Rebuilding compliance to unblock merchant activation

Postscript 2025 | Internal tooling + Merchant onboarding

Senior Product Designer on the App Systems team

Summary

Aug 13 – Oct 7, 2025

Context

Postscript is an SMS marketing platform serving 18,000+ Shopify stores. Before merchants can send SMS, they must complete a compliance process. Merchants routinely failed Toll-Free Number (TFN) verification and the compliance team was buried in manual audit work.

Outcome

The result was faster merchant activation with lower operational overhead. Compliance audit throughput increased 50x, manual reviews dropped 30%, and weekend shifts were eliminated.

My role

I led a two-part redesign across the merchant flow and internal tooling. I also pushed beyond the immediate scope, adding email notifications and contextual alerts to ensure the full compliance journey was covered.

Problem

Compliance process was broken on both sides

Compliance was the gate between sign-up and value, and it was breaking on both sides.

On the internal side, the SMS opt-in audit process was tedious and manual. A single audit could take hours of repetitive work, creating backlogs that delayed activation.

On the merchant side, TFN submissions failed frequently. Nearly 1,000 resubmissions over six months created 330+ hours of manual compliance work.

Internal-side: Bulk Upload + Auto Verification for Compliance Audits

Design thinking

Internal audits to verify compliant SMS opt-in could take hours, creating backlogs that delayed activation. User interviews with Compliance team surfaced three issues:

This surfaced three core pain points:

Evidence uploads were tedious and repetitive (no bulk actions)
Matching screenshots to opt-ins (Source ID) was slow and error-prone
Low confidence in match accuracy

Flow diagram comparing old and new upload process

Introducing bulk actions

I replaced one-by-one uploads with bulk upload (up to 25 files). The system handles partial success, providing clear file-level errors without blocking progress. I partnered with engineering to set file and size limits for performance.

Automated source ID ↔ File name matching

During research, I noticed the compliance team already used consistent file naming for screenshots. Instead of changing their workflow, I designed an automated system that extracts Source Platform and Source IDs from file names, flagging ambiguous matches for confirmation. This reduced lookup time and improved accuracy without adding steps.

Leveraged existing file naming convention to automate, reducing manual input

Dedicated experience for uploading

I initially proposed a dedicated modal, but there was pushback to reuse the existing table. To make the tradeoff concrete, I designed the table-based approach in full fidelity. It proved harder to scan, understand what was pending, and avoid missed actions. I partnered with engineering to estimate both options, and effort was similar, so we aligned on the modal for clearer states and lower long-term complexity.

Other lofi exploration: using existing table to display everything in on page

Auto-approval for internal uploads

To reduce unnecessary compliance overhead, I designed an auto-approval system for files uploaded by trusted internal users with a @postscript.io email address. This allowed the team to focus on higher-risk reviews.

Impact 🎉

User feedback

Cut typical audit uploads from ~1 hour to minutes
Eliminated bottlenecks in the file-to-approval workflow, enabling audits to be completed in one day instead of multiple days
Increased match confidence and accuracy

Merchant-side: Redesigning TFN Verification

Design thinking

The merchant workflow was also a bottleneck. TFN verification is required before merchants can launch popups, send campaigns, or even send a test message.

Frequent failures made resubmissions the main bottleneck, so I focused on preventing rejections up front. I partnered with Compliance, Product, and Engineering to identify the most common reasons for failure to target design fixes.

Collecting the right information upfront

We found that Postscript auto-filled addresses from Shopify, assuming they matched the legal business address required for TFN verification. Often, they did not.

I introduced clearer inputs for business registration details, including EINs, international identifiers, and a sole proprietor path. I also restructured the page to explain what TFN verification is and set expectations for how long it typically takes.

New TFN step during onboarding

Make status and failure reasons visible everywhere

I extended the experience beyond onboarding by adding contextual alerts across popups, campaigns, automations, and test messages so merchants knew when they were blocked, why, and how to fix it.

To reduce user confusion and prevent repeated verification failures, I surfaced the most common rejection reasons up front, allowing merchants to identify and fix issues before resubmitting.

Various points where TFN status and action is surfaced

Pushed to close the gap in onboarding

Merchants could not check TFN status unless they were in the product, so I pushed for email notifications on success and failure. Success emails nudged merchants to activate automations, campaigns, and popups. Failure emails explained what to fix, reducing delays and building trust even when merchants were not in the product.

Impact 🎉

This improved TFN verification experience lowered resubmission rates, reduced manual compliance reviews by 30%, and eliminated weekend shifts for the compliance team. It also reduced onboarding friction and helped merchants reach value faster.

Reflection

Both projects reinforced the value of designing the system end to end. By addressing input quality and verification throughput together, we reduced friction for merchants and eliminated bottlenecks for the compliance team.