< Back

OVERVIEW

Making compliance invisible → 70% faster Certificate of Analysis document creation

How I designed a template builder that makes compliance structural, giving QA teams flexibility without the fear of making errors or breaking rules.

Problem

QA teams spent ~45 min per COA, manually copying data and relying on memory to ensure compliance. Errors were inevitable.

Solution

A COA builder feature designed as a core part of the platform with a three-tier permission model - locked, partially locked, and free sections, so compliance is structural, not manual.

Impact

70% Faster COA creation

~85% Fewer errors

89% Template reuse

< Back

EAT SAFE VERIFIED

SHIPPED 2022

Making compliance invisible → 70% faster Certificate of Analysis document creation

How I designed a template builder that makes compliance structural, giving QA teams flexibility without the fear of making errors or breaking rules.

UX/UI

Systems Design

B2B SaaS

0 → 1

TL;DR

Problem

QA teams spent ~45 min per COA, manually copying data and relying on memory to ensure compliance. Errors were inevitable.

Solution

A COA builder feature designed as a core part of the platform with a three-tier permission model - locked, partially locked, and free sections, so compliance is structural, not manual.

Impact

70%

Faster COA creation

~85%

Fewer errors

89%

Template Reuse

OVERVIEW

DISCOVERY

The problem hiding in plain sight

When I joined EatSafeVerified, the brief for my first project seemed straightforward:
Help QA teams create Certificates of Analysis faster.

But I noticed something strange. These critical documents, the ones our entire product was supposed to support, were being assembled outside the platform. In Word. From templates saved in personal drives.

I needed to understand why. So I interviewed five QA managers across different company sizes and product types. Despite their differences, their workflows were almost identical.

When I joined EatSafeVerified, the brief for my first project seemed straightforward:
Help QA teams create Certificates of Analysis faster.

I needed to understand why. So I interviewed five QA managers across different company sizes and product types. Despite their differences, their workflows were almost identical.

What I saw

Here’s a typical walkthrough. A QA Manager at a mid-sized organic supplier has been building the same Certificate of Analysis for forty-three minutes. Exports test results from the lab system. Finds the right template buried somewhere in a personal drive. Copies values by hand. Cross-references FDA requirements. Double-checks everything...triple-checks the regulatory language. Generate PDF. Hope everything was right and nothing was missed.

~45 minutes, 6 App switches

Every step was manual. Every step was a chance for error.

"I know what a correct COA looks like... I just don't have the time to rebuild it every time."

- QA Manager, during research

This was the daily reality for most QA teams across our user base, and beyond. And in a zero-tolerance compliance domain, this was a problem that needed a solution.

But wait, what is ESV? And what is a COA!?

EatSafeVerified (ESV) is a B2B food safety platform used by suppliers, manufacturers, and QA teams to manage the entire workflow - from sample submission and lab test tracking to document generation and audit preparation. Clients range from small organic farms to large-scale food manufacturers.

A Certificate of Analysis (COA) is the regulatory backbone of food safety. They're official documents showing test results, product details, and compliance statements...it’s essentially a product's safety passport. A COA is what auditors ask for during FDA inspections. A missing field or outdated regulatory language can invalidate an entire product batch, delay shipments worth hundreds of thousands of dollars, or worse, trigger a recall.

My role in this project

I joined ESV as a Product Designer around February 2022. After a few days of onboarding and a few weeks of properly getting to know the platform top-bottom, I, along with Abhay, were tasked with owning this problem end-to-end. That meant framing the system problem, defining design strategy, making decisions about how compliance logic should work, and partnering with engineering and compliance teams to ship a solution.

Role

Product Designer

Team

2 Product Designers, 2 Engineers, 1 PM

Timeline

~6 months | Apr - Oct 2022

Skills

Problem definition & UX strategy, User research & workflow audits, Information architecture & interaction design, Prototyping, usability testing, iteration, Cross-functional collaboration with engineering, QA, and SMEs

The initial brief was about speed, "Help QA teams create COAs faster." But after watching those workflows, I realised we were solving the wrong problem.

The issue wasn't speed. The issue was that correctness depended on people being careful. And in regulated domains, that's not a workflow, it's a liability.

The initial brief was about speed, "Help QA teams create COAs faster." But after watching those workflows, I realised we were solving the wrong problem.

The issue wasn't speed. The issue was that correctness depended on people being careful. And in regulated domains, that's not a workflow, it's a liability.

DISCOVERY

RESEARCH

Getting uncomfortable with the truth

Getting to know our users meant asking questions that made us get to the root of the problem...

"What’s your workflow like generally creating a COA?"

"Walk me through the last time you caught a compliance error."

"What one thing you don’t like about this process?”

I spent a week interviewing and shadowing QA specialists.

🗣️

5 QA MANAGERS

In-depth Interviews

👀

2 WEEKS SHADOWING

Contextual Inquiry

📊

USAGE ANALYTICS

Quantitative Data

‘The Templates were archaeological artifacts’

Here's what struck me: those personal drive templates weren't just used for convenience. They were years of institutional knowledge encoded in formatting decisions and consistency, field placements, and layout choices that nobody fully remembered anymore.

Teams avoided rebuilding them because the invisible expertise would be lost. Every template was an artifact of lessons learned the hard way.

I realised we weren't dealing with a documentation problem. We were dealing with a responsibility problem. The platform was delegating its most critical responsibility, compliance , to human vigilance.

What the numbers revealed

Digging into usage data with the team revealed patterns that matched what I was seeing:

6-8

Compliance errors per month

60%

From outdated templates

Direct template reuse

100%

Manual review before sending

Most compliance errors didn't come from users being careless.

They came from users carefully following outdated templates.

The error existed before the work began.

RESEARCH

FRAMING

The Flexibility vs Safety standoff

There was this tension that kept turning up during research...

QA teams genuinely needed flexibility. Customisation wasn't just for looks and aesthetics... it was part of client trust and professional credibility. Different clients wanted different layouts, branding, and presentation styles.

But any flexibility that allowed required fields or regulatory language to be altered introduced unacceptable risk.

Too much freedom

Missing mandatory fields

Outdated regulatory language

Transcription errors

Audit failures

Too much restriction

Rigid, one-size-fits-all output

Workarounds outside the system

Unhappy clients

Eventually back to personal templates

Both approaches depended on vigilance. And any design in this context that requires people to be careful has already failed.

The question that led to the solution

What if we stopped asking "how do we help users avoid mistakes" and started asking "how do we make mistakes structurally impossible"?

FRAMING

SOLUTION

What if documents were systems ??

The solution emerged from a shift in perspective.

COAs aren't really documents. They're assemblies of parts - each with its own rules about what can change.

I worked with engineering to decompose COAs into modular sections : branding, product metadata, test results, regulatory text, signatures, each with explicit permissions:

Information Architecture

Certificate of Analysis

🔒

LOCKED

Test results

Regulatory statements

Product name

System-controlled. Can reposition, can't edit content.

🔐

PARTIALLY LOCKED

Product metadata

Signature block

Contact details

Some fields locked, others editable. Layout flexible.

✏️

FREE

Company branding

Custom sections

Text boxes

Full control. Add, edit, delete, style as needed.

💡 The Key Insight

Compliance logic was enforced structurally. Invalid states simply can’t be created.

If the system let you do something, it was safe.

If it didn't, there was a reason.

Compliance logic was enforced structurally. Invalid states simply can’t be created.

If the system let you do something, it was safe.

If it didn't, there was a reason.

The system owns correctness. Users own customisation.

and finally...The COA Builder

The workflow became straightforward and simple:

1 Build template

One time setup

2 Select template

From Library

3 Apply Product

Auto-populate data

4 Generate COA

Validated output

Drag-and-droppable data fields

Users can drag data fields from the right panel directly onto sections. These fields auto-populate when a product is applied - no manual entry required.

Freedom to customize

Easily customise headers, logo, text and placement to match your company or brand.

Straightforward end-to-end process

Create a template, select a product, and apply the template to the product to create a detailed COA.

SOLUTION

TESTING

This wasn’t the final answer...

Naturally, the first design had problems.

Early usability testing revealed a problem: users couldn't tell what was editable vs. locked until they tried to interact with it. This created constant uncertainty.

"I'm not sure if this is a bug or if I'm not supposed to do this."

- Participant during Round 1 testing

Our first solution? Tooltips , explaining each permission level.

They were completely useless because nobody hovers long enough everytime to read tooltips.

What actually worked...

Persistent visual hierarchy

Lock badges on required sections, visible at all times. Distinct colours by permission level. No guessing.

Silent Prevention

Cursor becomes a lock icon when hovering over locked content. Grabber over moveable content.

By Round 3 testing, hesitation had almost completely disappeared. Users moved decisively. When the system prevented an action, they accepted it as a structural boundary, not a failure.

✨ The moment we knew it worked!

A QA specialist tried to delete a required section, saw it snap back, and immediately said

" Oh, right...can't remove that."

No frustration. No confusion. The interaction taught her the rule clearly.

A QA specialist tried to delete a required section, saw it snap back, and immediately said

" Oh, right...can't remove that."

No frustration. No confusion. The interaction taught her the rule clearly.

TESTING

IMPACT

The numbers ( and what they don’t tell you )

The numbers

( and what they don’t tell you )

70%

Faster creation time

~85%

Fewer compliance errors

89%

Template reuse

But the numbers weren’t the real story...

🧠 The behavioural shifts were!

Teams stopped double checking

In the first weeks after launch, QA teams still manually reviewed every generated COA - old habits. By week four, that behaviour had almost completely disappeared. They'd internalised that even if they wanted to create an invalid COA, the system wouldn't let them.

Expertise shifted focus

QA managers stopped spending cognitive energy on compliance mechanics. Instead, they focused on what actually required human judgment: interpreting borderline test results, advising clients on edge cases, analysing patterns across products.

Onboarding transformed

Before : 2-3 weeks of shadowing before new hires could create COAs independently.

After : New team members productive on day one. The system encoded the institutional knowledge.