graph, ordering/precedence, short-circuiting.
• Caching of aggregates, idempotency, and re-evaluation on policy updates.

6. APIs and workflows

• Define APIs and workflows (submit expense, create/update group, evaluate, re-evaluate, manual override, appeal).
• Specify latency and consistency expectations.

7. Edge cases

• Multi-currency and FX timing; split expenses across categories; duplicates; offline receipts; partial approvals; concurrency when the same expense belongs to or moves between groups.

8. Observability, auditing, access controls, and rollout

• Observability, auditing, and access controls for financial/PII data.
• Rollout strategies (dry-run/A/B) for new policies.
• Provide a high-level architecture and explain trade-offs.