Designing user management for a multi-level banking organizations
Overview:
Our platform is used by banks with hundreds of bank employees, spread across branches, clusters, regions, and head office. Each person needs different access, but managing this manually was slow, inefficient, and inconsistent.
My role:
I led the design end-to-end along with senior designer, PM and engineering team to align technical feasibility.
Team
Me, Senior designer, 2 PMs
Duration
1.5 Months
PROBLEM
Before this module:
Access control has Limited granularity
Adding or removing users took too long
Admins needed - Speed (quick onboarding/offboarding), Control (fine-grained permissions), Clarity (no confusion about access)
Current UI
Goal:
Create a simple system that lets admins
Control who can access the platform
Control what they can do inside it - without engineering support.
Outcome:
I broke the problem into two clear, independent modules:
Users → Who can access the platform
Roles → What they can do inside the platform
This separation made the system scalable, safer, and easier to understand.
Impact
Reduced average user onboarding time from ~15–20 minutes to under 5 minutes by enabling bulk import and role-based access
Cut down frequent access-related engineering requests by ~50% after introducing admin-managed roles and permissions.
Showing big picture to get alignment from teams:
Before designing, I sat with PMs to create user flows to map all user decisions and edge cases for each module before designing screens. It ensures the UI supports the real journey instead of forcing logic into visuals. Also helped us get alignment from engineering team.
Module 1: Managing access to the platform
This module answers one simple question: 👉 “Should this person be able to log in?”
Admins can:
Add or remove users
Bulk import users (for large teams)
Activate / deactivate access instantly
Search and filter users easily
See role, entity, and status at a glance
Module 2: Roles & Permissions
This module answers: 👉 “What is this person allowed to do?”
Banks already follow strict role hierarchies (e.g. Relationship Officer, Branch Manager, Cluster Head). So instead of forcing a generic system, I designed roles to match real banking structures.
Admins can:
Create roles based on bank org structure
Control access using a permissions matrix
Decide how granular permissions should be
Reuse roles across multiple users
Key design decision: Permissions are managed once at role level, not per user — reducing errors and duplication.
What I’d Improve Next
Permission presets for common bank roles - Create ready-made role templates for common bank roles so admins don’t need to start from scratch every time.
Audit logs for access changes - Add visibility into who changed access or permissions and when, to build trust and help during reviews or investigations.
Role impact preview - Show how many users will be affected before updating a role, helping admins make safer decisions.