Enterprises are rushing to deploy AI agents while their risk controls trail far behind, according to new findings from Deloitte’s State of AI in the Enterprise research. The consultancy says agentic systems are moving from pilot to production at a blistering pace, but only a minority of organizations have the guardrails needed to keep autonomous software from making costly mistakes.

Adoption Soars While Governance Guardrails Lag Behind

Deloitte reports that 23% of companies already use AI agents at least moderately, and that share is expected to reach 74% within two years. Meanwhile, the portion of firms not using agents at all is projected to drop from 25% to 5%. Yet just 21% of respondents say their organizations have robust oversight mechanisms in place for these tools—an imbalance that points to mounting operational and security exposure.

Table of Contents

Adoption Soars While Governance Guardrails Lag Behind
Why Agentic AI Raises Unique Operational Risks
Early Warning Signs Emerge Across Modern Workplaces
What Effective Governance Looks Like for AI Agents
The Business Case For Going Slower To Go Faster

A colorful, abstract, wavy shape with a white square and dots in the center, set against a professional flat design background with soft patterns and gradients.

The consultancy frames the gap bluntly: without formal governance, agent deployments will struggle to deliver value reliably. As agentic AI shifts from limited trials to business-critical workflows, organizations need durable controls that scale with usage, not ad hoc measures bolted on after incidents.

Why Agentic AI Raises Unique Operational Risks

Unlike traditional chatbots that answer questions inside a single interface, agents can plan tasks, call external tools and APIs, sign documents, make purchases, or update records across enterprise systems. That autonomy boosts productivity—but it also expands the blast radius if something goes wrong.

Common failure modes include prompt injection that hijacks an agent’s goals, misconfigured tool use that triggers unintended transactions, and over-permissioned access that lets agents touch sensitive data beyond their remit. In practice, that can mean a virtual assistant approving invoices that don’t meet policy, changing CRM records incorrectly, or exposing client information during a workflow handoff. The risks cut across security, compliance, finance, and customer trust.

Early Warning Signs Emerge Across Modern Workplaces

Signals from outside Deloitte’s study point the same direction. The National Cybersecurity Alliance has found that many employees use generative AI at work without receiving formal training on privacy or safe usage. Gallup polling shows a sizable share of workers do not even know whether their organizations deploy AI at an enterprise level—a governance visibility problem in itself.

Security researchers have repeatedly demonstrated that agents can be steered into unsafe actions through carefully crafted inputs, and internal red-team exercises often surface issues like data leakage, cost overruns from uncontrolled tool calls, and brittle behavior when agents operate beyond familiar contexts. These are not edge cases; they are predictable outcomes when autonomy arrives before policy and monitoring.

A woman in a pink shirt is centered in a circular, reflective orb, surrounded by a vibrant, organic-looking ring of green and purple textures with white dots and lines radiating outwards. The background is a gradient of green to purple.

What Effective Governance Looks Like for AI Agents

Deloitte recommends clear boundaries around what decisions agents can make independently versus which require human approval. A practical approach is tiered autonomy: start agents in read-only or suggestion modes, then graduate to constrained write actions with checkpoints, and only later allow fully automated execution in narrow, well-tested domains.

Controls should mirror those used for any powerful software service.

Least-privilege access per tool and data source.
Sandboxed and segmented execution environments.
Rate limits and spending caps to prevent runaway actions.
Pre-deployment safety testing and red-teaming focused on prompt injection, data exfiltration, and tool misuse.
Real-time monitoring that records every tool invocation and decision step, paired with immutable audit trails for accountability and post-incident learning.

Enterprises can align these measures with established guidance such as the NIST AI Risk Management Framework and relevant ISO standards for AI risk and information security. Procurement and legal teams should adapt vendor diligence to cover agent behaviors, model update cadence, and safety guarantees, not only accuracy benchmarks.

Equally important is workforce readiness. Business users need concise training on what not to share with AI systems, how to spot anomalous behavior, and the escalation path when an agent goes off-track. Without shared literacy, even strong technical controls can be undermined by well-meaning employees.

The Business Case For Going Slower To Go Faster

Agentic AI can unlock meaningful efficiency—automating rote tasks, stitching together siloed tools, and accelerating decision cycles. But the near-term returns are easily erased by a single high-impact error. Boards and executives should treat agent rollout as a risk-managed transformation: define measurable outcomes, gate autonomy behind performance thresholds, and expand only when monitoring shows stable, repeatable results.

The headline from Deloitte is not anti-automation. It is a timing problem. Capability is compounding faster than control. Closing that gap—through governance, design discipline, and user education—will determine which organizations scale agentic AI into durable advantage and which stumble into preventable incidents.