Patricia Alfheim
June 11, 2026

Gartner predicts an AI agent governance reckoning

Gartner predicts an AI agent governance reckoning

Gartner recently predicted that by 2027, 40% of enterprises will demote or decommission autonomous AI agents due to governance failures discovered after production incidents occur.

That number deserves a moment. It means nearly half of organizations deploying agents today are doing so with controls that won't hold — and they'll only find out once something goes wrong.

According to Gartner, enterprises are deploying agents with fundamentally different capabilities and consequences, and governing them all the same way. The controls break at both ends: low-risk agents get burdened with unnecessary restrictions, while high-autonomy agents operate with access and authority the organization never properly evaluated.

What actually determines an agent's risk level

What separates a low-risk agent from a high-risk one is the nature and permanence of what it can do, not just what it can access.

A document summarization agent reads information and returns a response. If it gets something wrong, the cost is low: a user notices, corrects it, and moves on. No records were changed. No external party was contacted. No money moved. The error is visible and recoverable.

An agent that updates customer records, triggers payment workflows, or sends communications on behalf of the business operates in different territory entirely. A mistake here propagates through downstream systems before anyone spots it, creates compliance exposure, and damages customer relationships in ways that are difficult to undo.

Risk scales with three things: how irreversible the action is, how sensitive the data involved is, and how many systems the agent can affect. An agent that reads is categorically different from one that writes. An agent writing to internal logs is categorically different from one writing to financial records or reaching external parties. That spectrum is wide — and it keeps widening as organizations deploy agents across more functions.

Applying the same controls across every agent creates friction where flexibility is needed, and introduces risk where stronger safeguards are required.

Multi-agent workflows distribute risk across the entire chain

The challenge compounds significantly when agents work together — and in enterprise deployments, they increasingly do.

Consider a typical pipeline: one agent retrieves data from enterprise systems, a second analyzes it, a third decides on a course of action, and a fourth executes the changes. Each step looks contained in isolation. But the final action — the one with real-world consequences — is the product of every preceding decision, every piece of data passed along the chain, and every policy that did or didn't apply along the way.

This creates two problems that static governance models struggle to handle. First, accountability becomes distributed: no single agent owns the outcome, so it's unclear which controls prevented harm or which gap allowed it. Second, errors and biases introduced early in the chain can silently propagate — shaping downstream decisions before anyone has a chance to catch them.

Governance has to account for the entire decision chain. That requires visibility into:

  • Which agents participated in a workflow
  • What information was exchanged
  • Which policies applied at each step
  • How decisions were reached
  • Why actions were authorized

Where role-based models break down

Many organizations govern access through predefined roles, static permissions, and broad policy categories. These models were built for human employees performing predictable tasks within defined systems. They're familiar, manageable, and increasingly inadequate for agents.

An agent may be permitted to access a dataset but should only be authorized to take certain actions with that data. The same dataset may carry different obligations depending on the task being performed, the user being represented, the jurisdiction involved, or the sensitivity of the specific records. A role can only approximate that — and approximations create gaps.

As agents interact with more systems and participate in more complex workflows, governance decisions become more context-dependent. Broad classifications erode with scale.

Governance that reflects actual risk

Gartner recommends aligning governance requirements with an agent's level of autonomy. The prerequisite is the ability to evaluate actions in context — assessing each request against the specific circumstances surrounding it, including:

  • The identity of the agent
  • The action being requested
  • The data involved
  • Data sensitivity and governance requirements
  • Relationships between users, entities, and resources
  • Business policies and regulatory obligations
  • Trust signals associated with the underlying data

A read operation on public data should carry different overhead than a write operation on regulated financial records. A low-autonomy agent warrants different friction than one making consequential, hard-to-reverse decisions. Governance that can make those distinctions precisely is governance that can scale.

The question every enterprise should already be asking

The number of agents operating inside enterprises will grow substantially over the next few years — across customer service, operations, finance, software development, and analytics. The organizations that scale well will be the ones that built governance models capable of distinguishing between agents from the start.

Gartner's 40% figure is a prediction, but it's also a diagnostic. If something went wrong in one of your agent workflows today, could you explain exactly what happened, why it was authorized, and which control should have caught it? If the answer is uncertain, the governance model probably is too.

Enterprises need governance models that accommodate different levels of autonomy, different categories of data, different business outcomes and agents working together with different levels of trust.  

Granular control enables organizations to support low-risk use cases efficiently while applying appropriate safeguards to actions that carry greater operational, financial, or regulatory impact.

As AI agents become a larger part of enterprise operations, governance will increasingly depend on an organization's ability to apply the right controls to the right actions under the right conditions.

We have some ideas and solutions for how this can be achieved - check it out at IndyKite.ai/agentcontrol

PRODUCTS

Knowledge Based Access Control

Customer identity and authorization is powered by Knowledge Based Access Control. This advanced authorization tool allows you to intuitively design granular, secure and intelligent authorization decisions. Powered by a knowledge graph, it leverages context, relationships and rich metadata to facilitate intelligent access control with hyper precision.

Read More
Knowledge-Based Access Control main visual
PRODUCTS

Identity Knowledge Graph

Accurately reflect your landscape of users, applications, machines and data types. A real-world data model of both person and non-person entities and the relationships between them.

Read More

Keep updated

Other resources

All news