AI Organization & Separation of Powers — Structure Log

An implementation log of organizing AI agents

The Two-Person Rule

2026-06-14

In the previous chapter, we looked at why the audit role should be assigned to an AI from a different vendor than the executor. The idea was a structural design choice: bring in a genuinely separate perspective.

This chapter goes one step further. The question here is: when you perform an operation that cannot be undone, how do you prevent things from going wrong?

This is where the two-person rule (here meaning: no irreversible action is executed on the basis of a single judgment alone) comes in.

Q. What is the two-person rule?

In short, it is the principle that irreversible actions (operations that cannot be undone once performed) must not be executed on the basis of one person's judgment alone.

Before execution, two parties must confirm. That is all.

It is not a complex procedure. The point is simple: deliberately build into the design a structure that prevents any single party from making the final call alone.

Q. Who exactly are the "two parties"?

In this setup, the two parties are a human and a separate AI.

The executor AI proposes an operation: "I am about to perform this action." A human reviews it and gives the go-ahead. Only after those two steps is the action carried out.

The reason a human is required is that someone needs to be the party who can say, "I take responsibility for this decision." An AI can execute, and an AI can audit. But the party that functions as the one bearing responsibility is, for now, a human.

That is why one of the two parties is always a human.

Q. Does every operation require a two-party check?

No. If you inserted this check into every single operation, the workflow would grind to a halt.

The two-person rule applies only to operations that are irreversible and have a wide impact.

For example: publishing an article, sending data to an external service, deleting a file. These are the kinds of "cannot undo after the fact" operations that fall under this rule.

On the other hand, operations that can be redone, or tasks with a limited scope of impact, can be handled by the AI side without a two-party check. Without this distinction between high-stakes and low-stakes actions, the two-person rule simply does not work in practice.

Q. Why is one person's judgment not enough?

Because a single perspective is prone to blind spots.

Even when you feel like you have a clear view of things, a second set of eyes often surfaces problems you had not noticed. This is true for humans and AIs alike. Simply having multiple parties doing the checking raises the probability of catching errors.

There is another benefit as well: the fact of confirmation becomes part of the record.

"Who confirmed this, when, and who gave the go-ahead" is preserved in text. That becomes the evidence you can point to later when explaining why a particular operation was performed. When something goes wrong, without a record there is no way to trace what happened. The two-person rule is not just a mechanism for preventing mistakes — it is also a mechanism for creating a record of decisions that can be explained after the fact.

Q. Is this concept unique to AI organization?

No. It is a principle that has been used in human organizations for a long time.

Important documents require sign-off from multiple approvers. Financial transactions are reviewed by more than one person rather than just one. These practices have existed for a long time. The two-person rule is that same concept applied to a setup where an AI has taken on the executor role.

In an organization made up entirely of humans, the check was performed by "two humans." Here, it is replaced by the combination of "one human and a separate AI." The shape of the mechanism changes, but the design philosophy — do not concentrate authority in a single party — remains the same.

Q. What happens if this principle is not working?

You are left with no choice but to deal with problems after they have already occurred.

An article goes live when it should not have. A file that was not supposed to be deleted is gone. Data that was never meant to leave the system has gone out. These kinds of events happen when there is no checkpoint in place.

The more irreversible an operation is, the harder it is to contain once it has happened. The role of the two-person rule is to prevent it structurally, before it occurs.

"Can this be fixed after the fact?" — using that as the criterion, and placing a checkpoint on anything that cannot be fixed. That judgment standard is the core of how the two-person rule is designed.

Q. To sum up, what does the two-person rule actually prevent?

It prevents the situation where a single-party judgment error gets executed as an irreversible action.

  • Irreversible actions require a two-party check
  • The two parties are a human and a separate AI
  • The fact of confirmation is preserved as a record
  • The rule does not apply to reversible, low-impact operations (so it does not block the flow)

All four of these elements work together. If any one is missing, the effectiveness diminishes. The record, the multiple perspectives, and the careful scoping of where the rule applies — none of these can be left out.

← cd ..