Great-West Life Tim Hortons Care: Bilingual EN/FR WordPress Theme
Bilingual EN/FR enterprise WordPress theme for a regulated Great-West Life employee assistance platform. Two...
Building a WordPress platform for a global reinsurance company operating in regulated financial services markets across multiple jurisdictions creates a specific set of requirements that converge on a single constraint: nothing can be wrong. Accessibility compliance is not optional for a regulated financial services organization - it is a legal requirement. Multi-lingual correctness is not a nice-to-have for a platform serving both US and Canadian markets - it affects whether content reaches the intended audience in the intended form. Security is not a checklist item - it is a design constraint enforced by an internal IT team with the authority to reject any commit that does not meet the bar.
At the same time, Munich Re’s business team needed to be able to manage content on the platform independently. A platform built for compliance and security that requires developer involvement for every content update is not a platform - it is a dependency. The editorial interface had to be clean enough for non-technical users to operate confidently while the underlying architecture met IT security review standards.
Custom WordPress Theme - No Framework Dependency
Built from scratch to Munich Re’s brand standards with no dependency on commercial theme frameworks. This was a deliberate architectural decision: commercial themes carry third-party code, third-party update schedules, and third-party security postures that cannot be fully controlled. A custom theme is the only approach that gives an enterprise IT security team full visibility and control over what is executing on their platform.
Multi-Lingual Architecture (US + Canadian Markets)
Multi-lingual implementation extended the platform for US and Canadian market content from day one, with language-aware routing and content management integrated into the editorial workflow. Built in at the architecture level rather than added later - retrofitting multilingual support into an existing platform creates content relationship problems that a native implementation avoids entirely.
WCAG Accessibility Compliance
Accessible design built into every template and component, meeting WCAG standards required for a regulated financial services organization operating in multiple jurisdictions. Accessibility compliance in this context is both a legal requirement and a reputational obligation - a non-compliant platform for an organization of Munich Re’s profile is not a minor issue.
Ajax Search for Large Content Library
Fast, seamless content discovery across a large content library without full-page reloads - important for a platform with a significant volume of promotional and informational articles where partners needed to find specific content quickly. The Ajax implementation kept search responsive at the platform’s content scale without degrading the browsing experience.
Secure Google Maps Integration
Google Maps integrated under the secure display requirements for geographic data in the reinsurance context. Geographic data in a regulated financial services context has specific handling requirements - the integration was built to satisfy the IT security team’s requirements for how external API data was surfaced on the platform.
Performance Optimization and Security Hardening
Database query optimization, server-side caching, and hardened WordPress security configuration to maintain reliability and security at the platform’s policy scale. The security hardening was not a post-launch addition - it was built into the architecture from the start. Munich Re’s IT security team ran penetration tests and automated security scans before deployment. The platform passed.
Kirki Customizer-Driven Editorial Interface
WordPress Customizer extended via Kirki to give Munich Re’s business team full control over content, imagery, and layout configuration without developer involvement for routine updates. The editorial interface had to be clean and unambiguous enough for non-technical users while the underlying code met enterprise IT security review standards.
Munich Re’s internal code review process was the most rigorous codebase review of Dejan’s career. It built habits that do not disappear when the engagement ends: nonce verification on every form submission because the Munich Re IT team would have flagged it immediately if it was missing. Capability checks before every privileged action because the IT team assumed privilege escalation vectors existed until the code proved otherwise. Prepared statements on every database query because parameterized queries are not optional when IT security is reviewing the SQL layer.
That bar, applied consistently across every project since - regardless of whether the client has a team of 300 in IT or three - is what the Munich Re standard means when it appears in the enterprise consulting and security auditing service descriptions.