Corporate accounts — Romina Kochura

Corporate accounts - From single admin to multi-tenant access

Corporate user management is a permissions and access framework built into DTCC Digital's platform. It lets corporate clients—large financial institutions—oversee their internal teams, end clients, and third-party providers from a single admin layer. Before this feature, the platform was built for a single super-admin and couldn't scale to the multi-user, multi-role structures these clients need. I led design end-to-end - simplifying the role-based permission model and naming, redesigning navigation around admin workflows, and laying the design system groundwork with our first set of design tokens.

Contributions

Research, Data modeling, Information architecture, Visual design, Design system

Timeframe

Jun – Dec 2023

Client

DTCC Digital

Discovering gaps

The original request was to add multi-user support for corporate clients. But the platform had gaps at multiple layers that needed solving first:

Solo super-admin

The platform offered corporate and personal account types, but both functioned the same way - one super-admin user with full access. No way to invite team members or define role-based permissions.

Tangled permissions

More than half of the existing permission groups overlapped, with no documentation on what each one did. Admins inviting new users had no clear way to decide which permissions to assign.

Inaccessible terminology

Action labels didn't match admin users' mental models. They had to guess what each one would actually do.

Incomplete design system

100+ components existed, but built as variants without properties or design tokens. Developers worked with hard-coded values, making changes slow and error-prone.

Take a look at the research process

Mapping the permission domain

Before designing solutions, I needed to understand the access management domain itself. Working with my team and our architects, I mapped every noun in the permission structure - users, roles, functions, entities, organizations - and how they related to each other.

Access management: uncovering insights and best practices from industry leaders

Most of my deliverables at this stage were spreadsheet-style documentation that helped align the team on data structure and feature requirements. We also broke concepts down into separate data tables to see how relationships actually worked under the hood.

Access management: uncovering insights and best practices from industry leaders

This foundation made everything that followed possible. Without it, I'd have been designing on top of assumptions instead of a real understanding of what permissions are and how they connect.

Results

Corporate accounts and user management became the first major milestones on the roadmap toward enterprise clients. The project also unblocked the role-based permission model and improved function taxonomy - both longstanding items in the backlog.