...
In a corporate environment, it would make sense to have several levels of segregation where the persons signing the transactions would have no possibility to get even close to the seed, the master private keys or the private keys.
Hmmm.... The only way I can think of that would allow you to do this, would be to use a hardware wallet like a Trezor or Ledger. Generally, after initial setup, these devices do not allow you to view or export the seed or private keys. You can also create a MultiSig in Electrum that uses hardware wallets.
You're still going to have issues with how to initialise the devices in the first place... at least one person will "see" the seeds used to initialise these devices... you also need someway to safely AND securely back those seeds up so that if one of the devices is lost/stolen/damaged (or the person holding the device leaves the company and refuses to return it etc), coins can still be recovered.
Also, when a transaction needs to occur, the signers would need to have physical access to the hardware wallets to be able to sign the transaction... so while any "random" employee could then create a transaction (using a watching-only wallet)... only the 4 people in possession of the hardware wallets could sign it.
There is still the (obvious) flaw that if the 4 hardware wallet holders collude, then the funds can be stolen... which is true of ANY multisig arrangement. You simply cannot prevent this unless you have at least one 100% trusted signer in your 4-of-4 setup (basically ((M-N)+1) 100% trusted people in an N-of-M setup) to be able to "veto" any attempts to create a transaction that steals the funds.