Michelle DaSilva
Portfolio · Case Study

This case study is password protected.
Enter the password to continue.

Don't have the password? Request access

Michelle DaSilva
Get in Touch
Back to Work
Case Study 001 · Fintech & Banking

The Journey to a
Customer-Centric
Access Platform.

When customers can't confidently grant access to their own accounts, they either call support or over-privilege their employees. Both signal a broken experience. I led the UX strategy for ASM — a permissions platform serving 8.7M business customers — driving cross-functional alignment and validated concept design toward a simpler, clearer way to delegate access.

Platform Scale
8.7M+
Business, Commercial & Private Banking customers on the ASM entitlement platform.
Client
Leading US Bank
Role
VP UX Design Lead
Timeline
2023 – 2026
Status
MVP Delivery · Q2 2026

Engagement Overview

A Five-Phase Journey from Alignment to Delivery

This product design engagement spanned two years — each phase building on the last, moving from a shared understanding of the problem through validated design concepts to MVP execution currently in delivery.

01
Phase
Align
25+ stakeholders
02
Phase
Discover
100+ CX gaps
03
Phase
Define
3 concept directions
04
Phase
Design
7 design principles
05
Phase · Now
Delivery
MVP Q2 2026

My Contribution

What I Led

Research & Discovery
Quant & qual studies, heuristic evaluation, service blueprinting, usability benchmarking, co-creation
Facilitation & Alignment
Quad workshops, OKR definition, 25-attendee persona harmonization, 2-day customer co-creation
Synthesis & Direction
100+ RICE-prioritized gaps → 3 validated concept directions tested with BRMs and customers
Design & Delivery
Actionable design principles, MVP entitlements experience in delivery — migrating from legacy BlueJS to React with fully composable components

Overview

What is Access & Security Manager?

ASM is the bank's entitlement platform — the system through which business customers manage user access, roles, and permissions across their banking accounts. It is the operational backbone of how organizations control who can do what within their accounts.

The platform spans three distinct banking segments — Business Banking, Commercial Banking, and Private Banking — each with its own administrator tier, complexity level, and user expectations. Despite its critical role, ASM had grown fragmented, inconsistent, and difficult to use over more than a decade of organic growth.

8.7M+
Customers Impacted
Across all banking segments
8M
BB Admins
Business Banking
51K
CML Admins
Commercial Banking
500K
PB Admins
Private Banking

Our Customer

Meet Janet — The Small Business Owner at the Center

The primary ASM user is a small business owner like Janet — someone running a local business who needs to give trusted employees the right level of access to company accounts, without needing a banking or IT background to do it.

Janet — small business owner customer ecosystem diagram showing her 5 employee types and their access relationships

The Problem

Where Today's ASM Falls Short

Three persistent pain categories surface across every research touchpoint — representing failures at ASM's most fundamental job.

Problem 01
Overwhelming
Too many options, unclear labels, and dense permission tables leave customers paralyzed rather than empowered. The platform was designed for internal operations, not the business owners using it daily.
Problem 02
Unclear
Permission names don't map to real-world roles or actions. Customers can't confidently assess what access they're granting — or verify that changes actually took effect.
Problem 03
No Support or Communications
No in-platform guidance, no contextual help, and no proactive communications when something requires attention — leaving customers to figure it out alone or call support.

Current State

Current state — screen 01
Current state — screen 02
Current state — screen 03
Current state — screen 04
Current state — screen 05
Current state — screen 06
Current state — screen 07
ASM original design — the existing permissions interface showing its complexity and fragmented layout

What We Heard

Straight From Our Customers

Research Participant

"I like having other people sign in to the account and have access — but it's not the most streamlined process."

Business Banking Customer · September 2023

Cross-Functional Alignment

There's No Simple, One-Size-Fits-All Approach

Solving ASM required alignment across four disciplines — Product, Tech, Design, and Data. I facilitated the Quad alignment model to ensure every decision was grounded in the customer, not internal priorities.

Product
Defined scope and priorities — aligning roadmap decisions to customer jobs and business outcomes.
Tech
Early feasibility feedback and constraint mapping on legacy platforms affecting CX.
Quad Model
Customer
at Center
Design
JTBD & Needs — role-based templates, customer jobs, pain points, and mental models.
Data
Moving from feature mindset to a scalable, data-informed product foundation.
01
Phase One
Align
Why are we doing this?

Aligning on the Problem

A Shared Starting Point

Before any research or design work could begin, the team needed a shared definition of what ASM was supposed to help customers accomplish — and what was getting in the way.

ASM problem statement — JTBD, problem definition, root causes, and cost

Vision & Success Criteria

What We Set Out to Build

Product Vision · ASM

To empower business owners to securely define employee access through an intuitive experience — so they feel confident delegating access across all channels.

"Users given the right level of access will be empowered to fulfill their unique roles."

Ease of Use
Reduce time-on-task for core entitlement actions by simplifying flows and improving discoverability.
Product Usage
Increase adoption of underutilized features like security alerts and audit logs by surfacing them contextually.
Time Spent
Decrease support call volume by enabling customers to self-serve confidently — reducing burden on the bank's client service teams.
Customer Feedback
Improve satisfaction scores for ASM-related interactions through post-interaction surveys and NPS tracking.
02
Phase Two
Discover
What are our customers' problems and opportunities?

Discovery Journey

A Multi-Milestone Research Program

I structured discovery as a sequenced research program — each milestone building on the last, from platform assessment through validated concept directions. The goal was a complete evidence base before any design direction was committed to.

Discovery journey timeline showing 5 research milestones from CX Assessment through MVP delivery, 2023–2026

Discovery Journey — Step 1

Get to Know Our Customers

Each discipline entered this step with a different question. Design needed to understand the jobs customers hire their employees to do. Tech was mapping toward a "One Bank Customer" architecture. Product needed baseline data on how many SBOs were actually granting entitlements. Persona definition gave all four a shared foundation to build from.

Profile Harmonization

Four Validated SMB Personas

I led a cross-functional harmonization workshop with 25 attendees to align on who ASM's customers actually are. We converged on four personas — each mapped to their organizational role, access level, and entitlement complexity. These became the shared language across product, marketing, and customer success.

Business Owner persona
Authorized Representative
Business Owner
Primary account holder with full authority over all access decisions. Delegates to others but needs confidence that controls are in place.
Manager persona
Signer
Manager
Can initiate and approve payments. Needs to understand their own access limits and quickly onboard team members within their scope.
Bookkeeper persona
Sub-User · Account Controller
Bookkeeper
Needs account data access without payment authority — a precise permission slice the current platform makes hard to configure.
Accountant persona
Sub-User · Account Associate
Accountant
Needs read-only access to statements and tax documents. Over-provisioning this role creates compliance risk.

Workshop Output

Workshop output — slide 1
Workshop output — slide 2
Workshop output — slide 3
Workshop output — slide 4

Workshop Outcome

Six Key Customer Themes

Six themes emerged as the defining expectations of business banking customers — forming the design criteria against which every concept direction was evaluated throughout the initiative.

Fast and Easy
Access tasks in minutes, not sessions. Speed and simplicity are top-rated satisfaction attributes.
Safe and Secure
Confidence that controls are working — and that the platform flags anything suspicious proactively.
Access to Quick Support
Help when customers hit a wall — without leaving the platform or calling a support center.
Seamless Omni-Channel
Consistent experience on desktop, mobile, or in branch — manage access from wherever they are.
Empowered SBO
Business owners want to feel in control — capable of managing access confidently without a banking or IT background.
One Bank View
Unified view of access across all banking products — no managing permissions in separate silos per account type.

Profile Harmonization Quant Study

Quant Study Results — Executive Summary

Goal: To identify the "actors of influence" that SBOs work and consult with in their businesses. (Sept. 2023)

Top Personas
  1. Business Owner
  2. Accountant
  3. Accounts Payable & Receivable
  4. Bookkeeper
  5. Business Partner
  6. CFO
  7. Accounts Payable

4 consistent with prior work · 3 new: AP&R, CFO, AP · General Manager removed

Top 5 Jobs to Be Done
  1. Paying bills
  2. Paying employees
  3. Receiving payments
  4. Analyzing business finances
  5. Add/remove employees & vendors to financial accounts
Top 5 Entitlements Turned On
  1. See & refund transactions on Smart Terminal and POS app
  2. View activity and balance
  3. View and download tax documents
  4. Bill pay
  5. View statements, documents, and disclosures

Discovery Journey — Step 2

ASM CX Assessment

We assessed the full Business Banking entitlements experience across web and mobile, focused on three core use cases: onboarding authorized users, sharing admin duties, and duplicating rights between users. Tech flagged early that legacy platform constraints (GWS) would bound the solution space; Data mapped usage patterns; Design and Product aligned on where the experience was most broken. The output was a prioritized gap backlog that drove everything that followed.

ASM CX Assessment — Service Blueprint

End-to-End Experience Mapped

The service blueprint mapped the complete SBO / Admin / AU / Proxy Admin flow — connecting frontstage customer actions to backstage systems and surfacing the moments of friction, confusion, and drop-off that the redesign needed to address.

01
Confusing Functionality
Users can't predict what actions do or verify that changes took effect.
02
Missing Call to Action
Key next steps are absent or buried, leaving users stuck mid-task.
03
Information Overload
Dense permission tables overwhelm decision-making — built for ops, not business owners.
04
Inconsistent User Roles
Role labels and permission scopes vary across surfaces, eroding user trust.
ASM service blueprint — end-to-end customer experience mapped across touchpoints and backstage systems

ASM CX Assessment — Heuristic Evaluations

14 Evaluators, 3 Use Cases

Utilizing three use cases and fourteen evaluators, the experience was assessed against our CX Framework — rating each touchpoint to surface the most critical usability failures and opportunities to streamline the end-to-end experience.

Heuristic evaluation — ASM CX assessment findings across 3 core use cases

ASM CX Assessment — CX Gaps

100+ Gaps, RICE-Prioritized for Impact

After identifying over 100 gaps, I collaborated with our quad partner to prioritize them using the RICE methodology, focusing on desirability and feasibility. Five gap themes surfaced as the highest-priority opportunities.

CX gap theme synthesis — five prioritized gap themes surfaced from 100+ identified gaps across the ASM experience
  1. 01
    Lack of Guidance
    Critical
  2. 02
    Missing Status Indicators
    Critical
  3. 03
    Missing Functionality
    High
  4. 04
    Mental Model Mismatch
    High
  5. 05
    Inconsistent Design
    Medium

RICE Prioritization Matrix

Each opportunity was scored across desirability and feasibility dimensions — customer need, employee impact, technical complexity, and dependencies — to produce a total RICE score that anchored the design backlog and stakeholder prioritization conversations.

RICE prioritization matrix scoring CX opportunities across desirability and feasibility

Discovery Journey — Step 3

Future State Explorations

The goal was to de-risk new concepts before committing to a direction — gathering early signal from BRMs and customers through concept sketching and testing. Design led explorations centered on role-based templates as the organizing principle. Tech provided early feasibility reads, and Product focused on desirability. The output validated which features were worth carrying into co-creation.

BRM Advisory Board

Strong Enthusiasm for Role Templates — With Important Nuance

BRMs provided strong enthusiasm and support for role-based templates as a concept. The advisory conversations also revealed that the nuances of what permissions are best for each role template — and how to handle custom roles — required further research before locking in a specific approach.

Role Template Framework Emerging
  • Business Owner / Leaders — all entitlements on
  • Strategic Financial Roles (Accountant, Bookkeeper) — all on except certain Checking/Credit card permissions
  • Operational Financial Roles (AP/AR) — operational access only

Blue Sky Concept Test

Concepts Tested

We kicked off the design of the blue sky concepts with two distinct prototypes based on ideas pulled from research, gap discovery work, heuristic evaluations, and collaboration from the entire product team.

Prototype A — User-Focused Concept

Dashboard-first view — at-a-glance summary of user actions, pending transactions, and admin profile.

Prototype A — user-focused Access & Security Manager dashboard

Prototype B — Company-Focused Concept

Consolidated user list with quick-action shortcuts and a proactive Insights panel for security alerts.

Prototype B — company-focused Access Manager with insights panel

Concept Insights

What the Concepts Revealed

Company Categorization
Useful for those with many users and companies — added noise for those that didn't.
Accounts First
Users preferred choosing accounts first, entitling second — a core mental model shift.
Combined Tab
Combining Account Management and Security tabs was overwhelmingly successful for finding ASM.
Step Navigation
Horizontal step navigation with reduced steps received great feedback.
User vs. Company
Both concepts preferred equally — user-focused for scannability & findability; company-focused for usefulness of proactive insights.

Discovery Journey — Step 4

Co-Creation

Over two days, the ASM Quad co-designed alongside BRMs and six small business customers around a shared question: how do business owners actually think about assigning access to the people they hire? Design led the mental model exploration, Tech and Product stress-tested feasibility and desirability in real time. By day two we had four concrete entitlement concepts to bring into validation.

Team collaborating around a table in a co-creation workshop

Co-Creation Workshop

Four Concepts, Co-Designed With Customers

Workshop goal: conceptualize a next-gen entitlements experience enabling business owners to quickly, confidently, and securely assign permissions based on employee roles. By end of Day 2, the ASM Quad, product partners, and 6 SB customers had co-designed and tested 4 user-centric solutions.

Concept 01 — JTBD-Based Entitlement
Concept 01
JTBD-Based Entitlement
"What do you want this person to do?" — surfacing permissions by task rather than by system category. Entitlement is organized around jobs-to-be-done.
User-focused
Concept 02 — Role-Based Templates + AI Assist
Concept 02
Role-Based Templates + AI Assist
Permission templates by role (Accountant, Co-owner, Operations) with an AI-powered chatbot to guide setup, answer questions, and help configure custom roles.
AI-assisted
Concept 03 — AI-Guided Role Recommender
Concept 03
AI-Guided Role Recommender
"What best describes this person's role?" — guides the user to a list of recommended roles with viewable permission details before the user confirms the assignment.
Guided flow
Concept 04 — Activity-Based Entitlement
Concept 04
Activity-Based Entitlement
Align entitlements with real-world day-to-day activities: "View Money Movement, Send Money, Receive Money, Approve/Control Money, Payroll" — making permissions tangible.
Activity-aligned

Co-Creation Workshop — Key Findings

Key Findings Across All Concepts

Four consistent signals emerged regardless of which concept customers engaged with — forming the design principles carried into the Define phase.

User Information Flow
Customers preferred entering user information before assigning entitlements — a clear mental model preference that needed to be built into the core flow.
Customization and Flexibility
SBOs consistently valued the ability to customize and fine-tune entitlements and permissions beyond any preset template.
Trust and Simplicity
High trust in Chase's recommendations — and a strong preference for straightforward, user-friendly experiences over complex control panels.
Role and Entitlement Clarity
Clear and accurate categorization of roles and entitlements was essential — ambiguous labels eroded confidence in every concept tested.

Discovery Journey — Last Step

Test Current State Experience

Before measuring against a redesign, we needed a baseline. Design ran current-state usability tests with real customers to validate the gaps already identified — turning heuristic findings into confirmed evidence. Data mapped underlying constraints, and Tech confirmed which GWS legacy platform limitations would define the boundaries of the solution space.

Benchmark Test

Validating the Gaps With Real Data

250+ BB/CML/PB users were tested on 3 flows in current-state ASM: adding a sub-user (Accountant), adding their entitlements, and promoting a user to proxy admin. The results confirmed the severity of the identified gaps — and established the baseline to measure the redesign against.

68%
Task completion rate — with 32% failing or abandoning core entitlement flows.
3.8/5
Average user confidence — high uncertainty even among those who completed tasks successfully.
250+
Users tested across BB/CML/PB segments to establish a measurable redesign baseline.

Research Participant

"So I know I'm in the right screen [...] but I don't see 'add user'."

User searching for the Add User button

Research Participant

"Could this be tiered so that it's easier to use and go through it?"

User on the entitlements page

Research Participant

"The layout is not great to create a proxy admin and to add an authorized user. Those links should be clear."

User on the All Users page

03
Phase Three
Define
Define, refine, and test our entitlement experience concepts.

Define Journey

Define, Refine and Test

The mandate was to move from ideation to evidence — define and test role-based entitlement concepts with BRMs and customers until one direction proved both feasible and desirable. Design led the JTBD-centered framing, Tech ran real-time feasibility checks, and Product and Data tracked what customers actually responded to. The output drove every decision in Phase 4.

Refined Entitlement Concepts

Three Directions Tested With BRMs and Customers

The team iterated on the top co-creation directions and tested three refined concepts with Business Relationship Managers and customers. Each direction addressed the core research findings from a distinct angle, with clear tradeoffs for engineering prioritization.

Direction 01 — Jobs to Be Done
Direction 01
Jobs to Be Done
Tabbed grouping: Money Movement, See Activity, Manage Employees, Communications. Permissions organized by what the user needs to do — not by system category.
Direction 02 — Product Grouping
Direction 02
Product Grouping
Permissions grouped by financial product — Checking, Credit Card, Merchant Services, Tax Actions. Account-first navigation with a left sidebar tracking which account is being edited.
Direction 03 — Tiers
Direction 03
Tiers
Most closely represents current state — with targeted improvements for clarity, hierarchy, and navigation. Serves as the benchmark against which the other directions are measured.

Dual Track Roadmap

Two parallel tracks defined our path forward — Modernization for incremental CX improvements, and Redesign for the full future-state entitlements experience.

Dual track delivery roadmap — Modernization and Redesign tracks running in parallel

What We Learned

Key Takeaways From Define Phase

Testing three distinct entitlement models surfaced a consistent signal. These learnings directly shaped the design refinement work in Phase 4.

01
Account-First Navigation
Customers consistently wanted to choose accounts before assigning entitlements — a mental model shift that needed to be built into the core flow.
02
Clear Role Labels
Permission names needed to map to real-world roles and tasks. Jargon-heavy labels eroded confidence — plain language that matched how owners think about their employees was essential.
03
Flexibility Beyond Templates
Role templates were a strong starting point, but every SBO wanted the ability to fine-tune. Rigid templates felt constraining — customization drove confidence in the final assignment.
04
Phase Four
Design
Which solution should we build and why?

Concept Testing

Testing Our Refined Entitlement Concepts

The team further iterated and refined the top entitlement designs and tested them with Business Relationship Managers (BRMs) and customers — bringing three distinct directions into a second round of structured testing.

Jobs to be done concept — tabbed grouping based on common financial jobs
Concept A
Jobs to be Done

Tabbed grouping based on common financial jobs to be done

Product Grouping concept — permissions grouped by financial products
Concept B
Product Grouping

Permissions grouped by financial products

Tiers concept — most closely represents current state
Concept C
Tiers

Most closely represents current state — used as the benchmark baseline

Research Insights

What Refined Testing Revealed

A second round of concept testing with BRMs and customers produced four consistent signals that directly shaped the MVP design principles.

User Mental Model
Many participants felt that assigning entitlements by account was more intuitive than selecting accounts for each entitlement. "This approach simply makes sense." — P4. Account-first, entitle-second was consistently preferred.
Navigation and Guidance
Many participants expressed a desire for more conversational language and guidance. Users appreciated the inclusion of icons, which enhanced comprehension and made scanning easier. The sidebar displaying accounts was particularly helpful for identifying which account they were editing.
Progress Tracker
The left sidebar in the "product categories" concept, which displays accounts, assists users in monitoring the account they are currently editing — a critical wayfinding mechanism for multi-account businesses.
Desired Functionality
The feedback on the "choose all" feature was varied, but a majority appreciated the ability to select all options in the entitlement section. Many users also expressed a desire for progress to be saved automatically as they navigate between screens, applying changes immediately after submission instead of relying on a "save progress" button.

Actionable Design Principles

What Goes Into the Next Design Iteration

1
Account-First Structure
Consider organizing accounts on separate pages, allowing admins to select entitlements for each account individually.
2
Icons for Scanning
To enhance user experience, incorporate section icons for quick scanning and visual appeal.
3
Sidebar Wayfinding
Utilize a sidebar to indicate the account being edited and enable users to easily navigate between accounts.
4
Guided Flow Inspiration
Look to successful apps like Credit Karma, Turbo Tax, or Gusto for inspiration on user flow.
5
Careful Access Labels
Avoid using "full access" except for co-owners, admins or proxy admins.
6
Bulk Selection Controls
Include an option for "Choose all" in entitlement sections for granularity without over-entitling users.
7
Segment-Aware Features
Note that the feature "Copy entitlements" was not well-received by small business owners due to their limited number of accounts.
05
Phase Five · Current
Delivery
MVP Entitlements redesign — moving research into production.
Currently in Delivery

Where We Are Today

From Discovery to Delivery

The team is currently executing the MVP Entitlements redesign — migrating the legacy BlueJS implementation to React, rebuilding all components as fully composable and modernized building blocks, paired with targeted design enhancements that address the highest-priority CX gaps identified across two years of research.

MVP Entitlements Redesign — Now
Migrating the entitlements experience from legacy BlueJS to React with fully composable components, paired with design enhancements that resolve key CX gaps from discovery — clearer labels, account-first navigation, and improved role assignment flow.
Role-Based Discovery — 2026
Continuing with role-based template exploration and additional rounds of customer testing — building on the validated concept direction to define the next phase of the ASM experience.

Delivery Roadmap

Final roadmap — ASM delivery plan

MVP Delivery · 2026

The MVP Entitlements Experience

The first shippable milestone — a full migration of the entitlements experience from legacy BlueJS to React, rebuilding all components as composable, modernized building blocks and addressing the highest-priority UX gaps identified across two years of research. The screens below show the complete add-user flow end to end, from user view through permissions confirmation — click any screen to expand.

Final MVP design — the target ASM entitlements experience
01 — User View

01 — User View

02 — Add Authorized User

02 — Add Authorized User

03 — User Type Selection

03 — User Type Selection

04 — Authentication

04 — Authentication

05 — Verify Add User

05 — Verify Add User

06 — Confirmation

06 — Confirmation

07 — Permissions

07 — Permissions

08 — Review Permissions

08 — Review Permissions

09 — Permissions Confirmation

09 — Permissions Confirmation

Retrospective

What We've Learned Along This Journey

What Moved Us Forward
Quad Alignment across Design, Data, Tech, and DCE created a shared north star from day one.
Clear scope definition prevented the initiative from expanding beyond what the team could meaningfully deliver.
Product and partner collaboration kept engineering and business leadership bought in throughout.
Building on prior discovery insights avoided duplicating earlier work and accelerated alignment.
Design Thinking activities — co-creation, service blueprinting — created alignment artifacts that outlasted the sessions.
80/20 discipline — knowing when to stop digging and move to synthesis kept momentum without sacrificing quality.
If We Had a Magic Wand
More visibility into competing initiatives — large bank migrations (e.g. FRB) affected velocity in ways that were hard to anticipate.
Clearer discovery-to-delivery handoff — the connection between research and engineering backlog needs sharper definition.
Shared process documentation — the right ceremonies and tools (Jira, 6QTR roadmap, Monday.com) so insights don't live only in decks.

Outcomes

A Multi-Year Foundation — Now in Delivery

The initiative delivered a comprehensive research and strategy foundation that aligned leadership across product, engineering, and business lines — and a delivery roadmap now actively driving multi-year investment in ASM's future.

Designer arranging sticky notes on a wall during a design sprint — representing the multi-year alignment and co-creation work behind ASM
8.7M
Customers Impacted
Research and strategy covering the full ASM customer base across Business, Commercial, and Private Banking.
100+
CX Gaps Documented
RICE-prioritized backlog mapped to customer impact and business cost — driving a 2-track delivery roadmap.
4
SMB Personas Adopted
Validated persona framework now used across product, marketing, and customer success at the bank.

Reflection

"Two years from discovery to delivery taught me that great design leadership isn't just craft — it's making the complex navigable for your team, your partners, and your customers."

Michelle DaSilva · UX Design Lead · Leading US Bank

What's Next

Role-Based Design Meets SecureAccess

With the MVP entitlements redesign in delivery, the next chapter brings two parallel threads together — a return to role-based discovery to design and validate the full entitlements experience, and the introduction of SecureAccess, a vision for what ASM becomes when AI is built into the core of how access is managed.

Role-Based Design — Back in Discovery
Building on validated concept directions, the team is re-entering discovery to design and test role-based entitlement templates with customers — moving toward the full future-state ASM experience.
SecureAccess — North Star Vision
A reimagining of access management built on the ASM foundation — with AI-suggested permissions by role, anomaly flagging, and plain-language guidance. The owner stays in control; AI guides, not decides.

What came next

"ASM told me what the problem was. SecureAccess is my vision for how AI could finally solve it."

All Case Studies Next: SecureAccess AI