The custom roles that are available in ArcGIS Online is a good start. However, once a user is assigned that custom role, that user is stuck with that custom role with everything in his/her organizational account. I would like to see custom roles implemented on a group level, or even a content level. So a person might have a pubisher role in one group, and a user role in another group. And to make it even more refined, one user might have privileges to edit features in one map, but not have those privileges in another map. Currently a user's privileges is all or nothing, it applies across the board in AGOL.
So basically one person needs be able to have more than one custom role assigned to them, depending on the group or content they are working with.