Gapstack — Case Study

Context

Gapstack moves money across borders for businesses and financial institutions — which means every screen sits on top of compliance, liquidity, and multi-currency logic. I own the design lifecycle end to end across the global payments and trade-finance platform, for two distinct audiences: the Partner Console, used by the businesses sending and receiving money, and the Admin Console, used internally by the contracting bank or fintech to supervise everything happening on top of their rails.

This case study focuses on the Admin Console — the operational control plane that lets a contractor's compliance, treasury, operations, and account teams coordinate partner onboarding, treasury proposals, FX pricing, liquidity, compliance screening, and granular entitlements from a single, unified interface.

Fintech infrastructure B2B admin console KYB/KYC workflows Treasury & FX tooling Compliance & risk Multi-tenant entitlements Design systems AI-assisted workflows

The problem

Before this console existed in its current form, supervising cross-border activity meant stitching together visibility across departments that each had their own tools and assumptions: compliance ran sanctions and KYC checks in isolation, treasury negotiated FX proposals over email and spreadsheets, and operations had no single view of which partner was stuck where in onboarding. Every new partner relationship multiplied this coordination overhead.

Partner due diligence required manually cross-checking KYB documents, director details, and jurisdiction-specific requirements with no system support — and no clear "who owns this step right now" signal between partner and admin
Treasury teams managed FX rate proposals and counterparty negotiation outside the platform, so there was no audit trail tying an agreed rate back to the corridor it applied to
Liquidity visibility — available funds, locked amounts, funding model per partner — was siloed from the entitlements that actually controlled what a partner was allowed to do
Compliance risk controls (limits, geofencing, velocity rules) and partner-specific feature flags lived in disconnected configuration, making it hard to reconstruct why a transaction was denied after the fact
As Gapstack scaled to more contractor banks and corridors, every one of these gaps multiplied linearly with each new partner and market

"I can see the transaction was denied. I can't see why, who approved the limit it tripped, or whether that limit was even still correct."

— Compliance lead, contractor bank · Discovery interview

Design process

01 · DISCOVER

Cross-functional mapping

Mapped how compliance, treasury, operations, and technical onboarding teams each interacted with partner data — and where those views diverged or went stale.

02 · DEFINE

Module architecture

Defined a 9-module information architecture — Onboarding, Remittance, Treasury, FX, Liquidity, Compliance, Entitlements, API Docs, and Roles & Settings — as the backbone of the console.

03 · DESIGN

System-first screens

Designed against a shared token system so every module — from a compliance dashboard to a webhook delivery log — reads as one coherent product, not nine bolted-together tools.

04 · GOVERN

Maker–checker everywhere

Built approval and audit patterns (maker–checker on rates, versioned entitlement diffs, security history) into the system rather than retrofitting them per module.

Module map

The Admin Console brings nine functional areas into a single, partner-scoped interface, so the contractor never has to leave the platform to coordinate across teams.

GAPSTACK ADMIN CONSOLE · Module architecture

Dashboard

Real-time traffic, corridors, volume, pending actions

Partner Onboarding

Self-serve & admin-assisted KYB, contacts, services, contracts

Remittance

Transaction analytics, detail view, progress tracking

Treasury

Proposals, deals, settlement cycles, funding

FX

Bulk & manual rates, pricing rules, quotes

Liquidity

Balances, top-ups, holds & locks, funding limits

Compliance

AML/CFT screening, alert types, manual checks

Entitlements

Corridors, limits, geofencing, flags, webhooks, audit

Roles & Settings

Team members, roles, access control, security history

Design decisions

01 · ONBOARDING

AI-assisted, jurisdiction-aware KYB intake

The onboarding flow supports both partner-driven self-onboarding and admin-assisted onboarding. AI automatically identifies which KYB documents are required based on the country the partner's business license was issued in, and pre-fills company details extracted from uploaded documents — turning a document-chasing exercise into a guided, jurisdiction-aware checklist.

02 · ESCALATION MATRIX

Structured contacts become an automated escalation path

Rather than a flat contacts list, onboarding captures primary, business, treasury, compliance, technical, and legal contacts separately. That structure feeds an automated escalation matrix, so the right person is notified automatically when something in their domain needs attention — instead of every issue routing through one inbox.

03 · TREASURY PROPOSALS

Negotiation as a first-class, auditable object

The Create Proposal flow lets the contractor propose a rate for a specific currency pair, partner, and value date, which the partner can accept, decline, amend, or counter. Every proposal, amendment, and counter-offer is versioned — replacing email/spreadsheet negotiation with a structured, auditable trail tied directly to deals and settlement cycles.

04 · MAKER–CHECKER FX

Bulk rate uploads with mandatory second-approver review

Bulk FX rate updates go through a CSV template with a required checker (name + email) before anything publishes. Manual rate setup follows the same maker–checker principle. This pattern — propose, route to a second approver, then apply — recurs across the console wherever a mistake would be costly.

05 · LIQUIDITY AS A MIRROR

Wallet top-ups that mirror real-world funding

The Top-Up flow lets the contractor credit a partner's wallet to reflect funds actually received in their bank account — explicitly framed as creating a mirror of real-world balances inside the platform, rather than an abstract ledger entry. Holds, locks, and funding-model limits sit alongside this so exposure is visible at a glance.

06 · GRANULAR ENTITLEMENTS

Boolean + tunable flags for a true multi-tenant model

Entitlements separate simple on/off Boolean flags (instant settlement, enhanced KYC) from Tunable flags with adjustable ranges (settlement delay hours, risk thresholds). Combined with per-partner corridors, limits, geofencing, and webhooks, this gives every partner a tailored risk profile within one shared platform — without one-off code paths.

07 · COMPLIANCE TRACEABILITY

From "denied" to "why" in one click

The Compliance module reports success rates by alert type (sanctions, geofencing, velocity, KYC flags) and lets the contractor drill into any transaction for a full breakdown of related screening results — directly answering the discovery insight that denials were visible but not explainable.

08 · FULL AUDIT TRAIL

Versioned configuration history with diffs

Every entitlement change is captured in a version-history timeline with filtering by field, user, change type, or date — plus a required "reason for change" and a view-diff comparison between versions. Configuration is no longer a black box when something needs to be reconstructed for a regulator or internal review.

Key screens

A selection of screens from the live Admin Console, shown here on a contractor bank's white-labelled instance.

Gapstack Admin Console dashboard — payment summary, remittance volume, recent transactions

FIG. 01 — Dashboard: payment summary by rail, remittance volume trend, performance-by-type breakdown, recent transactions with live status

Partner onboarding — director details form

FIG. 02 — Assisted onboarding: director details step, with progress shown against Documents → Company Details → Contacts → Services → Contracts

Treasury proposal management — create proposal modal

FIG. 03 — Treasury: Create Proposal modal for a counterparty, currency pair, amount, and value date — tied to Proposal Management's accept/decline/counter workflow

FX pricing rule detail — markup, fees, tax, performance

FIG. 04 — FX: pricing rule detail for a corridor (US → KE, Bank, Pro tier) — markup, fee structure, tax configuration, 30-day performance

Entitlements overview — active partners, validations, deny rate

FIG. 05 — Entitlements overview: active partners, real-time validations, deny rate, and recent validation decisions at a glance

Entitlements webhooks — delivery performance, endpoint settings, event subscriptions, delivery history

FIG. 06 — Entitlements → Webhooks: delivery performance, endpoint + HMAC settings, event subscriptions, and per-event delivery history with retry

Outcomes

The Admin Console replaced what used to be cross-team coordination by email, spreadsheet, and tribal knowledge with a single operational surface. Onboarding, treasury negotiation, FX pricing, liquidity, compliance, and entitlements now share one design system, one partner-scoping model, and one audit trail — so adding a new contractor bank or corridor no longer means re-solving the same coordination problems from scratch.

operational modules unified into one console

Maker–checker

governance built into FX & rate workflows

Full

versioned audit trail on every entitlement change

Rather than bolting on AI for its own sake, AI was integrated where it removed real friction: jurisdiction-aware document detection during onboarding, AI-extracted company details, and automated sandbox-to-production test migration — designed to support, not replace, the judgment of compliance and treasury teams.

What I learned

Compliance, treasury, and operations don't share a mental model by default — the IA has to build one. Mapping how each department actually used partner data (before drawing a single screen) was what made a 9-module console feel unified instead of like nine separate tools wearing the same header.
"Denied" without "why" erodes trust faster than an outage. The single highest-leverage change in Compliance was letting an admin click straight from a denied transaction into its full screening breakdown — turning a black box into a debuggable decision.
Governance patterns should be designed once and reused, not invented per module. Maker–checker on FX rates and versioned diffs on entitlements are the same underlying pattern — propose, route to a second approver, apply, record. Recognising that early meant treasury and entitlements could share components instead of diverging.
Multi-tenancy is a flags problem as much as a permissions problem. Separating Boolean flags from Tunable flags gave each partner a genuinely tailored risk profile without forking the underlying product — the distinction looks small in the UI but it's what keeps the platform scalable across very different contractor banks.