Four Eyes Principle
The Four Eyes Principle is a widely used Internal Control that requires that any activity by an individual within the organization that has a material risk profile must be controlled (reviewed, double checked) by a second individual that is independent and competent.
The objective of the control is to mitigate risks primarily of the following two types:
but potentially also other risks
Implementing this control is relatively simple in document based approval processes as it requires adding additional qualified persons in the approval list
Issues and Challenges
- Implementing the principle may be excessively onerous in resources or even impossible in cases where individuals within the organization possess unique knowledge / expertise.
- The lack of sufficient depth in check and balances is related also to Key Person Risk