According to Susann Kunz, a consultant in the Financial Institutions Advisory Group at Saltmarsh, Cleaveland & Gund, dual control requires at least two employees to simultaneously access a controlled area such as an ATM - that may require both a key and a combination to open. Kunz recommends that the key should be assigned to one employee and the combination to another. She opposes dual presence practices arguing that simply requiring two people to access an ATM in tandem fails to protect both the financial institutions and the branch employees.
Kunz’s position on dual control is consistent with the Federal Deposit Insurance Commission (FDIC). The FDIC defines joint custody (dual control) as a procedure where two or more persons are equally accountable for the physical protection of items or records. For example, two keys or split combinations or passwords, under the separate control of different individuals - must be used in order to obtain access to vaults, files, or other storage devices. These custodial responsibilities should be clearly assigned and communicated to all affected employees. For the system to be effective, persons exercising control must guard their key, combination, or password carefully.