Governance & Risk: The Board’s New AI Oversight Mandate

THE AGENTIC ENTERPRISE — PART 4 OF 8

Mar 26, 2026

∙ Paid

This essay and its extended strategic notes are reserved for premium members of AI Strategies for CEOs — the executives and investors shaping AI’s next chapter.

- When AI agents make autonomous decisions that affect the business, governance cannot be delegated solely to the CTO. Boards require direct oversight, yet most are not adequately prepared.

In late 2025, a procurement agent at a mid-sized European manufacturer autonomously approved a supplier contract containing a pricing clause that the legal team would have flagged. The agent, deployed three months earlier, had processed over four hundred contracts successfully and operated within its defined parameters. Although the clause was technically within the approval threshold, a human reviewer would have escalated it due to concerns about the vendor relationship, not because it violated a rule.

The contract was executed. The financial impact was meaningful but not catastrophic. The board learned about it two weeks later, in a risk committee meeting, as a line item in an operational incident report.

This anonymized account reflects a real situation and illustrates the governance challenge of the agentic enterprise. The agent did not malfunction or hallucinate; it operated within its technical boundaries. However, its decision had consequences beyond its contextual understanding, and the governance structure was not equipped to address this.

Continue reading this post for free, courtesy of Axel Tombereau.

Or purchase a paid subscription.