Working in a financial domain over the last year, it was only a matter of time before I would be confronted with one of the variations of the two-man rule: the four-eye principle. Satisfying the principle is simple enough; an extra pair of eyes needs to approve of requested changes before they're applied to the system. This measure should prevent mistakes such as a user nuking North Korea by accident, or transferring all corporate funds to a personal off-shore bank account. In practice all you need is an accomplice. Although I have seen artifacts of this concept, this is the first time I actively had to model it myself. Since I looked online for inspiration, but returned empty handed, I'm documenting my findings here.