Skip to content
Journal

A new era for AI governance

by DANIEL POPOVSKI - SENIOR POLICY AND ADVOCACY ADVISER GOVERNANCE INSTITUTE OF AUSTRALIA -
Agentic AI marks a significant shift in how organisations operate, make decisions, and manage risk. Unlike earlier AI systems, agentic AI acts autonomously, sets goals, makes decisions, and executes actions with limited human oversight.

This development requires boards and governance professionals to move beyond traditional oversight models toward a more active role in delegation design, accountability, and system governance.

The Governance Institute’s White Paper on Governance in the age of agentic AI reframes AI not as a tool, but as a delegated actor within a digital workforce – a distinction with material implications for directors.

A structural shift in governance: from technology adoption to delegation

For boards, the most important insight from Governance Institute’s latest research is that deploying agentic AI systems is not simply a technology decision – it is an organisational delegation decision. AI agents and agentic systems can operate independently, integrate across enterprise systems, and execute multi-step workflows in real time. Unlike generative AI, which produces outputs for human review, agentic AI acts on those outputs by interacting with customers and clients, transacting on the organisation’s behalf and influencing outcomes directly.

For governance professionals, this fundamentally changes the questions they need to be asking. It is no longer sufficient to ask, is the output correct? We must now consider, was the decision authorised? Did it operate within approved boundaries? Can the organisation justify the outcome under scrutiny? This reframing elevates governance technical assurance to accountable systems by design. Delegation boundaries, escalation triggers and authority limits become foundational governance artefacts.

Why existing governance models are insufficient

Most existing governance frameworks assume predictable system behaviour, clear human oversight at decision points and bounded operational contexts. Agentic AI challenges each of these assumptions, as agents may operate with reduced predictability due to real-time adaptive decision-making, limited feasibility of real-time human review and interactions across complex internal and external ecosystems.

As a result, governance must evolve from model-level assurance to system-level oversight, recognising that risks arise not only from individual agents, but from how they interact across workflows, data sources, and third parties.

Traditional AI governance also focuses on model design, such as accuracy, bias and explainability. A system-level perspective, where agents interact with each other, expands this to recognise that risks arise from interactions between agents, data, tools and environments, not as individual models. This shift is especially critical in multi-agent system environments, where cascading failures and emergent behaviours can occur across interconnected systems.

Agentic AI systems also introduce new ethical dilemmas not reducible to compliance. Traditional principles such as fairness and transparency fail to resolve real-world trade-offs, requiring ongoing interpretative judgement. This positions governance as a continuous, adaptive practice, rather than a static framework. The concepts of ‘rogue AI’ and ‘goal drift’ emphasise the need for continuous, real-time monitoring pre and post-deployment to ensure appropriate guardrails are incorporated into the design of agentic systems so that governance becomes an orchestration of instruments achieving the same goal, rather than a game of whack-a-mole.

Defensibility and delegation authority as a new governance standard

Governing agentic AI systems is not simply about compliance, but about demonstrating that decisions were reasonable, lawful and aligned with organisational intent. This requires robust documentation, traceability, and auditability of agent decisions. As agents become more capable, there is a risk that humans defer to machine outputs, leading to ‘automation bias’. This necessitates governance interventions that preserve human judgement, including training, oversight tools and escalation mechanisms. Managing agentic systems requires defining delegation structures, aligning incentives and objectives and ensuring ethical and legal compliance. This elevates governance from a simple compliance function to a strategic enabler of organisational transformation.

Critically, agentic AI does not create a new legal entity. Organisations remain responsible for the actions of their AI systems, and directors retain their duties of care and diligence. This has two consequences for Boards. Firstly, they cannot rely on automation as a defence for failures, and secondly, governance failures in AI deployment are likely to be treated similarly to other enterprise risk failures. Agentic AI introduces new risks that require defensible governance strategies, such as unauthorised transactions or contractual commitments, data breaches and cyber vulnerabilities, and misleading or inappropriate external communications. Boards should be able to demonstrate that decisions taken by AI agents were reasonable, lawful and consistent with organisational intent.

Agentic AI also raises ethical issues that extend beyond compliance, particularly where outcomes may be technically lawful but ethically contestable. This may arise where efficiency conflicts with fairness, automation affects workforce outcomes and decisions impact vulnerable stakeholders. For boards, this elevates AI governance and deployment into the domain of reputation and social licence. Directors should recognise that stakeholder expectations around AI are evolving quickly, public scrutiny may focus on perceived fairness, not just legality and trust can be eroded even where systems perform as designed. This reinforces the need for governance frameworks that incorporate ethical judgement and stakeholder impact, not just compliance metrics.

AI agents as a digital workforce and the transition to hybrid organisations

Agentic systems can perform both routine and complex tasks, augmenting or replacing human activity across functions. This has several implications for how we redefine work. Human roles are shifting from execution to oversight and supervision, exception handling and strategic decision-making. Agentic AI signals a transition to hybrid organisations, where human and non-human actors operate together.

For boards, key implications include oversight capability, culture and behaviour and strategic positioning. Boards must ensure management has the expertise to design and supervise agentic systems, the tools to monitor performance and identify anomalies and have clear accountability structures across AI deployments. Boards should also expect management to address training and capability building, preservation of human judgement and clear escalation pathways. Organisations that balance innovation with governance discipline are more likely to realise value, while poorly governed deployments risk failure, particularly given that evidence suggests that many projects may be cancelled due to weak governance and unclear value propositions.

A Board agenda for action: the essential conversations with management

Agentic AI represents a step change in how decisions are made and executed within organisations. For boards, the challenge is not simply to oversee a new technology, but to govern a new category of organisational actor. Board oversight of agentic AI systems at the management level begins with essential conversations including clarity of delegation, system-level oversight, risk and control alignment, assurance and audit, ethical and reputational considerations as well as continuous monitoring.

Governance in this context is no longer about controlling outputs, but about designing and overseeing systems of delegated authority, accountability and trust. Boards that engage early by embedding governance into the design and deployment of agentic AI will be better positioned to harness its value while maintaining organisational integrity. Those that do not risk ceding control over decisions that ultimately, they remain accountable for.

AI board oversight

The White Paper on Governance in the Age of Agentic AI includes an Agentic AI readiness checklist to support adoption and deployment of agentic AI systems in the workplace, including a list of questions for the Board.

Key Trends in Cyber Security and Data Privacy (2026): a General Counsel lens

Next article