KPMG’s enterprise guidance on AI agent management surfaces a critical concern that moves beyond technology into organizational and governance realms: the risk landscape around agentic AI is broader and deeper than most companies have planned for. This isn’t just a security problem; it’s a business continuity, compliance, and operational risk challenge that requires cross-functional oversight. Companies deploying AI agents without comprehensive risk frameworks are essentially running unsupervised experiments in their production environments.
The first risk domain centers on accountability and audit. When an AI agent makes a decision—approving a transaction, provisioning infrastructure, modifying data—who is responsible? Traditional audit trails trace human users to their actions. But agents operate autonomously, often with delegation chains that obscure causality. If an agent causes damage or violates compliance requirements, the forensic trail becomes murky. Regulators expect clear accountability. Companies that can’t demonstrate who authorized an action face enforcement action, not just security incidents. Non-human identity governance becomes a compliance mandate, not an optional security control.
The second risk involves agent-to-agent interaction. Most enterprise deployments assume agents interact with systems and data. But in sophisticated environments, agents spawn sub-agents, coordinate with peer agents, and form execution chains that exceed human comprehension. These interaction patterns can inherit permissions across chains, escalate privileges inadvertently, and create privilege vectors that bypass human oversight entirely. Understanding and governing these lateral movements requires visibility into machine identity delegation patterns that most organizations simply don’t have.
The third risk addresses behavioral drift. Unlike applications with fixed logic, AI agents learn, adapt, and change behavior over time. An agent that was safe last quarter might be unsafe today if the underlying model updated or if the operational context shifted. Governance frameworks for agents can’t be static. They must include behavioral monitoring, baseline deviation detection, and rapid remediation when agents behave unexpectedly. This demands continuous NHI governance, not periodic reviews.
The fourth risk involves integration complexity. Agents operate across systems—cloud platforms, databases, APIs, legacy systems. Each integration point represents an attack vector and a potential governance failure. If an agent has excessive permissions on one system, it has the keys to the kingdom. Companies should enforce a zero-trust model for agent identity, verifying permissions at every system boundary and limiting agent access to the absolute minimum necessary for their declared purpose.
Source: KPMG