Document Base
Document Base is an internal regulatory document registry for Raiffeisen Bank, a major international banking group. It replaced Lotus, an outdated vendor system unsupported for years, with a modern platform that makes document storage, search, and version control transparent and accessible to all 10,000 bank employees.
I owned the product design end-to-end: from uncovering hidden business logic through user research to defining MVP scope and shipping a working product in 3 months.
Sole designer on the product, collaborating with an analyst, PM and engineering team
Sole designer on the product, collaborating with an analyst, PM and engineering team
ROLE
Staff Product Designer
PLATFORMS
Desktop only (mobile excluded due to security requirements)
TIMELINE
3 months to MVP
Staff Product Designer
PLATFORMS
Desktop only (mobile excluded due to security requirements)
TIMELINE
3 months to MVP
Impact
Access expanded from ~50 to over 2,500 active users. Manual requests to methodologists dropped ~7 times. Document search time reduced ~1.5x
Context
All regulatory documents lived in Lotus, a vendor system unsupported for over five years. Search only worked through full-text matching. "Filtering" meant toggling columns in a sidebar menu. No clear document statuses, no version history, no way to see who owned what.
Primary users were methodologists, lawyers, auditors, and risk managers. But most bank employees needed documents too, during audits, investigations, or client work. They couldn’t access them independently and had to request everything from methodologists.
For a bank, this wasn’t just inconvenient. It was a compliance risk. The Central Bank requires strict control over document review cycles, and manual tracking meant potential fines.
Primary users were methodologists, lawyers, auditors, and risk managers. But most bank employees needed documents too, during audits, investigations, or client work. They couldn’t access them independently and had to request everything from methodologists.
For a bank, this wasn’t just inconvenient. It was a compliance risk. The Central Bank requires strict control over document review cycles, and manual tracking meant potential fines.
Legacy Lotus system: no statuses, no versioning, limited search
Problem
When I started digging into the existing system and talking to users, I realised the brief undersold the complexity. This wasn’t a UI replacement. It was about untangling years of undocumented business logic.
I framed the problem at two levels:
I framed the problem at two levels:
User level
Documents were hard to find, and their validity was unclear. No way to tell if a document was active, archived, or awaiting review. Historical versions were nearly impossible to locate.
Documents were hard to find, and their validity was unclear. No way to tell if a document was active, archived, or awaiting review. Historical versions were nearly impossible to locate.
Business level
Review deadline control was manual, which is a direct regulatory risk. Most employees couldn’t access documents independently. The legacy system prevented automation and future development.
Review deadline control was manual, which is a direct regulatory risk. Most employees couldn’t access documents independently. The legacy system prevented automation and future development.
A concrete example I uncovered during interviews
During court cases or Central Bank investigations, the bank needed historical documents from specific time periods. In Lotus, this took days of manual searching. This became one of my key arguments for prioritizing versioning and document relationships in the MVP.
During court cases or Central Bank investigations, the bank needed historical documents from specific time periods. In Lotus, this took days of manual searching. This became one of my key arguments for prioritizing versioning and document relationships in the MVP.
Current document lifecycle: Document Base covers only the final stage
Research & Hypotheses
I interviewed 10 users across roles (methodologists, lawyers, auditors, risk managers) and mapped existing workflows with an analyst.
Hidden complexity
The project looked like three simple screens: document list, document card, and creation form. But the business logic behind them was far more complex than anyone had articulated. A regulatory document defined how the registry should work, but it was full of gaps. I made it my responsibility to map these gaps through deep conversations with methodologists.
The project looked like three simple screens: document list, document card, and creation form. But the business logic behind them was far more complex than anyone had articulated. A regulatory document defined how the registry should work, but it was full of gaps. I made it my responsibility to map these gaps through deep conversations with methodologists.
Example:
Versioning logic depended on how documents were replaced. A new version of one document continued the chain (v1.0 → v1.3). But when two documents merged, it became a completely new document (v1.0). I flagged this to engineering early because it had cascading implications for creation flow, relationships, and status tracking. There were dozens of cases like this.
Key findings:
Versioning logic depended on how documents were replaced. A new version of one document continued the chain (v1.0 → v1.3). But when two documents merged, it became a completely new document (v1.0). I flagged this to engineering early because it had cascading implications for creation flow, relationships, and status tracking. There were dozens of cases like this.
Key findings:
Search and filtering are the MVP core
Speed and validity confidence mattered most.
Speed and validity confidence mattered most.
Review control must be automated
Manual tracking created regulatory risk. I pushed for this as a must-have.
Manual tracking created regulatory risk. I pushed for this as a must-have.
The document card is the source of truth
Complete lifecycle, ownership, and status in one place.
Complete lifecycle, ownership, and status in one place.
Users had normalised the pain
They were ready to accept almost any system. I couldn’t rely on stated needs; I had to observe where people hesitated or created workarounds.
They were ready to accept almost any system. I couldn’t rely on stated needs; I had to observe where people hesitated or created workarounds.
I structured needs using JTBD: users wanted to move from uncertainty about document validity to confidence in compliance. Activities mapped to: search, verify version, check status, apply requirements.
Hypothesis
If we create a unified registry with transparent versioning, clear statuses, and automated review control, employees will work independently, and regulatory risk will decrease
If we create a unified registry with transparent versioning, clear statuses, and automated review control, employees will work independently, and regulatory risk will decrease
JTBD stories and activity mapping for document creation flow
Design & Solution
Research made one thing clear: the system needed to be built around documents, not processes.
OOUX and Information Architecture
I structured my work as a chain: JTBD to OOUX to IA to User Flows. JTBD gave me the activities (search, verify, check status), which revealed the attributes users needed, which fed into OOUX: defining objects, states, and relationships. IA then mapped where these objects appear in the product.
Core objects: Documents, Employees, Regulators. The four documents (Active, Draft, Not yet effective, Archive) became the backbone of the IA. I defaulted navigation to Active because research showed 80%+ of daily interactions were with current documents.
OOUX also became my communication tool: when scope discussions came up, I could point to the object map and keep conversations precise.
I structured my work as a chain: JTBD to OOUX to IA to User Flows. JTBD gave me the activities (search, verify, check status), which revealed the attributes users needed, which fed into OOUX: defining objects, states, and relationships. IA then mapped where these objects appear in the product.
Core objects: Documents, Employees, Regulators. The four documents (Active, Draft, Not yet effective, Archive) became the backbone of the IA. I defaulted navigation to Active because research showed 80%+ of daily interactions were with current documents.
OOUX also became my communication tool: when scope discussions came up, I could point to the object map and keep conversations precise.
OOUX object map: Documents, Employees, Regulators and their attributes
Information architecture built directly from the OOUX object model
Prototyping and testing
Quick low-fidelity concepts, small user groups, simplify based on feedback. I deliberately kept fidelity low because it’s easier to kill rough ideas than defend polished ones. Critical here because every department had its own vocabulary, and only repeated testing revealed which formulations worked.
User scenario: viewing a document from login to key actions
All key flows prototyped and tested iteratively in Figma
MVP features
The registry itself became accessible to all bank employees for viewing and searching documents, something that previously required going through methodologists.
For methodologists, I designed the full document lifecycle within the registry: creating document cards, editing, managing statuses, and exporting data. The document card itself was straightforward, but the creation flow needed careful thought. I broke it into logical steps (core parameters, then responsible persons, then files) so that methodologists who rarely performed this task could manage it without confusion.
I also tested the creation flow with document authors specifically, not just methodologists. I knew that post-MVP, the responsibility for creating document cards would shift primarily to authors, so the flow needed to work for both audiences from the start.
For methodologists, I designed the full document lifecycle within the registry: creating document cards, editing, managing statuses, and exporting data. The document card itself was straightforward, but the creation flow needed careful thought. I broke it into logical steps (core parameters, then responsible persons, then files) so that methodologists who rarely performed this task could manage it without confusion.
I also tested the creation flow with document authors specifically, not just methodologists. I knew that post-MVP, the responsibility for creating document cards would shift primarily to authors, so the flow needed to work for both audiences from the start.
Final registry: status tabs, filters, categories, review deadline alerts
Document card evolution across three design iterations
Document card evolution across three design iterations
Final document card: full lifecycle, people, files, versions in one view
What we cut for MVP and why:
Document preview
Compliance restrictions prevented third-party plugins, and building from scratch was out of scope. Users downloaded files externally.
Full document relationship chains
Users needed all related documents in one chain, but this required a backend scraper to build relationship maps. We shipped a simpler version: direct previous/next version links inside the card.
Department-specific attributes
Needed for compliance reporting but not for launch; better to add with real usage data.
Document type separation
Regulatory docs, forms, and committee regulations had different lifecycles. I flagged this during research, but a deeper investigation was needed. We deferred, a decision I'd revisit in Reflection.
Document preview
Compliance restrictions prevented third-party plugins, and building from scratch was out of scope. Users downloaded files externally.
Full document relationship chains
Users needed all related documents in one chain, but this required a backend scraper to build relationship maps. We shipped a simpler version: direct previous/next version links inside the card.
Department-specific attributes
Needed for compliance reporting but not for launch; better to add with real usage data.
Document type separation
Regulatory docs, forms, and committee regulations had different lifecycles. I flagged this during research, but a deeper investigation was needed. We deferred, a decision I'd revisit in Reflection.
Results
- All 10,000 employees gained access (previously ~50), with 2,500 monthly active users (unique)
- Manual requests to methodologists dropped ~7x
- Document search time reduced ~1.5x
- Review control became transparent and automated
- No training required — users understood the interface immediately
- Eliminated dependency on an unsupported vendor system
What's Next
The next phase was approval workflows, a separate but integrated product. I advocated for building from the registry upstream: stable storage first, then creation and approval logic on top.
After that, the priority was separating document types (regulatory docs, forms, committee regulations) into distinct products. Another bank team was already building a reusable semantic search module, and once types were separated and content grew, that module would plug in naturally.
After that, the priority was separating document types (regulatory docs, forms, committee regulations) into distinct products. Another bank team was already building a reusable semantic search module, and once types were separated and content grew, that module would plug in naturally.
Planned evolution: adding document type separation before publication
What worked
Investing in business logic before designing. The framework chain (JTBD to OOUX to IA to Flows) kept every decision traceable and gave me a shared language with engineering and business.
What I'd do differently
Push harder on document type separation. I spotted the structural differences during research but accepted the decision to defer. Post-launch, this created confusion because users expected different types to behave differently.
Key lesson
The real complexity wasn’t in the interface. It was in translating poorly documented business logic into something that felt simple, and aligning the team around what to build first