The State of Agent Governance—June 2026

AI has a governance problem. 

According to a recent report from McKinsey, only about one third of organizations felt their agent governance strategy had matured considerably over the last year. As McKinsey puts it, 

“This imbalance suggests that while technical and risk management capabilities are advancing, organizational alignment and oversight structures are struggling to keep pace with the rapid expansion of AI use.”

To put that in laymen's terms, agent usage is growing fast... but the systems required to govern it responsibly are not. And the consequences of these less-than-stellar governance practices are being felt at every level of the organization.

Security failures. Overspending. Organizational chaos.

You can’t scale agents effectively without scaling the controls to manage them efficiently—and that parallelism begins and ends with how you govern those agents at runtime. 

In this article, we’ll consider several recent studies on the state of agent governance to reflect on four of the biggest gaps—cost, security, ownership, and lifecycle management—and discuss why the solution to these challenges isn’t better models… it’s better infrastructure. 

Sound like your idea of a good time? Let’s jump in.

If you aren’t familiar with the classic maxim “mo agents, mo problems,” you should be, because it's what turns a little agent governance gap into an agent governance crisis. 

According to a recent report from Gartner, the average Fortune 500 will deploy more than 150,000 AI agents by 2028. To clarify, that’s 150,000 agents accessing data, spending tokens, and taking action in your environments. 

In a recent interview with the Wall Street Journal, “FICO” CIO Mike Trkay affirmed this sentiment when he shared that his org’s 3,500 employees are each creating dozens of new AI agents per day—

“Every day there’s quite literally new agents that are being created, and almost at every tier of the hierarchical structure,” Trkay said.

Unfortunately, according to that same study from McKinsey we mentioned earlier, only about 13% of organizations actually believe they have the right governance in place to support those agents effectively. 

The only thing better than one person creating one ungoverned agent is every person creating 150,000 ungoverned agents. 

Now, to be fair, controlling agents was tricky at the best of times. They’re non-deterministic. They’re logic only appears at runtime. And the most comprehensive agents will often span across multiple models and tool calls simultaneously. 

But as agent sprawl continues to take hold in the enterprise, it’s creating the perfect storm of expanding complexity and decreased visibility that, left unchecked, will overwhelm every infrastructure team, data security program, and token budget in its path. 

Let’s take a look at four critical ways agent sprawl is exacerbating the impact of the agent governance gap—and what the enterprise needs to do to solve it.

Earlier this year, Uber’s CEO reported to The Information that they’d blown through an entire year’s token budget in just under four months. Two weeks later, ServiceNow reported the same thing. And the headlines just keep coming. 

For months, AI engineering teams have been wearing their token spend like a badge of honor. But as token spend continues to skyrocket—and meaningful business outcomes remain stubbornly out of reach—some teams are beginning to question whether the ends really do justify the means. (And I have just a sneaking suspicion they do not.)

Gartner now predicts that over 40% of agentic AI projects will be canceled by the end of 2027, not because the models got worse, but because the economic profile never closed. 

Despite what the token-maxxing profiteers might tell you, spending the absolute most amount of money possible isn’t actually a recipe for any kind of success—unless that success is insolvency.

But the problem here isn’t that a handful of vibey tech bros are mortgaging their homes for inference—it’s that most enterprise leaders don’t have enough visibility into their agents to understand how much they’re spending in the first place. Or where they’re spending it.

That’s not an accounting problem. It’s not even a pricing problem. It’s a discipline problem. And that makes it a governance problem. 

Why it matters: if responsibility doesn’t go up, costs won’t come down

Cost-control is something most teams have been kicking down the road for the last 18 months or so; assuming that either token prices would come down or efficiencies would go up.

Neither of those things are happening. 

While the value of some models has improved on a per-token basis, the real cost to leverage those models has not. And what about those new efficiencies that were supposed to materialize from all this ungoverned vibe-coding? I think Bryan Catanzaro, Nvidia's VP of Applied Deep Learning, said it best in his interview with Axios: 

"For my team, the cost of compute is far beyond the costs of the employees."

Fueled by a misguided effort to elevate metrics over meaningful outcomes, the refrain from enterprise leaders has largely been “spend, spend, and spend.” But in all that spending, organizations forgot to ask two very basic questions: “What are we actually buying? And did anyone get the receipts?”

And once your team gets in the habit of spending for everything, it’s surprisingly difficult to convince them to stop—or suss out where all those tokens actually went in the process. 

Identifying the gaps

Like any governance problem, controlling costs isn’t just a simple matter of accounting—it requires a thoughtful and operational approach to infrastructure to understand not just how much you’re spending but where, why, and who was responsible. At a minimum, this means a system that includes:

• Token spend monitoring that’s simple to query and tracks usage across agents, models, and teams
• Rate limiting runtime controls to set thresholds on a per-agent and per-model basis
• Identity & access management to understand which agents are doing what and when—and how that ties back to the token costs at the end of it

When it comes to enterprise readiness, how you create your agents is often just as important as what you create. And that “how” turns out to be particularly important when we consider the current state agent governance.

According to new research from Adaptive Security, roughly 80% of employees are using shadow AI—unmonitored tools, models, or AI services—to power their daily workflows, with most utilizing an average of 3-5 different tools per day. 

Multiply that number by the total number of employees within a given enterprise and you’ve got a whole lot of unknown and ungoverned agents in your production systems. (Secret agents, if you will.)

Again, this isn’t a reflection of the efficacy of the models; it’s a consequence of it. 

The problem isn’t that making agents is hard. The problem is precisely that it isn’t. And the more ungoverned agents a user can spin up in a day—often motivated by that perennial mandate to do more with AI—the more severe that problem will become.

Why it matters: you can’t off-board what you can't see

But here’s the real agent governance challenge—those shadow agents don’t go offline when their creators do. As employees leave or lose interest, “zombie agents” continue to limp along unnoticed, accessing your data and draining down token budgets into perpetuity. 

If you can’t see what agents are running, you can’t see when to shut them down.

Zombie agents might be a relatively minor issue today, but as agents continue to be built and abandoned at will—and especially as the enterprise market continues its current rounds of layoffs—this intermittent problem is poised to become a full-blown epidemic. 

Identifying the gaps

Building agents is easy. Controlling them in a way that delivers safe, managed, and reliable business outcomes is not. To mitigate the impact of shadow agents, enterprise leaders need a centralized system to aggregate, manage, and share agents across teams, including:

• Agent registry to collate, identify, and catalog agents across models
• Agent workspace to safely and seamlessly share agents and skills between teams
• Agent offboarding to quickly rollback agents as needed

When we talk about agent governance, security is often what comes to mind first. What can those agents access? What can’t they access? Who’s responsible? 

And no question, scaled agent deployments definitely have a security problem. According to McKinsey, 88% of organizations have reported confirmed or suspected agent security incidents in the last year.

Instagram. Vercel. Microsoft. Meta. ServiceNow. Salesforce. The list goes on. From endlessly inaccurate outputs to painfully obvious security risks, agent sprawl continues to frustrate the risk profile of enterprise agents.  

Despite that, most organizations still prefer to manage their agents’ risk profiles the old fashioned way: bury their heads in the sand and just hope they go away at some point. 

According to some estimates, the average enterprise environment contains as much as 800 risky AI agents, with an eye watering forty-percent carrying medium-to-critical risk factors and no clear ownership to manage or resolve them (more on that later).

In fact, McKinsey suggests (with two-thirds of respondents agreeing) that security and risk concerns are actually the single largest barrier to scaling agents in production.

“Across almost all risk types, respondents report a meaningful gap between the risks they consider relevant and those they are actively mitigating.” 

That means that, for most teams, the primary bottleneck to adoption isn’t competency or literacy—it’s a lack of trust in their organization’s ability to deploy those agents securely. 

Why it matters: even small risks compound inside autonomous workflows

A misconfigured agent isn't limited by how fast you can click a mouse. Agents can execute hundreds of misguided actions in minutes—all without your team ever realizing it's happening.

Recent experiments, like this one from King’s College London—which modeled a Cold War-style standoff between nuclear powers—demonstrate how quickly even the smallest risk factors can snowball into corporate disaster without an appropriate governance system. 

“Across 21 simulations and 329 turns of play, the models chose to use tactical nuclear weapons in all but one game. No model, in any run, chose to surrender or make meaningful concessions.

The models researchers used had the same built-in safety rules that are in place when conversing with millions of people every day. And the rules worked exactly as designed. As a result, no move was by itself concerning. But the overall direction of play was, and no mechanism was in place to catch alarming trends.”

While the relative frequency of incidents appears to be largely static (finally some good news), the continued lack of investment in mitigation practices means confidence continues to slide on those same numbers (and there it goes). And if small errors cascade into major failures, it's not difficult to see why.

Identifying the gaps

Like most things in agent governance, risk awareness is far outpacing the implementation of controls, processes, and the tooling to manage it effectively; and it’s eroding trust in the entire system in the process. 

Just like token spend, agent vulnerabilities have very little to do with the underlying models, and a whole lot more to do with the infrastructure that supports them. And without the requisite governance tooling in place, new models won’t just accelerate positive outcomes—they’ll accelerate all the negative ones as well. 

Three areas that enterprise teams need to invest:

• Approval systems that enforce boundaries and mandate human approvals for high-risk actions
• Audit trails & logging including full-session tracing that demonstrates what the agent actually did, from reasoning logic to tool calls
• Credential scoping to ensure every agent has its own identity and explicit permissions for each integration.

If adoption is fueled by trust, then governance isn’t a compliance problem—it’s a business problem. But the good news is, nothing pulls an ostrich’s head out of the sand quite like a P&L statement.

To state the very obvious, agents aren’t like traditional software. The decision logic isn't prescribed. It's hidden in 175-billion parameters.

The actual decisions—which tool to call, how to reason, when to stop, what to prioritize—all emerge from model inference at runtime. So, if we can’t control the outcome, we need to get very serious about the ownership.
Some studies suggest that as few as 15% of organizations have near-to-full agent ownership. That means 85% of organizations are leveraging AI in production environments with little or no accountability. 

And we’re already starting to see the consequences. Rogue actions. Data leaks. Runaway token spend. All these problems trace back to a failure of ownership at the governance layer.

Why it matters: accountability collapses as agents scale

Agents are unpredictable by nature. That's just baked into the equation. But when we consider these data points in the context of new agent velocity (150k agents by 2028), we start to get a sense of how precarious the current state of agent governance really is. 

The more agents proliferate across the enterprise, and the more complex and heterogeneous the landscape becomes, the more difficult it is to simply define—let alone enforce—accountability. And it's precisely when complexity expands that you need a system to control that accountability the most.

In the same way you wouldn’t leave your non-deterministic children alone with a box of matches, you shouldn’t leave your non-deterministic agents alone with your production environment.

Identifying the gaps

In 2026, the race isn’t toward adoption. It’s toward ownership and accountability. 

Three questions every executive should be able to answer right now:

1. Who’s responsible for auditing our agents?

2. Who’s empowered to control them?

3. And who’s accountable when they fail?

Even agents are subject to the law of diminishing returns. Quick wins are easy to get. But as agents proliferate across the enterprise, your team’s ability to continue to drive value is directly correlated with your ability to manage complexity and control them effectively. 

Writing a few guardrails and manually scanning traces ad hoc might work when your agents are in the tens, but it’s untenable in the hundreds, and impossible in the thousands. So, if we want to see AI agents continue to drive value in the enterprise, we need to invest in the systems to manage them effectively. 

Agents do have limits. And they begin and end with your ability to govern them at scale. 

(James Everingham discussed this same topic in one of his recent articles. If you haven’t had a chance, I’d highly recommend you give it a read!)

Every agent—regardless of team or function—requires the same level of observability, access control, rate limiting, ownership, accountability, and centralized management to manage it effectively. And that means enterprise teams need an agnostic governance layer that sits outside those models to solve for it. 

This isn’t multiple siloed solutions. This is a single managed control plane.

No matter how good a model gets, it will only ever be as useful as the infrastructure that activates it.

According to McKinsey, “organizations investing $25 million or more into RAI initiatives report significantly higher maturity scores and are far more likely to realize material AI benefits.”

As McKinsey correctly goes on to explain, agent governance isn’t a tax on innovation—it’s an enabler of sustained value creation. And that's exactly what we're doing at Guild.

Guild.ai is the necessary governance layer that brings structure, visibility, and scalable control to any agent across any model. With Guild, enterprise teams of all backgrounds can seamlessly manage what agents can do, understand what they did, and respond faster when they fail—all from one centralized control plane.

In 2026, the question of "how to build agents" is a foregone conclusion. The only question now is whether you’ve got the governance in place to support them at scale.

And that's a question that won’t wait long for an answer.

Wondering how Guild can help you run your agents responsibly at scale? Let’s chat.