Jump to content

4-Eyes Principle (or the Two-man rule) is a risk control mechanism where an action needs to be approved by two people before implementation.


An application-oriented question on the topic along with responses can be seen below. The best answer was provided by Natwar Lal on 23rd Mar 2021.


Applause for all the respondents - Arpana Ananth, Mayuri Chandra, Sundeep Kailwoo, R Rajesh, Natwar Lal, Rajesh Chakrabarty


Q 349. What is the 4-Eyes Principle? If implemented in the process, will you classify it as Value Adding or Non-Value Adding? (Support your answers with relevant examples)



Note for website visitors - Two questions are asked every week on this platform. One on Tuesday and the other on Friday.

Link to post
Share on other sites

7 answers to this question

Recommended Posts

  • 0
  • Solution

4 Eyes Principle - it is a risk control method where a set of 4 eyes (or 2 people) must approve or check something before it could be done. The fact that no human being is perfect led to the use and popularity of method. The concept is simple - the odds of two different people making the same mistake at the same time are very very small and NOT ZERO. This is the reasons that there have been instances where some errors have happened even when 2 or more people have checked the same thing.


If implemented in the process, will it be value adding or non-value adding?


Ideally, it will be a non value adding activity. However there are instances where the customers are willing to pay for multiple people checking the same thing. In such scenarios, 4 or 6 or even 8 eye checks become value adding. Barring it, 4 eyes principle is a non-value adding activity usually made mandatory by the regulator for safety concerns and hence is classified as value enabling activity.


Examples where 4-Eyes principle is value adding

1. Authors usually want multiple reviews (copy edits, proof reads etc.) of their work before publishing and they are willing to pay for such reviews. 


2. Managed services (outsourcing work), clients sometime warrant dual data entry and pay for the same (imagine the cost arbitrage - cost of 2 outsourced FTEs is less than 1 onshore FTE) 


3.  Patients willingly take second opinions before major medical procedures.


In the above it is clear that the customer is willing to pay for the multiple reviews or checks.


Examples where 4-Eyes principle is non-value adding

1. Banking transactions need to be approved by 2 or more people depending on the ticket value (usually called as maker-checker process)


2. Presence of 2 pilots in the cockpit. Both should check and confirm the same thing before an action is taken


3. Closing of doors on the plane. 2 crew members should check and confirm it


4. Presence of team of doctors and nurses during surgeries. Doctors ask for the instrument by calling its name, the junior doctors or nurses hands over the instrument by calling its name again. Double confirmation that correct instrument is being used


5. Presence of two people for opening of bank safes and lockers


All these examples have a cost of failure and hence 4-Eyes principle is implemented so that the risk of failure is minimized. In such cases this becomes an example of a value enabler activity.


Example where 4-Eyes principle is a complete waste

1. Putting additional layers of audits in service industry because of customer complaints and escalations




Link to post
Share on other sites
  • 0

A 4 eye check is typically used as quality control in processes such as banking where disbursement of funds is checked twice or approval of disbursement is done after a 4 eye check. 
This is an NVA In the process and in some cases can become an essential NVA (regulatory requirements) but does not add any value to the customer or the process. The recent Citibank/Revlon issue has clearly shown that the 4 eye check is definitely not fool proof to say the least!

what is needed; are systems and processes in place that eliminate the need for a 4 eye ( a blind re-key as an example though also an NVA will improve accuracy and reduce costs). The right logic, validations and systemic integrity checks can do away with most such checks.

Link to post
Share on other sites
  • 0

Hi All, I consider 4- eye check a NVA as it is redoing the same work or over processing. It's one of the kinds of waste and a good opportunity to work on and needs to be eliminated. We need to focus on how to make the upstream infrastructure more robust using the enhanced technology. There is no guarantee that the a 4-eye check is a foolproof step to follow. Our focus should be on upstream standardization, also use AI / ML where applicable and try to achieve DO IT RIGHT THE FIRST TIME model !!!

Link to post
Share on other sites
  • 0

4 Eye Principle , Check the Checker Process is a common practice , generally performed on a Sample rather than the whole Lot unless the process mandates and is critical part of delivery , 4 Eye Principle may be a regulatory requirement as well and we will discuss this in further through this write up. At times processes go beyond 4 Eye Principle and deploy 6 Eye process when the scope of making an error is financially and reputational too significant to avoid costs that may be required to set up such a process.


Deploying 4 Eye Principle generally attracts the discussions in the Continuous Improvement Teams whether the activity is classified as Value Add , Non Value Add or Essential Non Value Add step in the process. Following the principles of LEAN , reducing Waste and Doing the Things Right the first Time. Rework , Audit , Check the Checker is a Waste or a Non Value Add activity. 


Deploying the 4 Eye Principle may be justified and required depending upon the Level of maturity of the process. A Process which is newly transitioned or developed by a few experts and needs to be localized across the population , will need deployment of 4 Eye Principle , to make sure no critical error and deviations are passed onto customers and the observations made during the process is used to retrain the task executioners on off repeated errors , In this Scenario , 4 Eye Check can be considered as an Essential Non Value add activity.


But a Process which is mature and the process input , Process steps and output generated are standard , 4 Eye Principle may be a redundant activity , which employees resources but provide no feedback into the system , as the process is in Control with natural variations existing .


Some  Value Add / ( Rather ) Essential Non value Add Examples of deploying 4 Eye Principle:


Financial Transactions  - The recent Citibank / Wipro $900 Million Error that lead to a transfer of $900 Million transfer to lenders rather than $8 Million transfer happened even despite a Six Eye Protocol. Even after a 4 Eye check was performed at Wipro's end , another 2 Eye Check was performed by Citibank officials before the transfer was approved. In Critical processes like this and many similar cases where the financial implication of bypassing an error may lead to enormous Financial and reputations risks , Companies may choose to go with a 4 Eye Principle no matter at what Maturity level the process is operating at. Cost benefit Analysis will always weigh in favor to deploy a check the checker process. 


Medical Surgical Process- Nurses assist the surgeons during an operation not only in assisting the main doctor during the procedure but also makes sure they provide the right instrument when asked for and the Doctor can verify that its the right instrument what was required at that point in time . In Life saving situations and processes if 4 Eye Check is deployed , its value can be ascertained from the fact that human life could be saved by making sure no error passed through the process during surgery.



Some Non value Add Examples of deploying 4 Eye Principle:


Auditing the Whole Population rather than a Sample : In a Process that's matured over a period of time and the Processes are supported by right tools and applications during the processing of a unit , we may not need the 4 Eye Principle in that process at all , and even if we want to make sure that the process owners are able to catch ant special cause variation leading to any deviation in the out , we can deploy a certain % sample output check rather than deploying resources to Audit each and every unit . In this scenario , the 4 Eye Principle is a Pure non Value Add activity .


Baggage Scanning Process - In some of the airports we have observed that the Check in and Carry on Baggage are scanned more than once and then physically checked at the security point. Not only does this create a bottle neck in the whole process but impacts the Customer experience as well. If done right the first time and all protocols are followed at the first check point , doing it multiple times in stages ahead a Pure Non Value add task , that not only increase the time to complete one check in cycle time but also involves Cost in Deploying human and machine resources at multiple check points.




Link to post
Share on other sites
  • 0

4-Eyes Principle :


A generic definition says that it can be a rule/requirement/activity by which decisions/business transactions need approval from two individuals.


Advantage of 4-Eyes Principle:

1. It gives the confidence that more than one person (atleast two persons) have gone through the activity(can be artifacts/processes or anything)


2. It gives all the stakeholders the comfort on the fact that it was addressed properly since different persons have vetted something


3. It improves the quality of the activity, which is being scrutinized/examined  

Let us see examples across various sectors

In Agile world, there is a technique called 'Pair Programming' which is , i would say a version of 4 eyes. Here, while one developer writes the code, the other does an inline review of the code (and provide valuable inputs) and both will take turns to do these two activities (Coding and reviewing). It has been proven that it improves quality by 150%.     

While doing the talent scouting (when looking for the right players to play for their team), often a sports team will take its coach/few key personnel might look for the right players and once they finalize, then the team mgmt (selection board) will take a second look and confirm (even if this happens to be a customary one)


Appraisal System:

In Many IT companies, this is a prevalent process. The performance of a person(appraisee) is appraised by two persons, the appraiser(immediate supervisor of the appraisee) and the reviewer(appraiser's supervisor). This is to ensure that the performance of the appraisee is rightly evaluated and ensure that no human bias/inadvertent mistake is introduced in the process.

Other Examples:
1. How many times, we would have seen in banking or financial sectors with two persons holding key positions, who would verify the transactional details or artifacts and then provide their signatures!!


2. Take DevOps / Business Process Management(BPM) tools - You can see human intervention with machines just to ensure that if machine is treated as one pair of eyes, then human intervention as another. This happens especially in BPM tools thereby stressing on this 4-eye principle.


Is this principle, a Value Add or Non Value Add :

It depends on the context in which this is being used. As stated in above examples, there are many instances where this principle is a real value add. But there can be some cases where it can be a non-value add or value enablers. Let us see such scenarios.  


Imagine in an IT company, a product is being developed.The customer is unhappy with the quality of the code being written and that is impacting the performance of the product . The IT service providing company is trying to improve its code review process (which it sees as the root cause for the poor code quality). Earlier it had only a self-review by the developer. Now it is introducing 2 pair of reviews(or 4-eye) which means a self-review and followed by a peer-to-peer or a SME(Subject Matter Expert) review, which will be done by someone within the team. This way the IT company feels, can strengthen the code review process and thereby the product's code quality!! But with respect to the customer, this process improvement does not mean anything as it is internal to the IT company. All the customer needs is a qualitative product.


Therefore from that point of view, this is a non value added activity for the customer, whereas this activity(4-eye principle for code review) becomes a value-enabling one for the IT company. So it is the context that decides which activity can be value add, non-value add and value enabler and from whose perspective (Whether the service provider or from customer point of view) also matters.


Let us see the same case , with a twist.These are the early days for the project team. The team does not know how to fix this quality issue. The management ropes in a developer(from another team) for 2 weeks, who knows few static code analyser tools which can automatically check the coding standards and suggest best practices and the developer also has knowledge on some design patterns. He parts this knowledge to the team before he leaves. Now every developer does a self-review before he/she builds the code. As soon as the code is built, the static analysis tools get triggered and the developed code undergoes a code review (4-eye principle now enabled). The results are now produced. If there are errors, then the build process is stopped, else it proceeds and build is successfully done. Now the customer is willing to pay for this process because it automates the code review process and quality is built into the system.

Where 4-eyes principle may not be more useful?
Its practically difficult to use this principle in every situation/scenario. This is what i feel!! To point out a few,


1.It may not be as useful as it may be, where time is a constraint
 (Eg: When you want to do a hot fix for a production environment issue)

2.When the cost of doing this exercise is more than the expected benefit

3.If the outcome is not sensitive to anyone, why bother verifying with 2 persons



4-eyes principle is an excellent principle which will act as a deterrence for making mistakes, especially human errors.It can be used anywhere where the right outcome (precision, accuracy) is required to the maximum hilt. There can be cases where the use of 4-eyes principle can be a costly affair.But the benefits outweigh the costs in most of the cases.


Though it may seem that with the advent of technology, the 4-eyes principle might have lost its sheen, a bit, its not the case. Still human presence is required to oversee the process improvements as we have not completely moved to AI technologies.Earlier , it used be 2 human beings as 2 pair of eyes(4-eyes), now it is a machine and human being (though technically it may not be called as 4-eye) and in the future it could be machine and machine !!

Link to post
Share on other sites
  • 0

The Four-Eyes Principle is used in many organizations, in business transactions to protect against negligence and corruption. In Business organization, all important decisions are approved by at least 2 individuals, more often the CEO and the CFO- so it is the 2 Eyes of the CEO and 2 Eyes of the CFO- thus the name 4 Eyes Principle.

This concept is used in the many fields, for example, most us may have experienced; when we go to withdraw money at a bank, our submitted Cheque slips are scrutinized by 2 people- The idea is that 4 eyes see more than 2 eyes, so all errors or lapses, if any, can be spotted. Having said that, we know that there are many cases of forgery and frauds that happens in banks.

The idea works in many cases, as a sound principle, but 100% accuracy is not guaranteed as the devil is in the details, ie. It may look like a simple principle, but will take more time and effort. With the advent of relevant technology in machine learning and data transfers, I am sure a scanning device which can check on the correctness of the details on the cheque, including signature, will provide better accuracy in lesser time- All relevant to providing value to the customer.

It would be fine to state, hence, that just because the principle is followed in many Small business and is well known and many believe in it, does not mean it makes sense. No Value added!!

Before I go ahead , I must mention that there are some situations where this principle is relevant and used with stronger purpose, but there is always exceptional inaccuracies and incorrectness in the output.

Few situations where the principle is used as a practice

-          In a small organization, where process control is deemed at max priority. – However, most of the times, the yearend audits are always an arduous task.

-          In organizations where the finances are managed directly by the investor and the CEO needs to provide a certain level of guaranty that invested monies will have desired level of ROI. This is more like a check and control method, but the blame game in most cases always exists.

-          The confidence, maybe due to previous experiences, is low on the employees- But I believe, hiring better employees and proper training and valid checkpoints are always better option

-          It is taken for granted that approvals from the CEO and CFO confirm the sanctity and requirement of the project/ transaction – This is an organizational culture, it results in many delays in projects “waiting” for approvals

-          It may be a transaction that is very critical for the organization; Example that is very common is Banking transaction- Signatures of both the CFO and the CEO is taken.- This is probably the most apt situation for the 4 eye principle, as it rests the accountability on the top 2 people

-          In Translation business, it makes sense in certain circumstances, wherein the second person is a proof reader who knows as much or more about the translation as what the original translator (first 2 eyes) knew. Though here also, there is no guarantee of 100% accuracy.


As is very obvious, although the 4 eyes principle adds some element of security to a decision making process, it’s effectiveness depends, in the first place, on the competency and integrity and diligence of any involved individual. There is every chance that the 2 people who are designated for the 4 eye principle, may have some “understanding” within themselves and take advantage of the authority to commit some possible irregularity.

I know of some organizations that defend the principle by following a random rotation of authorized individual is done so that it cannot be known with any certainty which 2 people will be dealing with a given decision/ process. This helps to check any sort of “understanding” between the regular people to commit any possible irregularities.  However, the four eyes principle is not a guarantee of anything.

I strongly believe that if we want to run strong processes and safe/ risk free transactions, we must make sure that we have competent employees and a proper Process flow, with relevant technology, which is measurable and the scope of improvement is met, for best results.

 Else, the impractical idea would be to follow the 6 eye principle to check on the output of the 4 Eye principle- Which will only increase the time and effort- Thus there is no value added , neither in the 4 eye principle or the 6 eye principle.


Link to post
Share on other sites
  • 0

All published answers are good and are well supported by relevant examples. However Natwar Lal's answer stands out with respect to the examples quoted for 4-Eyes principle as a value add or non value adding activity. Therefore his answer has been selected as the winning answer.

Link to post
Share on other sites
This topic is now closed to further replies.
  • Who's Online (See full list)

  • Forum Statistics

    • Total Topics
    • Total Posts
  • Member Statistics

    • Total Members
    • Most Online

    Newest Member
  • Create New...