Case Study — Enterprise Risk & Governance

Transforming Fragmented Risk Reporting into a Unified Governance Platform

Designing an enterprise-wide digital risk office platform for a Tier-0 global financial institution — replacing disconnected spreadsheets with a governed source of truth across 175+ risk metrics and 7 divisions.

Client

Tier-0 Global Financial Institution

Industry

Financial Services — Cybersecurity & Risk

My Role

Lead Product Designer (E2E)

Timeline

2024 – 2025

Team

1 Designer · 8 Eng · 3 PM

Engagement

Deloitte Consulting

01 — The Challenge

Governance across disconnected tools

The Problem

Governance across disconnected tools
Manual reconciliation & offline PPT reporting
No single source of truth
Limited real-time visibility across divisions
Elevated reporting & accountability risk
Weeks-long manual reporting cycles

The Shift

Reactive reporting → structured governance control
Single governance spine across metrics & commitments
Embedded confirmation & lock controls
Clear role-based accountability
Real-time transparency across cycles
Audit-ready external reporting posture

UX/UI Flows

10+

Reusable Patterns

Persona Journeys

Unified Design System

02 — User Research

Five distinct personas, competing needs

Executive

C-Suite Sponsor

High-level overviews. "Are risks being adequately managed?" One-glance posture.

Pain: Too detailed — needs insight, not data.

Process Owner

L2 Metrics Owner

Reviews & validates metrics. Ensures breach action plans. Final sign-off.

Pain: Manual entry. Numbers don't align.

Governance

DRO Governance

Admin overrides. Centralized reporting — thresholds, statuses, change requests.

Pain: Values don't match. Constant back-and-forth.

Divisional Head

DHOTR / TRO

Division vs. firmwide comparison. Dependencies and risk drivers.

Pain: No division-level posture view.

Operational

Delegate

Monthly updates. Simple entry, breach flags, action plan submission.

Pain: Admin capabilities not yet built.

03 — Platform Overview

Two dashboards for two audiences

The same governance spine surfaces differently for different roles. Executives get posture; governors and L2 process owners get control. Click a tile to see the full page.

04 — MVP Walkthrough

Two MVP cases from the 10 flows

I designed 10 end-to-end flows for the platform — from metric validation to SEBI regulatory reporting. These two shipped as the MVP: how an L2 owner creates an action plan when a metric breaches, and how they confirm a metric each cycle.

Step 01 · L2 Process Owner

Action Plan Create

Metric breaches → action plan required

Breach detected

When a metric crosses its threshold, the governance layer flags the row and prompts an action plan. The L2 owner opens the metric to respond.

Action Plan Create · live view1 / 3

08 — Process

E2E journey mapping as design foundation

Journey 01

Metric Reporting

Monthly: Opens → Notifications → Delegates update → L2 validate → Governance confirms → Lock → PPT.

Journey 02

Commitment Cycle

Annual: Scope → Targets → Execution → Monitor → DRO reviews → Year-end report.

Journey 03

Regulatory Compliance

Continuous: Notify blanks → Owners update + evidence → Audit capture → Regulator reviews.

09 — Impact

Fragmented reporting → controlled execution

Reduced Reporting Risk

Structured confirmation + automated lock replaced manual spreadsheet reconciliation.

Operational Discipline

Controls embedded in flow — confirmation, mandatory commentary, role-based permissions.

Scalable Architecture

Modular platform grew to commitments, issues, regulatory, and entity management.

Leadership Visibility

Single dashboard replaced dozens of static PPTs with real-time interactive data.

10 — Reflection

What I learned

The UI is only as good as the governance model it expresses. The biggest challenges weren't visual — they were structural. Understanding role-specific cycles mattered more than any layout decision.

Lesson: Journey maps as stakeholder alignment tools, not just research artifacts

Key Decision: Progressive disclosure resolved executive vs. operator tension

Context: Sole designer with 8 engineers across global divisions