The digital workforce is here. The governance isn’t.
With enterprise adoption of agentic AI rising, the need for rigorous governance controls has never been greater.
The question used to be whether enterprises would actually embrace AI agents at scale. Somewhere in the last six months, that question quietly resolved itself. Walking the floor at Google Cloud Next in Las Vegas last month, it was clear the conversation had moved on. The new question is what happens when the agents start showing up to work before anyone has built HR.
That’s not a metaphor. Agents are now acquiring privileged access to systems like databases, email, financial systems, and operational tools. They are executing tasks across enterprise environments with minimal human oversight, often coordinating with other agents in multi-step chains that no single person fully monitors. The infrastructure to deploy them is maturing fast. The infrastructure to govern them is, at best, nascent.
From pilot to pressure
Most enterprises are now piloting or deploying multi-agent architectures. That sounds like progress, and it is, but, in many cases, enthusiasm has outrun execution. The failure patterns are becoming well-documented and increasingly expensive. Agents may misinterpret ambiguous instructions leading to confident misalignment. Errors compound as tasks pass between agents in a chain, creating semantic drift. As context gets lost at handoff points, the final agent in a sequence executes based on degraded information.
These misinterpretations frequently trigger infinite reasoning loops, where an agent sensing its output does not match the goal and repeatedly attempts to self-correct. Without deterministic circuit-breakers to limit such behavior, this often leads to excessive data retrievals, massive token cascades, and recursive API spikes that can exhaust budgets in minutes. These loops are often exacerbated by poorly implemented RAG systems where an agent retrieves irrelevant or contradictory data and enters a hallucination loop trying to reconcile the noise.
Multi-agent systems currently fail in production at high rates not because the agents are incapable, but because the scaffolding around them is immature. 1 Central to this scaffolding is rigorous data governance. It is the only way to ensure agents have a single source of truth and well-defined semantic meaning to combat semantic drift. In fact, half of all generative AI projects are abandoned before reaching production because the underlying data isn’t clean, consistent, or accessible enough to build on. Even the most sophisticated agentic platform in the world runs on data. If the data is broken, the agents are broken.
Infrastructure is now a workforce decision
One of the subtler shifts happening right now is that infrastructure decisions are being reframed in workforce terms. This isn’t about which cloud is fastest or cheapest in traditional benchmarks. It’s about what compute fabric can support millions of concurrent agent operations with near-zero latency. A pizza chain’s voice ordering agent that responds in under 200 milliseconds is more than a fun demo. It’s a concrete proof point about what this infrastructure actually needs to deliver.
The billing model is changing along with technology. Some customers are already pushing back on traditional API-call pricing. If an agent runs continuously on behalf of a business, treating each inference as a discrete transaction starts to feel like charging a salary by the word. The industry is moving, haltingly, toward execution models that treat agents more like employees who are persistent, always-on, and measured by outcomes rather than API calls.
The platform vendors understand this. New tooling for agent-to-agent communication, agent identity management, and policy enforcement at the agent layer has started appearing in earnest. Open protocols designed to let agents from different vendors interoperate are gaining traction. But open protocols and a functioning governance architecture are not the same thing, and right now enterprises mostly have the former without the latter.
The question nobody has answered
The sharpest conversations happening right now are about accountability more than ability.
For example, what happens when an agent makes a decision that causes harm? This could be an erroneous financial transaction, a workplace incident involving a robot operating on AI-generated instructions, a customer communication that creates legal exposure. Who is responsible? The organization that deployed the agent? The vendor whose model powered it? The integrator who built the workflow? In a multi-vendor agentic stack, which is the only kind most enterprises will actually run, the liability chain is genuinely unclear. The current answer in most organizations is a set of disclaimers that effectively stall deployment. That’s not a long-term solution.
Closely related, there is currently no reliable way to audit a decision made by a multi-agent system. An agent acting in good faith on instructions from another agent acting on instructions from a human prompt three steps back doesn’t leave a clean paper trail. For most enterprise use cases — finance, healthcare, legal, HR — the ability to reconstruct why a decision was made isn’t a nice-to-have. It’s a compliance requirement. That capability doesn’t exist yet at production scale.
None of this means the technology isn’t real or that enterprises should wait. But it does mean that the organizations moving fastest right now are accumulating governance debt alongside capability gains. The companies that will come out ahead aren’t necessarily the ones who deploy the most agents in 2026, rather they’re the ones who build the accountability architecture to operate them reliably at scale.
What comes next
Many compare the current state of enterprise agent use to the early days of cloud adoption, when IT teams were spinning up infrastructure faster than security and compliance could catch up. Eventually, governance caught up, but only after expensive lessons in data exposure and shadow IT sprawl. We are at a similar crossroads today, but with one critical difference: organizations cannot afford a decade-long learning curve.
The agentic governance problem is an order of magnitude more complex than the cloud governance problem. Cloud resources are passive. They don’t make autonomous decisions, coordinate with each other without being explicitly told to, or act with privileges scoped to a human employee’s identity. Agents do all three. There are many bright spots that are emerging such as agent identity management and agentic gateways. Much like API gateways of the past, these new control planes act as smart policy enforcement points for the digital workforce where agents’ intent is understood and checked before allowing execution. It also ensures that every agent has a unique, verifiable ID and that its actions are filtered through a security layer that can block unauthorized prompts and transactions in real-time. This shifts the requirement from static compliance to real-time observability and deterministic enforcement. The old governance playbook, designed for static services and human-triggered events, needs a substantial rewrite, not just a digital update.
The 2027 outlook: The need for transparent agentic computing
As we look toward 2027, the winners will likely be the organizations that move beyond fragmented tools and pilots to build robust agentic platforms. To achieve true scale, agentic platforms must anchor on three mature pillars:
- Real-time observability: Enterprises will move past basic logging to live traceability, utilizing high fidelity integrated agentic monitoring tools and dashboards to visualize agent reasoning paths as they unfold. This includes the emergence of supervisor agents designed to circuit-break runaway processes and a comprehensive array of kill switches that are required to give leadership the peace of mind to let agents operate autonomously.
- Universal semantic layer: The data problem will be resolved by a mature semantic layer acting as a universal translator. This requires revamping our understanding of data governance and data architecture to create a foundation suitable for transparent agentic computing where every agent shares a singular, governed understanding of corporate logic, effectively neutralizing the semantic drift that plagues today’s pilots.
- The immutable audit trail: Future architectures and agentic platforms must produce step-by-step immutable records of every autonomous decision. This creates provenance of agentic thought that will help in meeting the demands of stringent compliance and legal requirements.
The infrastructure is ready for a digital workforce. The question is whether the enterprise is.
Enjoying this post? Subscribe now so you never miss the next one.
Have you seen similar trends in your industry? Share your thoughts in the comments below.
Help spread the word — forward this to your network.
Mamoun Hirzalla | Alphabet CTO at Deloitte
This article contains general information only and Deloitte is not, by means of this article, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This article is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this article.
As used in this document, “Deloitte” means Deloitte Consulting LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of our legal structure. Certain services may not be available to attest clients under the rules and regulations of public accounting.
Copyright © 2026 Deloitte Development LLC. All rights reserved.