Solving Uber Case Study — (7/7)

Problem statement

Uber is a technology company that is changing the way the world thinks about transportation. We have been growing globally at an incredible pace and are scaling a hyper efficient revenue systems infrastructure.

Our revenue platform environment supports the needs of our customers (e.g. Rider, Driver, Eaters, Restaurants, etc.). A key to Uber’s success is to be able to accurately and completely account for all events on the Uber platform (e.g. trips, Eats orders), quickly and efficiently onboard new LOBs on the platform, flexibly support local business requirements across 70 countries / 700+ cities, scale and integrate with core financial applications, ensure operational effectiveness for our billing team, and provide financial data for business insights and P&L analysis downstream.

How would you ensure that the platform meets key audit and compliance requirements?

Uber is not just a ridesharing service anymore. It is changing the way the world thinks about transportation. Driven by technology, Uber is growing globally at an incredible pace and is scaling a hyper-efficient revenue systems infrastructure. For a company of this size and scale, the financial systems need to be robust, accurate, and compliant as per regulatory reporting requirements (GAAP/IFRS) globally across all lines of business, ensuring accurate and granular visibility into the financials across multiple lines of business.

To ensure the platform meets the key audit and compliance requirements, certain in-house controls should be in place and practices are to be formulated. These controls and practices are to be updated and modified as per the changing business need.

Depending upon regulatory requirements and applicable standards or regulation, like PCI DSS Compliance Framework, SOX, General Data Protection Regulation (GDPR), or ISO standards reduces risk and pave the way for a compliance ready platform.

Ineradicable

All transactions recorded in the financial systems should be disabled from editing and can be fetched from the system for audit purposes.

Auditable

Maintaining an audit trail of every financial transaction, with full explainability for each action associated with its root. Business Owners should be able to maintain audit trails for every financial transaction reported in the financial systems with complete documentation of the actions carried out (cradle to grave).

Complete

All transactions, events, balances, and other financial records have been disclosed completely within the financial statements and ensuring there are no gaps in Uber’s financial Book.

Accurate

Periodic monitoring and evaluation of financials at various stages of the system lifecycle have to be put in place to ensure accuracy and flag gaps (if in place).

Secure

Keeping access management controls in place at Uber to keep a check on restricted access to the company’s financials.

Change management/SOD

Only authorized changes are being deployed (including application code and infrastructure changes) into the production IT environment by following SOD (Segregation of Duties).