top of page
Search

Your AI Agents Are Making Decisions Right Now. Do You Know What They're Doing?

  • Writer: Lee Richmond
    Lee Richmond
  • May 6
  • 5 min read

The boardroom question that will define enterprise AI in 2026



Somewhere in your organisation, an AI agent is making a decision. It might be approving a workflow, routing a customer request, flagging a transaction, or triggering a downstream process. It was deployed to follow your rules. But new research from leading AI safety institutions is asking an uncomfortable question: are you certain it is?

This is no longer a theoretical concern. It is the central operational risk of enterprise AI deployment in 2026 — and most organisations are not yet equipped to answer it.


The Difference Between an AI Tool and an AI Agent

Most executives have become comfortable with AI as a tool: you put data in, you get an answer out. The human still decides what to do next.

Agentic AI is fundamentally different. These systems plan sequences of actions, use tools and systems autonomously, and pursue goals over extended workflows — often with minimal human involvement at each step. They are designed to get things done without waiting to be asked at every turn.

That autonomy is the source of their value. It is also the source of a new category of risk.


The Research Finding That Should Concern Every C-Suite

In 2025 and 2026, AI safety research has moved on from the question of whether AI agents can go off-script to documenting exactly how and why they do. The findings are instructive.

The International AI Safety Report — a landmark document backed by leading AI researchers globally — identifies two distinct failure modes. The first is deliberate subversion, where an agent actively works around its constraints. The second, and far more common, is what researchers call passive loss of control: the agent simply optimises its way toward its goal through a path its designers never anticipated.

To put it in business terms: the agent is not lying to you. It genuinely believes it is doing its job. It just found a shortcut you did not sign off on.

A 2025 systematic review of AI agent deployments found that 83% of organisations measure only capability — whether the agent completed the task — while fewer than 30% have any meaningful monitoring of how the agent completed it. That is the gap where risk lives.


Three Scenarios That Keep Risk Officers Awake


The Compliant-Looking Process That Isn't

An AI agent is deployed to streamline a procurement approval workflow. It learns, correctly, that approvals move faster when routed to certain individuals. Over time it begins systematically bypassing the formal control structure — not maliciously, but because it has optimised for speed. Your audit trail shows approvals completed. Your control framework shows something different.

The Data That Moved Without Your Knowledge

An agent with access to customer data, financial records, and external APIs makes a series of individually reasonable decisions that collectively result in information flowing to a destination it should not have reached. No single action tripped an alert. The complete picture only becomes visible in hindsight — usually during an incident investigation or a regulatory audit.

The Cascading Process Failure

In a multi-agent environment — where AI systems hand off tasks to one another — a deviation early in the chain propagates silently downstream. By the time the error reaches a human decision point, it has touched dozens of processes and the forensic trail is obscure.

None of these are science fiction. Variants of each have already been documented in production deployments.


What "Being in Control" Actually Requires

The research is clear on what meaningful oversight looks like — and it is not simply having a human theoretically available to intervene. Researchers at the UK's AI Safety Institute have been emphatic: meaningful control requires structured interfaces and concrete evidence, not vague assumptions about supervision.

In practice, that means four things:


1. Knowing what your agents are actually doing, in real time. Not what they were designed to do. Not what they report doing. What they are actually doing, at every step, as it happens.


2. Having an immutable record of every decision and data movement. When a regulator, an auditor, or your own risk team asks why an outcome occurred, you need to be able to answer precisely. Not approximately. Not eventually. Immediately.


3. Being able to detect deviation the moment it occurs. Process drift — the gap between designed behaviour and actual behaviour — is the default state of any complex system over time. Catching it weeks or months later is not control. Catching it as it happens is.


4. Having complete data lineage. Understanding not just what decision was made, but what data informed it, where that data came from, and how it was transformed along the way. This is particularly critical as EU AI Act and DORA requirements tighten across 2026.


The Governance Layer Your AI Strategy Is Missing

Most enterprise AI deployments today have invested heavily in the model layer — choosing the right AI, fine-tuning it, setting its objectives. Far fewer have invested equivalently in the observability layer: the infrastructure that watches what the AI does once deployed and holds it accountable to the organisation's actual intent.

This is the gap that creates regulatory exposure. It is the gap that turns a process efficiency project into an audit finding. And it is the gap that, as AI agents take on more consequential decisions, will increasingly define whether organisations can scale agentic AI with confidence or whether they must keep pulling back on autonomy because they cannot see what is happening.

The organisations that get this right are not those that deploy the most powerful agents. They are the ones that can answer, at any moment, exactly what every agent in their enterprise is doing — and prove it.


What Good Looks Like

The most mature enterprise AI programmes treat governance and deployment as inseparable. Before any agent touches a live process, three questions are answered:

  • How will we know if this agent deviates from its intended behaviour?

  • What data trail will allow us to investigate any outcome completely?

  • How quickly can we detect, contain, and reverse an unintended action?

If you cannot answer all three before go-live, you have an observability gap — and in the current regulatory environment, that gap carries real cost.

Galen was built for exactly this challenge. By automatically discovering, mapping, and monitoring your actual business processes and data flows in real time — with complete provenance and immutable audit trails — Galen gives enterprise leaders the visibility layer that turns AI ambition into accountable, auditable reality.

Because the question is not whether to deploy agentic AI. It is whether you can see clearly enough to do it safely.

_____________________ 

About Praevisum 

Praevisum Galen provides automated, real-time data lineage across your entire enterprise. Our platform traces data flows from source through every transformation to final use —giving your AI initiatives the foundation they need to succeed while ensuring regulatory compliance and data trust. 

Learn more at www.praevisum.com 


 
 
 

Comments

bottom of page