Writing · AI Governance · March 2026
Most boards still talk about AI as if it arrives through a clear, visible decision. Someone proposes a project. IT reviews it. Security checks it. Legal looks at the contract. The executive team discusses it. The board gets sight of it if it is big enough.
That is no longer the full picture.
A new kind of software is starting to appear inside the systems companies already use and trust. These tools do more than answer questions. They can read information, make recommendations, trigger actions, and in some cases act on their own. These are AI agents.
The deeper vulnerability is that agents may enter, expand, or be enabled below board level without ever being surfaced to the board as a distinct governance issue. That is what makes them insidious: they can create real business risk before the board fully understands they are there. This is not just a technology risk. It is a fundamental business risk that requires board-level awareness and governance.
And there is an even sharper point. Agents do not always arrive because the customer asked for them. Vendors can now ship agent functionality inside software suites the company already licenses and trusts, often without any fresh, explicit approval moment from the customer each time that functionality appears. Some agents may be visible from the start. Others may sit inside a wider software release, waiting to be enabled, connected to data, or given permission to act. Some may already be active inside the company’s technology stack while only IT, or perhaps only part of IT, is fully aware of them.
And the threat does not care how it entered. If an agent can read sensitive data, influence decisions, trigger actions, move information between systems, or act autonomously, then it creates risk. If no one can clearly say where the agents are, what they are allowed to do, and who is controlling them, then the organisation is vulnerable.
That is not an IT detail. It is not a side issue for innovation teams. It is not something that can be left to product managers and administrators alone. It is a board-level business risk.
Why? Because when something goes wrong, the accountability does not sit abstractly with “the technology”. It sits with the enterprise. With the company that allowed the agent into its environment. With the leadership team that failed to see it clearly. With the board that did not insist on governance equal to the risk.
Agents are no longer confined to a few experiments run by specialist teams. They are starting to spread through large organisations through the normal software stack: enterprise suites, cloud platforms, partner ecosystems, admin settings, and easy-to-use build tools.
That is why the board conversation needs to change. The conversation is not: Do we have an AI strategy? But: Where are the agents? What can they do? Who controls them? Those are now the serious questions. Because if the board cannot get clear answers, then it is not governing the risk. It is guessing.
And that is a dangerous position when agents can already sit inside customer service, finance, workflow systems, cloud platforms, HR processes, and regulated environments.
First: where are the agents? Which systems already contain them? Which teams are using them? Which partners have introduced them? Which ones are sanctioned, and which ones are not?
Second: what can they do? Can they only draft text? Or can they read sensitive data, make recommendations, trigger workflows, move information between systems, or act autonomously?
Third: who controls them? Who approved them? Who gave them access? Who set the rules? Who checks the logs? Who is accountable if they make a bad decision, mishandle sensitive information, or expose the business?
If those answers are unclear, the business is more exposed than it thinks.
The danger is not some dramatic science-fiction scenario. The danger is something much simpler: agents are becoming easier to introduce into the business than they are to see, understand and control. That is how real enterprise risk builds. Quietly. Inside trusted systems. Below board level. Before the board has fully caught up.
So the right question now is not whether AI matters. It is whether the company can see, understand and control the agents that are already starting to appear inside its business. If it cannot, then the next AI risk may not be coming. It may already be there.
Where this appeared
This piece was published in board and compliance registers in Board Agenda and Corporate Compliance Insights. Bill Lewis is Founding Partner of Linacre Capital Partners. He provides independent counsel to Chairs, CEOs and Founders on their highest-stakes decisions, on the AI now operating inside their businesses, and on major programmes that are starting to tilt — bill@linacre.net.
Visit Linacre Capital.