Today’s agentic AI systems are best understood as exercises in complex workflow automation: exercises in which every step of the process must be deliberately designed, or, better stated, deliberately constrained. As such, they are proving a natural, if provoking, means for stress-testing every aspect of an organization’s data, analytic, and business governance practices, beginning with the organization’s business acumen and ending with operational security and resilience.
As Maximilian Vogel recently reflected on the Pondering AI podcast episode “To Be or Not to Be Agentic,” an initial instinct is to assume that agentic AI must replace 100% of a business process. In practice, this is unlikely. More importantly, it is often both undesirable and unnecessarily limiting. For example, when processing insurance claims, there is a subset of claims that lend themselves well to agentic triage. These tend to be well-bounded, lower-value incidents focused on singular events or items. Therefore, rather than choosing to automate all claims processing, the business goal is to process 80% of claims which fall into well-circumscribed categories and for which a majority, but not all, can be successfully processed end-of-the-end.
In another case, it may be that a process is not segmented horizontally but vertically. In this case, the agentic AI system is used to process, prioritize, and package information up to a defined point, when the process transitions to a human expert for action.
None of these scoping decisions, including the boundaries of execution and confidence criteria, can be left to, or indeed made by, an AI agent. Human discretion and discernment are required. The following is a non-exhaustive list of questions to be considered:
What workflows, or segments thereof, are amenable to automation? Will such systems run parallel or be integral to human workflows? At what junctures might the process divert to a human? When must an event be diverted or escalated to a human worker? When can a human worker delegate an event/ action to the AI agent? What is the user or customer’s tolerance for error or their expectation for service? How does all of this align with the corporation’s risk tolerance and appetite?
Blithely assuming an agentic AI system or a large language model (LLM) will work any of this out on-the-fly is folly, as is assuming that a quick off-the-cuff proof of concept will naturally or easily scale to a production-ready level of reliability and resilience. Indeed, not meticulously attending to every facet of the process will inevitably lead to what Keren Katz presciently describes as “success in the wrong context”—in which the agentic system works, just not in the manner expected. Like analytic models from time immemorable, agentic AI workflows often fail subtlety yet spectacularly in the grey.
Of course, establishing clear business expectations, boundaries, and constraints is just the start of the process. Agentic AI systems are typically sophisticated, engineered workflows that utilize a series or mix of discrete analytic models, including rules-based components and decisioning engines to execute on an objective. Make no mistake: Agentic workflows don’t (or shouldn’t) have unbounded access to your organization’s data and analytic environments. APIs and model context protocols don’t remove the need for ensuring tools are contextually relevant. The agent’s objective, data fitness requirements, which models and/or tools to employ, and clear operating boundaries must all be defined and subsequently instantiated, validated, and re-validated at every step of the analytic/AI lifecycle by people using all the legacy data and analytic practices garnered to date. Mechanisms, both automated and human, are also required to monitor and remediate issues when an agentic system veers off course, which it will inevitably do.
These determinations require not just analytics/AI acumen but an understanding of the error tolerances and expectations of both the organization’s stakeholders and its customers. Even seemingly simple bots built to query an organization’s knowledgebase require analytic discretion. An LLM, left to its own devices, will always return an answer. But can that answer be relied on? What mechanisms, if any, including user facility and awareness, can ensure the system’s responses fall within acceptable bounds?
Far from the simplistic vision of one LLM to rule them all, agentic AI is the purest expression of an organization’s comprehensive analytic and data capabilities. Successfully designing and deploying AI agents (as currently defined) exercises the entire governance value chain, from business acumen to operational security and resilience. As such, agentic AI may prove to be the trigger that finally gets analytic and data governance, in its fullest form, off the page and into serious practice.