Hi, this is standard behaviour. The transactions share K_PCA so the auths will be available to any transaction that requires them.
If you need to segregate them (and arguably if you are performing posting activities to both restriction sets then why bother) then you'll need to perform some customisation to achieve that (e.g. use an enhancement point to add in additional checks/logic that are linked to the context of the posting).