Retail KYC onboarding for two regulated crypto launches — Australia (AUSTRAC + ASIC) and Europe (MiCA), designed in parallel.
// 2025 · UX + UI + Regulatory design · Mobile & web
// Role: Senior Product Designer — sole designer on the AU & EU flows, with 1 PM, a Compliance Officer and 5 engineers
// Scope: 0→1 KYC MVPs · ASIC investor assessment · existing-user migration
Our exchange already had a large client base across Australia and Europe. In 2024 both regions introduced crypto KYC regimes requiring stricter Level 2 verification before derivatives trading — and without compliant onboarding, we risked losing access to two of our biggest markets. I owned the AU and EU onboarding end to end: turning shifting legal requirements into flows users could actually finish, fast enough to hit two regulated launch dates.

Before vs after the new regimes: a short shared flow had to expand into two divergent journeys — AU adds wholesale/retail gating and the ASIC suitability test; EU adds the MiCA knowledge quiz and risk disclosures.
AUSTRAC (Australia) and MiCA (EU) share the same intent — know your customer — but they pull the design in different directions. Treating them as one flow would have broken under either regulator; treating them as two unrelated products would have doubled the work and split the experience.
Before designing anything, I studied how five leading exchanges handle the same high-friction moments — tiered verification, benefit framing and knowledge testing. Two patterns held across all of them, and I carried both into the AU and EU flows.





I didn't start with a system. The AU and EU flows were built in parallel under launch pressure, and every shift in requirements meant reworking screens by hand. The repeated structure only became obvious once both had shipped — so after launch I partnered with the product and design team to turn those hard-won patterns into a reusable modular KYC framework for the markets we'd expand into next.

Built after launch with the product and design team: a shared global core (in colour) with a regional branch per jurisdiction. Distilled from the AU and EU work, it became the team's starting point for future market expansion — a new market is a new branch, not a new flow.
The assessment experience went through four iterations before it satisfied both compliance and completion:

The four iterations side by side — each step traded a little speed for the comprehension and structural flexibility compliance and users both needed.
Two iterations were worth a closer look — one solved a structural problem with no precedent, the other was forced on us mid-build.

Iteration 3 — AU Level 2 user types. Wholesale and advanced-retail users had different requirements and benefits, with no existing pattern to follow. I added a user-type selector at the start of Level 2 that branches into the right flow — retail into the suitability test, wholesale into evidence upload.

Iteration 4 — adapting to regulatory change. Requirements kept shifting during build, so the design was updated several times on short notice. Working directly with compliance and legal, I reshaped the flow each month — from a wireframe aligning understanding, to revised benefits, to the branched flow — without ever blocking delivery.
04 · Key decisionsEvery meaningful decision on this project was a trade-off between what the regulator demanded and what the user could tolerate. Three mattered most.


Compliance signed off that a pre-quiz guide educates without steering users toward "correct" answers — so it shipped as a real UX feature.

Page modules: Forms, Questionnaire, Declarations and Upload Doc — composed differently per jurisdiction but built once.

Component modules: landing pages, required-information blocks and every verification step state — reused so AU and EU stayed consistent without extra work.
05 · Deep-diveThe hardest single screen-set in the project: a legally mandated suitability quiz retail users must pass before accessing derivatives. ASIC specifies the topics; the questions themselves are fixed and can't be paraphrased or omitted.
The wording is locked — only visual presentation and pacing could change. So I changed everything around the words.
Regulators want genuine understanding, not guidance. No tooltips or inline hints on quiz questions — hence the separate pre-quiz guide.
Reduce friction, but never at the cost of the assessment's legal validity. Failure had to stay a real outcome.

The assessment in context — Level 1 standard verification flows into the user-type branch, the crypto guide, the legally fixed quiz, and the verified state.
06 · MigrationStanding up a new regulated entity meant existing users who wanted EU access had to be re-verified under MiCA — not handed a blank new account, but routed to the minimum additional verification needed while preserving what they'd already completed.
Users sat at different verification levels. The flow had to read each starting state and ask only for what MiCA still required — never restart from zero.
Careful writing: too alarming and users abandon; too casual and they ignore it. The message had to explain the why and the consequence of not acting.
A user mid-migration sits across two entities. The design made that state transparent and recoverable rather than a dead end.

Step-by-step identity verification, a retail/wholesale dropdown that gates the assessment, then derivatives access or a spot-only path.

AU MVP: basic verification feeds a user-type dropdown that splits into the retail suitability test (Branch 1) and the wholesale evidence path (Branch 2).
Identity and document verification, PEP/sanctions screening, risk-disclosure acknowledgements, the educational guide and one-question-per-page quiz, with source-of-funds triggered by threshold.

EU MVP: identity and document capture, declarations and risk disclosures, the educational guide, the one-question-per-page quiz, and threshold-triggered source-of-funds.
08 · ImpactAU and EU flows cleared their regulators; the annotated designs went into the submissions.
Both markets went live on the planned schedule, despite requirements shifting mid-design.
Educational framing was built to lower cold-start friction without weakening the assessment's legal validity.
The jurisdiction-template structure became the starting point for later regional rollouts.