Board-Level Risk Assessment · February 2026
From managing tools to governing autonomous digital actors
Most organisations are still thinking about AI as a set of discrete tools. They are, in fact, building a distributed digital workforce — one with its own relationships, dependencies, and emergent behaviour.
This is the subject of The Emerging Risk of AI Agent Networks, a 22-page board-level risk assessment published by Linacre Capital in February 2026. It named the problem of unmanaged AI agents inside the enterprise ten weeks before Gartner described the same phenomenon as agent sprawl at its Digital Workplace Summit in London.
The central argument is straightforward. The danger is not that a single AI agent will malfunction. It is that networks of interconnected agents — inside the organisation and across its vendors — will develop behaviours, dependencies, and decision-making patterns that no single person designed, authorised, or fully understands. Each agent may be operating exactly as built, while the network produces outcomes no one intended.
The most likely path to that state is not a dramatic failure. It is drift. An agent is allowed to draft, then to recommend, then to route, then to trigger, then to act across systems. Each step looks manageable. No single change is large enough to reach the board. Taken together, they create a decision-and-execution layer that is faster than governance, distributed across vendors, and difficult to evidence after the fact.
That is an organisational control risk, and it belongs on the board agenda.
The full assessment sets out the complete picture: the nine categories of risk, the distinction between threats that exist now and those on the near horizon, a five-point autonomy scale and a five-category framework for measuring drift, a three-layer governance model with a practical operating model, and a detailed regulatory mapping across the United States, United Kingdom, and European Union — including HIPAA, the EU AI Act, Colorado SB 205, ONC requirements, and UK regulatory expectations.
It closes on a single question for the board: not whether the organisation will deploy AI agents, but whether it will govern them before they govern it.
The full assessment
The full 22-page assessment is proprietary to Linacre Capital Partners and is made available to clients. For access, or to discuss its application to your organisation, contact Bill Lewis — bill@linacre.net.
Visit Linacre Capital.
The question is not whether you will deploy AI agents. It is whether you will govern them before they govern you.