> ## Documentation Index
> Fetch the complete documentation index at: https://docs.dfns.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Create policies

> Replicate your internal approval and risk controls in Dfns by configuring policies for transfers, signing, permissions, and policy changes.

export const Youtube = props => {
  return <iframe className="w-full aspect-video rounded-xl" src={`https://www.youtube.com/embed/${props.videoId}`} title="YouTube video player" frameBorder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowFullScreen>
      </iframe>;
};

<Youtube videoId="IICkUb4ZmL4" />

Policies are a programmable set of safeguards behind all actions on the Dfns infrastructure. You can configure them to validate actions taken in your organization. For more details, please read the dedicated section: [policy-engine](/core-concepts/policies)

<Tip>
  **Pro tip: initial policies you should create**

  We recommend setting up three initial Policies in order to lock down your organization:

  1. **Permission Assignment:** requiring quorum approval before assigning permissions to any user. This way a rogue admin cannot create fake users with elevated permissions by himself.
  2. **Permission Modification:** ensure permission sets cannot be modified without quorum approval, to prevent a rogue actor to elevate existing roles by whitelisting extra actions.
  3. **Policy Modification:** a policy preventing to change policies. That's to make sure your established policies stay in place and a quorum approval is required for modifications.
     Those are actually the first 3 options available when you follow the policy creation flow on the dashboard.
</Tip>

In this example, we are going to control transactions whitelisting specific recipient addresses, and requiring approvals for others.

<Steps>
  <Step title="Create a new Policy">
    On the dashboard, head to `Org > Policies` (direct link: [https://app.dfns.io/policies](https://app.dfns.io/policies)) and click ➕ New Policy.

    <Frame>
      <img src="https://mintcdn.com/dfns-6d8c7466/C-QxugfNcolBADI3/images/policies01.png?fit=max&auto=format&n=C-QxugfNcolBADI3&q=85&s=dd6f5651c4ffcbe5f778280fff581a9d" alt="" width="2220" height="1630" data-path="images/policies01.png" />
    </Frame>
  </Step>

  <Step title="Select the targeted activity">
    What should the policy apply on? For our example, select "Wallet usage (transfer, transaction, signature)"

    <Frame>
      <img src="https://mintcdn.com/dfns-6d8c7466/C-QxugfNcolBADI3/images/policies02.png?fit=max&auto=format&n=C-QxugfNcolBADI3&q=85&s=94585ef9ad093b7b8b34442ae876f709" alt="" width="2220" height="1630" data-path="images/policies02.png" />
    </Frame>
  </Step>

  <Step title="Select the criteria to evaluate">
    In which case should the policy trigger? For our example, select "Transaction recipient whitelist", then click Configuration and paste the whitelisted destination wallet address. All transactions to this wallet address will go through, while all others will trigger the policy.

    <Frame>
      <img src="https://mintcdn.com/dfns-6d8c7466/C-QxugfNcolBADI3/images/policies03.png?fit=max&auto=format&n=C-QxugfNcolBADI3&q=85&s=df9efd2b4bcc78817df89e540ade5b2f" alt="" width="2220" height="1630" data-path="images/policies03.png" />
    </Frame>
  </Step>

  <Step title="Select the action to take">
    When a transaction triggers the policy filters, then there are different actions you can take. In our case, we'll request approval from another employee. Select "Request Approval", and add an "Approver" group, with a quorum of 1, then click "Any Employee" and select the employee who should approve the transaction.

    <Info>
      The user triggering the action can never approve it himself. Make sure the approvers are not the same users who will issue the requests!
    </Info>

    <Frame>
      <img src="https://mintcdn.com/dfns-6d8c7466/TUAM4m-ShzyUwzUw/images/policies04.png?fit=max&auto=format&n=TUAM4m-ShzyUwzUw&q=85&s=244d63fb3d7051f9da55f94e48d9aff0" alt="" width="2220" height="1630" data-path="images/policies04.png" />
    </Frame>
  </Step>

  <Step title="Finish the configuration">
    Hit "Continue", give a name to your policy, and keep going until you get to the Summary. Click Save and 🔑 sign the request with your passkey.

    <Frame>
      <img src="https://mintcdn.com/dfns-6d8c7466/aH8Z4RyoX4Vg4edY/images/spaces_2FtnSPOZGQ2hBmgoVWX5H6_2Fuploads_2FXANwIJBr4f4qadFLgzVl_2FCapture_20d_E2_80_99e_CC_81cran_202025-07-16_20a_CC_80_2014.32.49.png?fit=max&auto=format&n=aH8Z4RyoX4Vg4edY&q=85&s=01dbbc58e403101ce0e4e682eb330cdf" alt="" width="3428" height="1800" data-path="images/spaces_2FtnSPOZGQ2hBmgoVWX5H6_2Fuploads_2FXANwIJBr4f4qadFLgzVl_2FCapture_20d_E2_80_99e_CC_81cran_202025-07-16_20a_CC_80_2014.32.49.png" />
    </Frame>
  </Step>
</Steps>

<Check>
  You've created a policy requiring approval from your coworker on transaction requests, except transfers to the designated wallet. Refine these rules and add as many as you need to match your internal policies and safeguards.
</Check>