diff --git a/engineering-guide/accounts-and-groups.md b/engineering-guide/accounts-and-groups.md
index f33c458e..e79ef175 100644
--- a/engineering-guide/accounts-and-groups.md
+++ b/engineering-guide/accounts-and-groups.md
@@ -30,6 +30,9 @@ To be able to easily distinguish between the different account types, a user sha
   | `unx-lx_ext_users` | external accounts |
   | `unx-lx_e_users`   | experiment accounts |
 
+### Policies
+GAC accounts __must not__ be used for administrative tasks (also see: AW-95-17-02 Logical Access Control). Therefore membership in groups granting such privilidges is not permitted.
+
 ## UID Allocation
 
   | UID                     | GID                     |                               |