A Manifesto for Agentic AI Governance

Enterprises need an independent agentic AI governance layer, operating above their applications now, if they are to fully realise the value and manage the risk of autonomous agents.

Organisations are scaling agentic AI faster than most governance approaches can keep up. Autonomous agents are moving rapidly from pilots to production, executing complex workflows, making decisions, and operating continuously across multiple systems. While agentic AI is proving its value, the harder challenge is scaling it reliably and maximising that return on investment.

This makes independent oversight critical. In an agentic world, governance is no longer a periodic review exercise. Instead, it is an operational discipline. Independent agentic AI governance is emerging as a distinct enterprise category because existing frameworks are insufficient, and platform vendors cannot be expected to govern themselves.

Governance Is an Operational Activity

In an agentic environment, governance must be woven into workflows, decisions and controls as agents operate. Crucially, it must sit above all platforms and agents, providing independent oversight while remaining embedded in how agentic AI operates. It must shape behaviour in real time while also enabling speed, scale and trust.

The cloud era showed the way. In mature cloud environments, governance increasingly moved into the infrastructure itself through policy-as-code, automated guardrails and continuous compliance built into operations. Agentic AI needs the same model, but with a broader purpose. It is not only about managing risk. It is also about making agentic systems usable, scalable and productive at enterprise level.

Governance must not be treated as a brake on innovation. It must be treated as a core ingredient for making innovation operational and for enabling agentic AI to scale.

Existing Governance Frameworks Fall Short

Enterprise IT governance, architecture management, data stewardship, cloud governance and the internal AI governance committees now emerging in many organisations, provide a foundation, but they are insufficient. COBIT and TOGAF are useful frameworks, but they do not solve the problem of a platform both running agentic AI and supplying the evidence used to assess it. TOGAF’s phases and review cycles suit slower moving environments better than agentic systems, and neither framework addresses data generated autonomously across platform boundaries. Agents do not wait for the next architecture review board.

The AI-specific frameworks, including NIST AI RMF and ISO 42001, are among the strongest available. They remain necessary foundations, but they still focus mainly on how an enterprise manages its own AI systems rather than the governance problems created when agentic AI operates across platforms and boundaries.

Singapore’s IMDA Model AI Governance Framework for Agentic AI provides practical guidance across risk assessment, human accountability, technical controls and end-user responsibility. It is a useful reference point, but it does not resolve the independence question. It governs how an enterprise manages its own agents, not the conflict of interest that arises when the platforms generating the activity also supply the governance evidence.

The same applies to the internal frameworks many enterprises have built for generative AI and LLMs. These usually include prompt guardrails, acceptable use standards, bias controls and output review processes. They are valuable, but they were built around a human being in the loop at the point of decision. Agentic AI removes that assumption. As agents chain together decisions across multiple systems, nobody may have approved the individual steps that led to the outcome, and nobody may even have seen them.

The Structural Problem with Platform-Native Governance

The major enterprise platforms are building extensive agentic AI capabilities and local governance. Microsoft, ServiceNow, Salesforce, SAP, and many others are embedding increasingly sophisticated governance tooling into their products. Many enterprises find these capabilities valuable.

The issue is not capability, but independence. A platform cannot truly oversee itself in an independent way. Its governance tooling uses its own telemetry, methodologies, and analytics models to assess activity within that specific platform. While this is appropriate for internal operational management, it is fundamentally different from independent governance.

This is a commercial reality, not a criticism. Every major platform vendor wants deeper integration and stronger customer retention. The challenge faced by organisations is whether oversight should sit inside the same commercial arrangement it is meant to govern.

Existing governance disciplines provide a solid foundation, but they do not fully solve the challenges that autonomous agents create. Enterprises need to govern cross-platform activity in a way that is independent, operational, and scalable. This creates an urgent requirement for a new approach.

The Independent AI Governance Framework: Ten Principles

The framework proposed here is not a replacement for existing governance structures. It is a set of guidelines that may help enterprises scale agentic AI more effectively and generate more value from their investments.

1. Architectural Independence

The independent governance layer should be persistent presence above the enterprise application and platform estate, not a feature within any individual platform. It needs to be continuously operating infrastructure that connects to every platform in the AI estate, ingests governance-relevant signals from each and maintains an independently controlled governance record that belongs to the enterprise and no one else. Applications and platforms come and go. The governance layer persists above them, accountable to none of them.

2. Governance for Operational Excellence and Resilience

Independent governance exists primarily to make enterprises better run. Compliance is critical, but it should not dominate governance. In an agentic world, governance must keep pace with agentic operations. Enterprises need to know which agents are operating on their behalf, whether the data they consume is trustworthy, whether agentic AI investments are delivering the returns being claimed, and whether their governance evidence can survive a vendor relationship ending. Governance must also remain available if any platform in the AI estate becomes unavailable.

3. Data Portability and Sovereignty

Governance data and operational logic must be owned by the enterprise, stored in formats the organisation controls, and portable without the cooperation of any individual vendor. Audit trails, decision logs, model performance records, and policy attestations must not accumulate inside platform infrastructure the enterprise cannot independently exit. The enterprise must be able to produce its complete governance data to any auditor without requiring the cooperation of any external platform. True sovereignty dictates that the enterprise retains the absolute right to verify and control its autonomous operations, ensuring continuity even if a primary vendor relationship shifts or dissolves.

4. Data Governance as an Agentic AI Governance Foundation

Independent agentic AI governance cannot be built on ungoverned data. Enterprises need a unified data catalogue, consistent classification, automated lineage tracking, continuous quality monitoring and a semantic layer that preserves meaning across platforms. Every dataset, including agent-generated data, needs a named owner accountable for its quality and fitness for purpose.

5. Federated Architecture

Enterprise agentic AI runs across many platforms simultaneously. The most significant governance risks are at the boundaries between those platforms, as lines of responsibility break down and platform-native tools do not always provide a unified view. Independent agentic AI governance should ingest signals from any platform through standardised connectors, normalise them into a common governance data model and provide a unified view without requiring every platform to adopt the same architecture.

6. Reduced Vendor Concentration

Independent agentic AI governance must avoid dependence on too few vendors, because concentration at the platform layer can create a single point of failure for both operations and governance evidence. It should preserve independence, maintain resilience, and ensure that governance does not recreate the same concentration risk it is meant to manage.

7. Cyber and Identity Governance Across Machine Boundaries

Agentic AI governance and cybersecurity governance cannot be treated as separate functions. The governance layer must track identities at scale, including human users, AI agents, automated workflows, service principals and model-to-model connections. An autonomous agent crossing multiple platform boundaries may operate under different identity contexts in each system. Without consistent identity tracking across those boundaries, the accountability chain for any agentic decision cannot be reliably established.

8. Continuous Cross-Platform Auditability

Governance evidence should be generated and stored as agentic AI activity occurs, not reconstructed after the fact. Platform-native tools can log what happens within their own boundaries, but they do not usually provide a complete record of cross-boundary transitions, including the data that crossed, the identity that authorised it, or the governance state at the moment of handoff. A governance layer above the platforms can capture that evidence continuously and make it available in real time or for later audit.

9. Agent Accountability and Ownership

Every AI agent must have a named owner, an authorisation record, defined operational boundaries and a decommissioning process. Accountability cannot stop at deployment. Ownership also carries responsibility for integrity and availability. If an agent drifts from the behaviour it was authorised for, the owner must detect it and act.

10. Independent Quantification of AI Risk and Value

Neither agentic AI risk nor its value should be measured only by the platform that has a financial interest in the answer. Independent agentic AI risk tools can estimate risk in financial terms using independent data sources rather than relying on a platform’s own reporting. Vendors can do the same with ROI figures, using their own methods and metrics. If enterprises use those numbers alone, they risk making decisions with less reliable

information.

The Emerging Market Category – Independent Agentic AI Governance

The independent agentic AI governance layer described in this framework is not yet a clearly established commercial category, but enterprise demand for it is growing. Boards need information that platform dashboards cannot provide independently. Risk functions need numbers they can stand behind, and agentic deployment is advancing faster than governance architecture. Existing tools are fragmented, and many pure-play governance capabilities are being absorbed into larger platforms. The market still lacks a fully integrated, cross-platform governance layer with independent evidence capture and operational resilience.

This is not a compliance-first category. It is an operational one. Agentic AI governance is increasingly the discipline organisations need to run themselves well. Regulation is imposed from outside. Compliance is evidence of adherence to those obligations. The organisations that build independent agentic AI governance will be better able to run agentic AI, manage risk and satisfy regulatory expectations as a result.

The Missing Layer

Enterprises are scaling agentic AI deployments at a velocity that completely outpaces current governance infrastructure. Boards urgently need independent insights and hard data on their agents, including the actual value they deliver, the risks they carry, and where ultimate accountability sits. They also require governance evidence they control entirely themselves, rather than telemetry trapped inside vendor ecosystems they cannot independently exit.

Enterprises must build independent agentic AI governance now, applying the same rigour and operational discipline to autonomous machine activity that they already apply to finance, data, and legal risk. A continuously operating, vendor-independent layer is the missing layer.

Andrew Milroy is the founder of Veqtor8, a Singapore-based global technology advisory firm. He has spent more than 25 years advising enterprises on technology strategy across AI, cybersecurity, cloud and data management across North America, Europe and Asia Pacific.

This article reflects the author’s opinion and analysis based on publicly available information and professional conversations. It is not legal, regulatory or investment advice.