Unix about three different ways to control the manipulation of files:
Firstly, my C programming is awful, but this needs to be done.
Secondly, I realize that the current claims of fraud (not that I doubt) have been VNC based, account hacks, and possibly even socialed / carelessness.
This won't have a direct benefit in those cases. However, this would provide the foundation for implementing anti-theft measures.
The RWX model would be the easiest to emulate.
Think of a generalized version of RWX as non-destructive, destructive, active. The analogs for wallet permissions would be Receive, Send, Operate (addresses) / View (accounts).
Each address and account would have these settings. Operate refers to the ability to combine and split the amounts. For example, if you disable operate permissions you cannot send coins except if you send the whole amount at that address. You also have to receive at that address a steady amount per transaction. Not 5 BTC today and 2 BTC tomorrow. View would be the ability to sum the total contained at all.
This would probably involve a policy key containing the permissions signed with the key for that policy combination plus a timestamp (have fun brute forcing 24 hours of timestamps) and then with the key for that address.
I honestly don't know how well this would work.