Over the course of my career in customer experience (CX) design I’ve worked across numerous projects, many of which involved important aspects of regulatory and industry compliance requirements. These include (but aren’t limited to):

1. A full redesign of Burger King’s website to modernize the branding and make the site fully responsive—a project that exposed me to regulations such as these FDA Menu Labelling Requirements for Chain Restaurants
2. Leading a small design team on a multi-year effort to completely modernize and replatform the online quoting experience for Progressive Insurance which required an understanding of the legal regulatory guidelines for all 49 US states (at that time) that Progressive was an underwriter for
3. A service design project for a Highmark Health food assistance program, that was my introduction to FHIR (pronounced “Fire”) digital interoperability requirements in support of the regulatory compliant sharing of patient medical information across various vendor systems
4. More recently, a three year effort at Vanguard Investments to completely redesign and replatform their personal investor stock and ETF trading application, including adding the ability to place and make trades in dollars rather than whole shares. This experience led me to working with internal experts and regulators well versed in the world of trade execution and reporting regulations, including these FINRA Trade Reporting Guidelines FAQ that had direct influence on how certain aspects of the customer experience could—and could not—perform within the digital product offer

All of these experiences (and many more for banks, insurance providers, brokerages, etc.) have given me a first hand understanding of how digital design and engineering teams can best deliver their respective work products within highly regulated industries. While the rules and laws vary a great deal by the examples I just shared—some of which have concerns and considerations at both the federal and state agency levels—the process and mindset for success has common patterns across the board.

Here is what I have learned and continue to apply when working with delivery teams in these kinds of industries and applications:

Be curious and learn about the regulations – designers and design teams put the optimal performance of the customer experience at risk when they limit their understanding of these requirements as little more than a bunch of legal disclaimer content or “mandates” being pushed upon them by the legal and regulatory team members collaborating on the project. While no one should expect designers, writers, developers, etc. to become a full-fledged lawyer, you should approach the space just as you would any design problem: ask to understand the problem better, and get familiar with the key "needs"—the regulatory requirements. This includes surveying and understanding how various competitors in the market interpret and apply their understanding to their digital offerings. Laws and regulations set criteria—the rules of the game—but the specific “spirit” of how best to abide by those rules is very often open to interpretation and nuance. If, as a member of a team, you choose not to learn any of this and do some homework, you are basically abdicating any ability to collaborate and consult on the best possible design that can serve both customers and the reputation and regulatory exposure of the organization.

Collaborate early and often - in my experience there are rarely any “bad actors”—on any side of the table—who simply demand things be a certain way “just because” a law or regulation says so. But it is a common occurrence that limited interaction between the invested stakeholders—the digital product makers, executive stakeholders and regulatory/compliance professionals—resorts to “lowest common denominator” decision making because they are coming at problems from very different perspectives, often with little insight into each other’s point of view. In order to lower the barriers, design and technology leaders need to engage these other parties early and often in the process. In almost all of the examples I cited from my career, regulatory and legal resources were invited to, and participated in, initial discovery workshops all the way through important milestones such as user research test results, design reviews, requirements gathering sessions, etc. Yes, it is a larger investment of time than everyone may be used to. But—and this is critical—unless you want a large body of work blindly entering into a regulatory and review cycle at the very end—that will very likely feel like a wood chipper chewing up and spitting out all of your thoughtful, diligent decision making and iterative refinements—the investment is absolutely necessary in terms of a compelling, effective end product that customers will reward through repeated use and great CSAT scores.

Be a connector who can broker tradeoffs and considerations from multiple perspectives –This collaboration needs an ambassador, an effective communicator who can understand and empathize with the perspective of every group involved, finding ways to negotiate and broker the best set of “win/win” solutions possible. Very often this role is some combination of the design leader and digital product owner, working in very close harmony. Avoid trying to "spin" or “sell” these groups and stakeholders into your point of view—this is where my first point of having some grasp of the regulatory environment, and the companies appetite for risk, is very important. Compromise and the consideration of novel solutions by your legal and regulatory peer group will only happen if trust is established, and that they see that any push for more unorthodox interpretation of adherence to the regulations is still anchored in an appreciation for their mandate and responsibility: avoiding legal and fiduciary risk or harm to the corporation.

Embrace the “limitations” and see them as opportunities – I placed “limitations” in quotes there because delivery teams, especially designers and content specialists, can tend to view the concerns of their legal and regulatory peers as straitjackets—overly stringent “rules of the road” that prevent them from working with a clean, blank canvas upon which to ideate and craft. But the reality is these rules and laws exist for a reason, and not just to protect corporations—they all were created in the aftermath of issues where consumers and end users were harmed or put at risk at some point in history. As such, user experience professionals should value and acknowledge them as much as they would direct user feedback and input from direct inquiry or other forms or user research. When treated thoughtfully and with care, design and content responses to these guidelines can mean much, much more than simply the incorporation of disclaimer copy in small print at certain points of the user journey.

One example of this: during my tenure on the Vanguard ETF and stock trading application redesign, the industry was in the midst of a trading “boom” due to the Covid lockdowns and large numbers of young investors getting into the markets. At that time, applications such as Robinhood that were making trading as slick, easy and “fun” as possible were getting a lot of attention and growth. But Vanguard’s mission was different, as were the business drivers. Robinhood and similar firms had an inherent conflict of interest: their revenues and profits were derived from trading volumes that they, in turn, auctioned off to the highest bidders to clear their trades. Vanguard, because it is owned by its customers who choose to invest in their mutual funds and ETFs, is and always has been focused on investor outcomes—doing the best right thing for their customers, even if that includes not making a trade or market move. But for regulatory reasons, the trading experience also has to be agnostic—it cannot and should not provide users with anything that might be construed as financial advice.

But what we could do—and what proved to be very successful—was to really lean in on in the moment, point-in-time contextual guidance and education, so users of our platform understood what they were about to do, and any associated risks. For certain more advanced forms of trades—Stop Orders, Stop Limit Orders—we provided clear, jargon free guidance on how those trades work, and the risks to consider. We took what could have just been burying some disclaimer copy in the app and elevated it to a feature/benefit for our customers, all while doing so in a way that avoided slowing down (or talking down to) those customers who knew exactly what they were doing with a stop or stop limit order. This is an example of the kind of “win/win” opportunity I described earlier. We, as a team, were very happy to create an experience that strongly aligned to Vanguard’s mission and benefited our clients. Executive stakeholders and our peers in regulatory and compliance were very pleased to see that we were moving beyond basic “risk mitigation” to simply meet a barebones regulatory standard towards an elevated presentation making it very transparent to clients what the real world risks were. Some of these kinds of decisions were not easy for our team to make— there was a lot of chatter and noise from other parts of the organization who were much less versed in the world of trading that were holding experiences such as Robinhood up as examples of what we should have been pursuing as our CX north star—super slick interactions with next to no “friction”, including (at that time) the digital “confetti” post trade that all added up to celebrating the act of trading—which is absolutely not the same thing as successful investing. Coming out of that boom cycle has certainly validated the choices we made at that time, but it wasn’t pure chance that we ended up where we did—it was a result of all of the kinds of collaboration, diligence, and the ethos I’ve outlined here.

Conclusion - Design and design leaders play an important role in setting the example and serving as the connective tissue between an optimal, strong performing user experience and meeting the various legal and compliance requirements within highly regulated industries. In part one of this topic, I’ve outlined the broad considerations of how to engage and collaborate around the areas of regulatory compliance. In part two, I will discuss methods and approaches specific to risk mitigation—how best to plan and prevent from issues making it into live production environments when stakes are extremely high.

Doug Hopkins, Director of CX at Cloud Construct, has over 25 years of digital strategy and product design experience, leading digital transformation and product design efforts for companies such as Vanguard Investments, Progressive Insurance, Fidelity Investments, USA Network, NBCUniversal, Sotheby's, Alamo Rental Car, Burger King and adidas. He and the seasoned professionals at Cloud would very much like to put their collective expertise to work on behalf of your organization as well. Reach out to connect with us about how we may help.