fintech - Role and permissions

Enterprise Governance for Multi-Entity Organizations

Lead Product Designer and Manager
Head of Product, Product Manager, Engineers, Finance, CEO
Dash.fi
Lead product strategy, UX/UI design, research, problem-solving, and cross-functional collaboration
70% drop in support tickets
45% increase in multi-entity accounts
2 to 12 growth in user per account

1. Introduction

Dash.fi serves high-growth companies with massive advertising budgets. As these teams scale, the primary account holder (usually a CEO or CFO) face a significant challenge: how to delegate spending power without sacrificing financial security. I led the design and implementation of a robust User Roles and Permissions framework to transition Dash.fi from a single-user tool into an enterprise-ready financial ecosystem.

2. The Problem

As Dash.fi moved up-market, our users changed from individual entrepreneurs to CFOs of multi-entity holding companies. These users faced a "Visibility vs. Control" crisis. They needed to manage ad spend across different legal entities (e.g., a parent agency and its sub-brands) without sharing a single login or exposing sensitive data across departments. The existing system lacked the granularity to handle diverse user needs, leading to security risks and operational bottlenecks.

3. Research & Structural Mapping

Through stakeholder interviews and competitive audits, I mapped the "Power User" journey. We identified that a "One-Size-Fits-All" role was the primary reason for a 40% friction rate in team onboarding. We needed a system that reflected real-world corporate structures.I defined four primary personas to anchor our Role-Based Access Control (RBAC):Admin/Owner: Full legal accountability; manages high-level credit lines and entity-wide settings.Finance: Focused on reconciliation; has high visibility into transactions across entities but limited card-issuing power.Card Manager: Mid-level oversight; authorized to create and assign cards to specific teams or projects.Employee: The end-user; restricted to their own card details, balance requests, and receipt uploads.

4. Design Strategy: The Multi-Entity Architecture

The breakthrough in this project was the Multi-Entity Switcher. I designed a global navigation layer that allowed "Super-Admins" and "Finance" roles to toggle between different business entities without logging out.

Cross-Entity Permissions: I developed a logic where a user could be a "Finance" role for Entity A, but only an "Employee" for Entity B.

The "Least Privilege" Principle: I implemented a default-restrictive UI. If an Employee logs in, the "Create Card" and "Company Settings" buttons are programmatically hidden, reducing cognitive load and preventing unauthorized actions.

Smart Invitations: I redesigned the invite flow to allow Admins to assign roles and specific entity access before the invitation is sent, ensuring that new hires land in a pre-configured, secure environment.

fintech Role and permissions
fintech Role and permissions
fintech Role and permissions
fintech Role and permissions

5. The Solution: A Centralized Governance Hubution

The final solution was a centralized Team & Entity Management Hub that replaced buried settings with a transparent, bird's-eye view of the entire organization. We implemented a granular permission matrix where Admins could toggle specific "View," "Edit," or "Spend" rights for every role, paired with entity-specific dashboards that allowed Finance roles to either aggregate spend globally or drill down into a single sub-brand for audits. To ensure system integrity, I designed mandatory safety triggers and transfer-of-ownership protocols, which prevented the accidental deletion of users who had active, recurring ad-spend cards attached to their profiles.

7. Outcomes & Impact

The transition to this multi-entity, role-based system transformed Dash.fi’s market positioning and drove immediate commercial growth. We saw a 45% increase in multi-entity accounts within the first two quarters, as the platform could finally support the complex needs of holding companies and large agencies. This structural clarity led to a 70% drop in support tickets regarding access restrictions and account management, while the average number of users per account grew from2 to 12. By providing the "Audit Trail" and security infrastructure necessary for corporate compliance, we successfully moved the product from a startup tool to an enterprise-grade financial ecosystem.

8. Reflections & Learnings

This project highlighted that in Fintech, permissions are a core product feature, not just a setting. By focusing on the psychological "Trust Gap" of business owners and solving the technical challenge of multi-entity toggling, we turned a security liability into a significant competitive advantage. This experience reinforced my ability to manage high-level complexity for power users, proving that a well-designed governance system is the primary foundation for scaling a high-stakes B2B financial product.