Decision Memo: Centralise Authority or Split It?

Centralised authority is fast and legible. Split authority limits abuse and failure. The right design depends on consequence, reversibility and operating tempo.

The answer

A private institution is deciding whether one office or person should control a critical asset, or whether authority should be divided across multiple people, entities or systems. Decisions are frequent, reversible, time-sensitive and easy to audit.

Situation

A private institution is deciding whether one office or person should control a critical asset, or whether authority should be divided across multiple people, entities or systems.

Centralise when

Decisions are frequent, reversible, time-sensitive and easy to audit. Centralisation can improve clarity, reduce coordination failure and create one accountable owner. It works best when the authority can be rapidly revoked and a tested successor exists.

Primary risk: one compromise, conflict or absence becomes institutional failure.

Split when

A decision can irreversibly transfer value, change ownership, destroy evidence, expose protected information or alter another person’s rights. Independent approval is valuable when the second party brings different evidence, not merely another click.

Primary risk: ambiguity, delay and informal workarounds that recreate centralisation outside the formal model.

Decision factors

- Maximum consequence of one mistaken or malicious act.

- Reversibility after the act completes.

- Required speed under normal and emergency conditions.

- Independence and competence of the second authority.

- Ability to recover if one authority is unavailable.

- Quality of evidence showing who exercised power.

Recommendation

Centralise preparation and routine operation; split irreversible execution and authority change. Use thresholds so the institution does not impose the same ceremony on every act. Define an emergency route that is narrower, time-limited and reviewed after use.

Authority architecture card

For the power in question, record normal owner, consequence threshold, second authority, emergency substitute, expiry, evidence and recovery path. If the emergency substitute is the same person the split was designed to constrain, the architecture is fictional.

Sources

  1. NIST Zero Trust ArchitectureNIST Zero Trust Architecture

    Primary authority

  2. FINMA — Operational risks and resilienceFINMA

    Primary authority

Adam J. De CollibusFounding Partner, Svperior / Systems Engineering

Ross Belhomme

Ross leads Legal within Svperior GmbH. His work draws on more than two decades across international fiduciary, wealth-structuring, and private-client environments, combining legal, financial, and technical judgment around governance, privacy, assets, authority, and cross-border operating conditions.

Legal strategy / Governance / Private-client structuring / Digital assets

Need to apply this to a specific situation?

Send us the initial context. If the matter fits, we will respond directly.

Send private inquiry
Decision Memo: Centralise Authority or Split It?