The problem
To open an account at a regulated Swiss digital asset bank, two separate compliance requirements must be satisfied.
KYC — Know Your Customer. Identity verification confirming you are who your documents say you are. Required under Swiss AML law before any account can be opened.
QES — Qualified Electronic Signature. A legally binding digital signature under Swiss and EU law. QES has its own identity verification requirement. You cannot sign a legally binding document without first proving your identity to the required standard.
The default implementation of both requirements is sequential: verify identity for KYC, complete the journey, then verify identity again for QES. Two ID document scans. Two liveness checks. The same user, proving they are the same person, twice.
That's not a compliant edge case or a minor inconvenience. It's a fundamental UX failure at one of the most friction-heavy moments in an already demanding onboarding journey.
The insight
When evaluating QES providers against Swiss regulatory standards, it became clear that QES requires its own KYC-grade identity check before a signature can be legally valid. That led to an obvious question: if a full KYC liveness check already happens earlier in the journey, why does it need to happen again?
The answer was: because that's how vendors default to implementing it.
The better question was: does it have to work that way?
The approach
We were evaluating a provider capable of fulfilling both KYC and QES to Swiss regulatory standards. Once we understood that QES required its own identity verification, we worked with our technical partner and the provider to ask a direct question: could a single liveness check satisfy both the KYC requirement and the QES identity requirement simultaneously, with compliant documentation covering both?
This wasn't purely a UX request. It required the provider to produce documentation compliant with both Swiss KYC requirements and Swiss QES requirements in a single verification pass — a regulatory deliverable, not just a technical simplification.
They confirmed it was possible. We built it that way.
What the user experiences
During KYC: scan ID document front and back, complete a liveness check. Identity verified. KYC satisfied. QES identity requirement satisfied simultaneously.
The user then completes the remainder of the onboarding flow.
During QES: one OTP to sign the contract. No second ID scan. No second liveness check. The contract is signed. The application is submitted.
Why this matters beyond UX
Removing the duplicate verification reduces drop-off at a high-stakes moment. Liveness checks are cognitively and technically demanding. Asking a user to complete one is a meaningful request. Asking them to complete two, for no apparent reason, at a point where they're already fatigued from a long journey, is a meaningful drop-off risk.
It also removes a trust-breaking moment. Being asked to prove your identity twice implies either that the first check failed or that the system doesn't know what it's doing. Neither is a message you want to send to a professional investor opening a regulated banking account.
Most importantly, it demonstrates that compliance requirements and good UX are not in opposition. The instinct in regulated environments is to default to whatever the vendor provides and work around it at the UI layer. The better instinct is to ask whether the vendor's default is actually required — and to push for a better implementation when it isn't.
The lesson
The best UX interventions in regulated environments aren't always design decisions. Sometimes they're conversations, with the right people, asking the right question at the right moment.
Knowing enough about the regulatory requirements to realise that two identity checks could be consolidated into one compliant pass — and then asking whether that was possible — saved every future user from scanning their identity documents twice.
That question was worth asking.
