Governance Is Not a Prompt
Summary
On April 17, 2026, the Federal Reserve, OCC, and FDIC issued SR 26-2, new interagency guidance on model risk management, which notably excludes agentic AI from its scope. This exclusion, replacing the 15-year-old SR 11-7, signals that the existing model risk management paradigm is insufficient for agentic AI, which operates as a system using models to perceive, reason, plan, and act across multiple steps, often autonomously. Current industry practices, such as strong system prompts, flat-file memory, and LLM-based judges, are deemed inadequate for serious governance in high-risk sectors like banking, healthcare, and law. These methods provide "soft influence" rather than the "hard control" required for systems that can make consequential decisions. The regulators have left the governance of agentic AI open for future rulemaking, indicating a need for a new, robust framework.
Key takeaway
For CTOs and VPs of Engineering/Data developing or deploying agentic AI in regulated environments, recognize that current "standard harness" governance approaches are insufficient. You must prioritize building external, auditable governance structures that enforce policies deterministically, rather than relying on probabilistic model interpretations. This shift is critical to avoid regulatory exposure and ensure true accountability, moving beyond mere compliance appearance to substantive control.
Key insights
Existing model risk management frameworks are inadequate for agentic AI, necessitating a new governance paradigm focused on external, enforceable controls.
Principles
- Governance is a structure, not a feeling.
- Separate thinking from deciding in agentic AI.
- Governance must be enforceable, not merely advisory.
Method
A governed agentic architecture requires externalizing policies into structured, executable rules, maintaining authoritative state with provenance, using typed verification, gating actions, and constraining workflows with behavioral contracts.
In practice
- Implement policies as executable rules, not just prose.
- Use deterministic checks for numerical and threshold verification.
- Gate agent actions at the tool layer based on prerequisites and permissions.
Topics
- Agentic AI Governance
- Model Risk Management (SR 26-2)
- Financial Sector Regulation
- External Policy Enforcement
- LLM Judge Limitations
Best for: CTO, VP of Engineering/Data, Executive, Legal Professional, Policy Maker, Director of AI/ML
Related on AIssential
Editorial summary, takeaway, and curation by AIssential. Original article published by Agus’s Substack.