The Four-Eyes Principle
The Four-Eyes Principle is a core operational and compliance requirement in financial processing systems.
It ensures that critical actions must be authorized by two independent users, reducing risk and supporting regulatory obligations.
ImPAI implements this principle consistently across all supported payment schemes and processing modules.
Why the Four-Eyes Principle Exists​
The principle is designed to:
- Prevent fraud by requiring two parties to authorize sensitive actions.
- Reduce operational risk such as accidental submissions or incorrect data.
- Support regulatory compliance for payment governance and internal controls.
- Ensure traceability via full audit logging of every approval decision.
Financial institutions commonly apply this rule to operations such as payment releases, returns, recalls, or settlement decisions.
How ImPAI Applies the Rule​
Within ImPAI, approval flows follow a consistent model:
- One user (the maker) creates or imports a transaction.
- The transaction enters the Approval Pending state (based on rules or risk settings).
- A different user (the checker) reviews the transaction and decides whether to:
- Approve (continue processing), or
- Reject (stop workflow and return explanation)
Every decision is logged with:
- User identity
- Timestamp
- Original data
- Decision and reason
- Updated identifiers
This ensures end-to-end transparency and auditability.
Where This Applies​
ImPAI uses the Four-Eyes Principle for multiple message categories, including:
- Payment Instructions — customer credit transfers submitted to the processing flow.
- Recalls — requests to withdraw a previously sent transaction.
- Returns — refusals of a payment by the receiving bank.
- Resolutions — final outcome of recalls or investigations.
Depending on your configuration, approval may also be enabled for other schemes or internal flows.
🔗 Related API Endpoints​
You can find the approval APIs here:
    👉 SEPA Instant Approval APIs
    👉 Approve a SEPA Instant Transaction (How-To)