Walk into any boardroom today, and you will most likely find executives and directors still debating ChatGPT's fair use policies. On the other hand, their rivals might have already deployed autonomous AI agents that allocate budgets, negotiate contracts, execute transactions, or reconfigure production planning and inventory systems. Without human approval. Without oversight committees. Without anyone noticing, until the regular review.

The agent-to-agent economy has arrived. It was there whilst we were drafting guidelines for generative AI. Right now, procurement agents are haggling with supplier bots over pricing. Compliance systems are triggering remediation workflows across cloud infrastructure. Trading algorithms are staking cryptographic credentials to access market data feeds. All of this happens at machine speed, in the gaps between human attention spans.

Most boards haven't grasped the shift yet. They're applying last year's governance frameworks to this year's autonomous systems. It's like trying to regulate supersonic jets with rules written for hot air balloons.

When Devices Stop Waiting for Permission

Throwback to how we interacted with AI around twenty-four months ago. You'd type a prompt into ChatGPT. Review the response. Decide whether to use it, edit it, or bin it entirely. Give them feedback. Humans stayed in the loop at every decision point. Comforting. Controllable. Safe.

Agentic AI is slightly different. It does work by setting their own goals, breaking problems into steps, coordinating with other agents, and executing activities and tasks across our entire technology stack. Indeed, they don't generate suggestions and wait for our approval. They act, then report back what they've done. By the time you're reading the log files, thousands of decisions might have already been executed.

One of the gigantic financial institutions discovered that its expense approval agent had been in place for three months with an outdated vendor whitelist. No one noticed because the agent processed requests faster than human oversight. Five million transactions. Zero human reviews. This considers regular operation in an organisation racing toward autonomous systems.

In short, the governance landscape has changed moderately, but most of us still use the old playbook.

Content Risk Was Just the Warm-Ups

GenAI could hallucinate facts, perpetuate biases, or accidentally plagiarise copyrighted material. Serious concerns, absolutely. But manageable because humans still have their grips on the outputs. You could catch the mistake before it reached the users, customers, regulators, or the media.

In the case of Agentic AI, autonomy risk operates differently. The AI doesn't wait for your review. It books the vendor meeting, updates your ERP system, notifies stakeholders across three departments, and moves on to the next task. When agents execute forty thousand decisions per second, your quarterly risk committee isn't reviewing decisions anymore. You're reading history, well, ancient history, by AI standards.

Traditional governance assumed you'd have time to evaluate one decision before the next one needed attention. That worked fine when humans made all the calls. Now? The gap between action and oversight is permanent. You can't close it by hiring more compliance officers or scheduling extra committee meetings. The velocity gap is structural, not staffing.

Instead of asking "What did our AI do?", boards need to ask, "What prevents our AI from doing things it shouldn't?" The distinction matters more than most executives realise.

Humans Haven't Been Eliminated. They've Been Repositioned

Effective Agentic AI’s governance moves humans from approvers to exception handlers, from bottlenecks to overseers. You’re absolutely right! We still exist in the loop.

Human-in-the-Loop (HITL) architecture establishes clear escalation paths for scenarios involving high-risk or ambiguous processes, actions, activities, and tasks. Routine decisions run autonomously, and edge cases are flagged for human judgment. A compliance agent might scan 10,000 transactions overnight; nevertheless, it will dispatch five that exceed risk tolerance for further follow-up and investigations, as necessary.

Agents operate within strict boundaries around organizational policy compliance, cost and budget limits, and risk appetite and risk tolerance. Technical safeguards enforce them. Furthermore, rate limiting prevents any single agent from executing thousands of operations without triggering oversight. Tool access restrictions specify exactly which APIs, databases, and systems each agent can interact with. Session timeouts stop indefinite execution that could enable multi-day attack scenarios.

In the case of security, it can't be an afterthought grafted onto agentic systems post-deployment. It must be embedded in the agent's design from the very beginning. The magic mantra is governance as architecture, not as documentation.

So, What Board-Level Oversight Actually Looks Like?

Agentic AI governance demands cross-functional coordination with decision authority sitting at the board level. Your Chief Compliance Officer can't fix this alone. Setting up Agentic Governance Councils that consist of reps from Technology, Business, Security, Legal, Risk, and Compliance units is an ideal pathway to move this forward. Monthly board meetings, quarterly reports, and direct authority over agent registries, data access policies, privilege allocation, and control implementation are the must-have tools, techniques, and deliverables.

A respective personnel or team that creates and maintains the complete list of registered agents operating in your environment: what they do, which data they access, the privileges they have, the ownership, responsibility, accountability, and the controls that govern them should be formed or appointed. Pretty similar to the risk register; it is a foundation for auditability. When regulators investigate a breach, they'll want to trace exactly which agent acted, under what authority, using what data, with which human ultimately accountable for the expected outcome.

Boards themselves need to stay relevant. They need AI literacy, whether by recruiting directors with technical backgrounds, establishing advisory relationships with AI experts, or enrolling them in the related executive education programs. Technology moves too fast and carries too much risk for boards to rely entirely on management reports. You don't need every director to hold a PhD in machine learning. You do need adequate collective understanding to ask critical questions and spot gaps in management's governance proposals.

Full lifecycle governance matters. Still. Development, commissioning, deployment, operation, monitoring, controlling, transfer, decommissioning, and retirement. Each phase has its own challenges and constraints.

A deep dive into the development stage requires identifying agent objectives, impediments, and constraints so engineers can deploy what we call “enforceable boundaries”. Deployment involves granting appropriate access rights and privileges without exposing security vulnerabilities. Operation, furthermore, demands continuous monitoring and speedy anomaly detection. Lastly, retirement ensures agents don't exist merely as "zombie processes" with orphaned access rights wandering your technology infrastructure.

The Missing Part

Boards fixate on what individual agents can do. So, the next question is what happens when multiple agents interact without human referees. Agent-to-Agent Communication Protocols (A2A) will enable autonomous systems to collaborate, negotiate, and transact value at machine speed. These protocols are extremely helpful because they standardise how agents coordinate complex workflows, resolve conflicts quickly and dynamically, and route tasks across the organisation's distributed tech stacks.

However, the governance’s complexity arises when those interactions cross organisational boundaries. Your procurement agent negotiates pricing with a supplier's sales agent, and both operate autonomously. Meanwhile, neither organisation has visibility in the other's governance framework. Then, when things go sideways, who should be held accountable? What happens if one agent stakes AgentBound Tokens whilst the other operates without cryptoeconomic accountability? Can your compliance systems even detect when external agents violate agreed protocols?

So, here we go. Welcome to the agent-to-agent economy of trust. It requires decentralised governance, allowing AI agents to interact and exchange value autonomously whilst preserving human oversight through progressive decentralisation. Centralised control certainly won't scale across organisational boundaries. The afterthought is that governance must be embedded in the communication protocols agents use, not layered on top after the deployment ends.

Why Your Risk Framework Stopped Working

Enterprise Risk Management practice categorises threats by likelihood and impact, then identifies their risk action strategies. That model assumes risks are identifiable, measurable, and relatively manageable from time to time. Agentic AI unsurprisingly breaks all these assumptions.

Autonomous agents create emergent behaviours. System-level outcomes come from agent interactions that weren't programmed into any individual agent. Let’s have a simple example. Your expense approval bot optimises for cost reduction. Your supplier relations agent optimises vendor satisfaction. Your compliance agent optimises policy compliance. Deploy all three and watch them inadvertently conspire to approve invoices from vendors whose contracts lapsed last month. Nobody expected that outcome, given that it emerged from the interaction dynamics.

We might be aware that static approval processes can't govern dynamic systems. Agentic AI demands real-time feedback loops, automated escalation matrices, and real-time intervention capabilities. It makes our regular risk reviews historical exercises. Therefore, continuous assurance models in which compliance monitoring processes continuously run, gather time-stamped evidence, and trigger remediation workflows without waiting for the next committee meeting are a must-have magic pill.

It's an operational necessity driven by evolving laws and regulations. The EU's Digital Operational Resilience Act requires financial institutions to conduct ongoing ICT risk monitoring. In addition, the EU AI Act mandates post-market surveillance for high-risk AI systems. We are witnessing the regulators’ expectation that automated systems must continuously demonstrate compliance, not periodic attestations that everything was alright three or six months ago.

Big Five Questions Our Board Should Ask

Let’s stop debating whether (or not) to deploy agentic AI. Our competitors already did. Start asking better questions:

1. Do we really know every autonomous agent deployed in our environment? Indeed, unknown agents are ungoverned agents. You can't control what you can't see, right?


2. Can we trace each agent’s action back to a human who owns the outcome? Autonomous doesn't mean unaccountable. Someone has to answer when regulators come knocking on our doors.


3. Have we built escalation paths for high-risk scenarios into the agent architecture? Agents shouldn't go live until they know precisely when to stop and ask for help.


4. Are our agents cryptoeconomically bound to compliance standards through staked collateral? Well, if accountability relies on trust rather than enforceable mechanisms, the hard truth is, our governance is aspirational fiction.


5. Does our oversight operate at machine speed? If we review agent decisions quarterly whilst they're executing continuously, we're managing historical data, not controlling our current risks.

Getting From Here to There

You’re right. Nobody's transforming agentic AI governance in a single board meeting. It requires big (re)thinking about how control, accountability, and oversight function when decisions occur faster than humans can process them.

Key success factors, the first and foremost, are that we should treat governance as system architecture rather than solely policy documentation. The shift-left approach is implemented by embedding related controls in agent design, adoption of cryptoeconomic accountability frameworks that align agent incentives with organisational values through programmable stakes and automated consequences. Continuous assurance replaces periodic audits with real-time monitoring. Cross-functional governance councils with board-level authority and clear decision rights that don't get bogged down in turf battles.

Most critically, they recognise the shift from generative to agentic AI as a governance discontinuity rather than an incremental evolution. Applying yesterday's frameworks to tomorrow's technology doesn't just create risk; it also creates opportunity.

The agent-to-agent economy stopped being science fiction sometime last year. It's an infrastructure thing right now. The machines are talking, negotiating, and transacting. The strategic question for boards isn't whether to participate. We're already there, whether we realise it or not. So, the question is: are we going to govern those conversations at the right speed, with frameworks tailored to machine velocity, before autonomous interactions reshape entire processes faster than human governance can respond?

Our oversight gap isn't a future threat. It's a present vulnerability. Closing it requires admitting that human-speed governance became obsolete the moment we granted machines autonomy. The rest is history.

By Goutama Bachtiar, MAIB, MBA, FRSA, FFIN, FPT, MAICD, TAISE

Keywords: Agentic AI, AI Ethics, AI Governance

Follow Us On

Become a Contributor Newsletter Signup