Scenario 1: If a single SAP system with single client where all 3 companies are implemented.
Soln : Have to enforce the restriction only through authroizations to realize differntiation(which company the user belong to) on users. I dont think it makes sense to set up seperate logins for users of each company.
Scenario 2: In a single SAP system and 3 companies needed to be implemeted and treat each company as seperate business ,
Soln: set up 3 clients for each company in single SAP system. So that 3 company users can be managed seperately and users have to login to their respective client(client 1 -L1 company ,Client 2- L2 company etc)
You might need to have a discussion with FICO and BASIS to know more details if you have business design to be realized.
Thanks,Krishna