Stay updated

Agentic AI governance is the discipline of controlling agentic AI systems whose risks emerge through actions and decisions over time, not just individual outputs. In April 2026, Szpruch, et al (University of Edinburgh) published a paper that demonstrates how traditional model risk management (MRM) and AI governance designed for static models have a structural agentic AI governance gap. The paper argues that effective governance should shift to runtime governance – continuous monitoring, enforcement, and intervention while the agent is operating – and that relying on traditional MRM for agentic governance will become hard to defend as supervisory expectations develop. For use cases that demand precision (like many in financial services), the question is no longer whether agentic AI requires a different governance model, but how quickly firms can build one that scales safely.

With a focus on which use agentic AI case, which vendor, and which oversight committee, it is easy to overlook a key question – whether the data their agents will rely on is fit for autonomous use. Agents do not read data; they act on it, and small defects compound at every step. Over 24 months, we believe two cohorts of firms will emerge: those whose data is Structured, Current, Authoritative, Rich, Verifiable, and Symmetrical – the six SCARVeS© characteristics of good agentic AI training data – and that will absorb the consequences of deploying agents on unchanged data estates. The obstacles between are not technical but governance ones and, as yet, not every firm has the capability to overcome them.

Once you deploy autonomous agents that can fail in ways that non-agentic alerting was not designed to detect, only incident management for agentic AI will protect you if something goes wrong. Of the 18 steps needed to manage an agentic incident, only 2 survive intact – 3 have no non-agentic equivalent at all, and 13 require material changes – creating operational and regulatory exposure for firms that have already deployed agents. The most effective response plan is to diagnose your gaps, define bespoke upgrades that match your agentic use cases, and sequence implementation to ensure they support other in-flight initiatives. Our three-stage Agentic Incident Management Upgrade service is designed to achieve exactly this for you.

A risk-based agentic AI adoption strategy classifies AI agents into risk tiers and applies stronger controls where the risk is highest. In comparison, more blunt approaches have inherent flaws: permissive access with post-event monitoring sacrifices control, and full pre-approval constrains scalability. Instead, the risk-based model assigns low-risk agents a register-and-attest process, medium-risk agents a proportionate review, and high-risk agents full governance, making it productive, enforceable, and defensible at scale. To implement this, add four deliverables to your agentic roadmap: tier criteria, technical enforcement, shadow agent detection, and risk manager dashboards. If you are at the start of an agentic transformation, the Agentic AI Readiness Assessment evaluates your firm’s readiness across all the prerequisites for agentic AI – including those needed to implement this model – in 90 minutes.

A risk-based agentic AI adoption strategy classifies AI agents into risk tiers and applies stronger controls where the risk is highest. In comparison, more blunt approaches have inherent flaws: permissive access with post-event monitoring sacrifices control, and full pre-approval constrains scalability. Instead, the risk-based model assigns low-risk agents a register-and-attest process, medium-risk agents a proportionate review, and high-risk agents full governance, making it productive, enforceable, and defensible at scale. To implement this, add four deliverables to your agentic roadmap: tier criteria, technical enforcement, shadow agent detection, and risk manager dashboards. If you are at the start of an agentic transformation, the Agentic AI Readiness Assessment evaluates your firm’s readiness across all the prerequisites for agentic AI – including those needed to implement this model – in 90 minutes.

An April 2026 academic paper has confirmed what we advised IRM delegates in January: a low-risk use case does not mean a low-risk agent. The paper establishes that agentic AI compliance under EU law is not limited to the AI Act – it spans GDPR, DORA, NIS2, and sector-specific regulation simultaneously. Critically, behavioural drift is now a live legal obligation, not just a governance preference: firms must trace it, record it, and treat threshold changes as regulatory events. Three standards gaps remain unresolved. Our frameworks already address all three.

A frontier lab has just told the US government what Agentic Risks has been saying since July 2025: agentic AI risk is a distinct category of harm that existing frameworks do not describe. For risk managers, compliance officers and CROs at regulated firms, Anthropic’s 9 March 2026 submission to NIST’s CAISI validates a discipline that standards bodies have yet to catch up with. This post walks through six ways the submission strengthens the approach Agentic Risks has taken, where we believe more is needed, and why we publish our IP and methodologies freely.

Agentic AI is already in scope of the EU AI Act despite not being named in it – a foundational challenge for agentic AI governance – and firms building agents in-house for EU operations will be treated as both provider and deployer, with high-risk systems due for compliance by 2 August 2026.Meeting those obligations is necessary but insufficient because agentic systems break four of the Act’s core assumptions, so an effective governance framework must extend beyond compliance to cover operational realities like agent identity, pre-execution boundaries, reasoning chain integrity, and liability across the value chain.For organisations governing agents already in production, our 32 agentic AI risk flags provide a fast, defensible way to surface agents operating at a higher risk level than may have been appreciated – on the principle that if you cannot disprove a flag, you have a risk.

The Agentic AI Governance Framework is a structured guide to governing autonomous AI systems – what to keep from traditional AI governance, and what new controls you need. It’s essential reading for risk, compliance, and technology leaders whose organisations are deploying, or planning to deploy, agentic AI. It tells you exactly which foundations still hold, which new components you need to add, and how to navigate the areas where the debates remain inconclusive. With it, you can build a governance model that is defensible to regulators, auditors, and boards.

Firms whose adoption strategies succeed are those whose roadmaps are achievable from their current state of readiness. The Agentic AI Readiness Assessment ensures your transformation is evidence-based, achievable, and customised to your situation. It does this by establishing whether each prerequisite is in place (strategic, technical and operational, and organisational), its maturity level, and the extent of work needed to support your target risk tier. Triage-style 90-minute session. Output is a complete and systematic view – strengths, weaknesses, and prioritised next steps – ready within 48 hours for you to discuss with your colleagues.

Unstructured agent-building is a costly and risky choice, increasing the chance of overlooked risks, security incidents, and scrambled remediation when external stakeholders ask questions.This is because agentic workflows create new risks that you will need to control and monitor in novel ways.In response to this situation, I summarise the specific ways risk management needs to evolve for the agentic workflow risk assessment: the novel aspects of the agentic workflow design process, the pre-deployment agentic risk assessment, and how to ensure effective agentic KRIs.Adopt these techniques to give structure to your agentic transformation, prevent risk, and ensure trustworthy monitoring.

Across most enterprise platforms, an agentic workflow comprises three layers – model, orchestration, and application – and each layer can see risk signals that the others cannot. For your agentic workflow monitoring to be viable, a KRI should reside where its risk signal lives; those that do not risk noise, blind spots, or a false sense of security. We mapped a sample of KRIs across the three layers and found that half reside primarily at the application layer, while the model layer was the primary source for only one. Monitoring built on functional layers is therefore less likely to have coverage gaps than a framework tied to a single platform. We conclude by advising firms to understand their risk requirements before selecting a platform – and embed their risk controls into their workflow designs.

Agentic key risk indicators are the metrics organisations use to monitor the behaviour, risk profile, and operational performance of autonomous AI agents. Agentic systems do not operate in a steady state. As they learn and adapt, small behavioural changes can accumulate and alter their risk profile. Effective governance therefore requires organisations to monitor the direction and speed of this AI behavioural drift before it moves beyond risk appetite. Agentic key risk indicators, sometimes described more generally as AI key risk indicators, provide the operational evidence needed to monitor AI agent risk and ensure regulatory compliance. This article sets out 12 practical principles for designing effective agentic KRIs and illustrates them through 20 worked examples across 5 common agentic risks.

Agentic AI marks a shift from tools that produce outputs to systems that achieve outcomes. As a result, agentic workflows differ from traditional ones. In brief, they can plan, decide, and execute multi-step actions autonomously to achieve your goal, remembering and learning from their experiences. Because of this, their behaviour can evolve, creating both opportunities and risks. Therefore, understanding how agentic workflows differ becomes vital to effective risk identification. So, this article examines 10 dimensions that vary between agentic and traditional workflows – from decision authority and system access to failure modes and accountability – and how risk managers should respond.

Evidence is growing that a pre-deployment agentic risk assessment for medium and high-risk autonomous AI agents reduces incidents, rework, and build cycles by embedding risk controls into workflow design – creating a stronger organisation that is ready for future deployments. This article outlines the 7-step process from agentic risk identification to an approved risk report that integrates into your enterprise framework. If you would like some help with your pre-deployment agentic risk assessment (or would like to move faster), check out our customised service.

This article explores the nature of autonomy and the sources of its risks before outlining a five-step process to integrating agentic risk appetite and adoption strategy into your roadmap. It includes the support materials for the webinar we provide on this topic. Drawing on established risk management disciplines and centuries of delegating autonomy to non-humans, the process will ensure you prioritise your use cases, confirm your adoption strategy, identify your prerequisites, assess readiness, and construct an achievable implementation roadmap. Autonomous AI agents fundamentally reshape risk management by shifting human control from execution to the design and oversight phases of a workflow. From the board to the operational workflow, firms that adopt a risk-based agentic AI adoption strategy will find it easier to scale the benefits of autonomous AI, with fewer surprises and stronger regulatory defensibility.

Autonomous AI introduces a new class of risk – agentic risk – because it delegates execution to non-humans that interpret objectives, constraints, and context differently from people.

In agentic workflows, ambiguity itself becomes a risk: unless risk appetite is expressed in behavioural and quantitative terms, agents cannot reliably understand or enforce organisational expectations.

Risk managers must therefore integrate agentic risk into existing risk appetite processes by defining an agentic AI risk appetite statement, applying it consistently at the workflow level, and instituting key risk indicators for agentic risks.

Organisations that do this will enable safe, scalable agentic adoption; those that do not will face fragmented, compounding, and unmanaged autonomous behaviour risks.

AI agents represent a paradigm shift in automation – digital problem-solvers that independently plan, execute, and learn from multi-step workflows at machine speed. While autonomous AI offers unprecedented productivity and scalability, its independent nature introduces unfamiliar AI agent risks that traditional risk management cannot adequately address. This article summarises our presentation to 180 members of the Institute of Risk Management. Key points include why controls calibrated to autonomy levels should be non-negotiable, why agentic workflows break a key assumption of traditional risk management, and how the Enterprise-Wide Agentic AI Risk Control Framework can help firms navigate their evolution to the era of agentic AI risk management safely.

Agentic workflows are not “just another AI model” – they are operational systems that can act, spend, and escalate at speed. That means risk is shaped as much by design choices (ownership, boundaries, monitoring, and stop authority) as by the task the agent performs. If you, as a risk manager, are asked to perform an agentic AI risk assessment, you will need a fast, defensible way to determine whether the project is sufficiently controllable to go live. This article introduces you to 32 systematic, verifiable agentic AI risk flags you can test with evidence, so you can quickly translate findings into clear, proportionate risk treatment plans.

An agentic workflow is a system where AI agents autonomously plan, decide, and act across interconnected tasks, with explicit controls and human oversight embedded at each stage. The success of these initiatives rests not just on technology, but on organisations building the capability to govern autonomy before they introduce it. This article sets out a practical, audit-defensible agentic workflow design process that helps firms decide whether an AI agent should exist, what authority it may safely hold, and how that authority is constrained, tested, and monitored over time. The process is structured into three phases – foundation, build, and deployment – to move firms beyond demos to a repeatable, governable, and scalable agentic workflow. The outcome is a step-by-step guide on how to design an agentic workflow using a risk-led, auditable agentic workflow design process.

This article is for experienced risk professionals and explains why agentic risk management is now essential for retaining control of agentic AI workflows. Traditional risk management assumes humans design, execute, and oversee systems end-to-end, but agentic AI breaks that assumption by delegating execution to autonomous systems. This development fundamentally changes how risk emerges, how controls fail, and where accountability must sit. To mitigate risk in an agentic workflow, therefore, risk management must extend its role beyond post-hoc monitoring into the design phase, monitor continuously rather than periodically, and be ready to address new risks arising from emergent behaviours.

AI agent ethics cannot rely on human-style moral tests because AI agents feel no shame, consequence, or responsibility, so ethical protection must come from external controls. Society already delegates autonomy to non-humans such as working dogs, but only with strict training, clear boundaries, accountability, and controlled contexts – showing that autonomy should be earned, limited, and supervised. To deploy AI agents ethically, organisations should grant autonomy gradually and with robust controls that define purpose, restrict risk, ensure supervision, and maintain clear accountability.

To leverage the benefits of agentic AI you must manage the broad new class of risks that it introduces. If left unmanaged, these risks can materialise across individual and multi-agent behaviours, system security, governance, policy integration, as well as organisational and human factors. To enable the new discipline of agentic AI risk management, the Enterprise-Wide Agentic AI Risk Control Framework helps you identify, assess, and control these new risks, integrate them into your existing framework, and keep pace as agentic AI evolves. To get started, set your policy on AI autonomy, map the risks and controls for a pilot agentic workflow, and prove control effectiveness through testing.

AI agents can act autonomously to perform multi-step tasks, interact across systems, and learn from experience, making them more powerful than basic prompt-driven AI tools. The key features of AI agents and their benefits for organisations include higher productivity, scalability, and better use of human judgement. This makes them especially suitable for workflow automation. Organisations should de-risk their adoption of agentic AI by defining their policy for delegating autonomy, implementing effective risk controls, and piloting an agentic workflow before scaling.