Dynamic Risk and Control Frameworks for Agentic AI

Agentic AI is no longer theoretical. These systems can initiate transactions, modify workflows, escalate issues, and interact with customers — sometimes without real-time human approval.

That is not simply a technology evolution. It is a governance inflection point.

The conversation we hear most often is whether we need entirely new risk frameworks to manage this shift.

Our view is more measured.

We do not need to abandon operational risk frameworks, processes, and routines. We need to modernize them to respond to ever-evolving risks.

What Still Works

Financial services already have mature operational risk frameworks in place:

• Risk appetite frameworks

• Three lines of defense

• RCSA

• Scenario analysis

• Issue management

• Operational resilience programs

These foundations remain highly relevant.

Agentic AI does not create a new category of risk. It is a cross-cutting risk and amplifies existing ones — operational, model, technology, conduct, third-party.

What Must Evolve

Where modernization is required:

From static assessment → to dynamic risk assessments
Even periodic trigger based RCSAs are insufficient when systems act autonomously.

From control testing → to behavioral containment
We must validate decision boundaries, not just rule execution.

From IT governance → to autonomy governance
Delegation of authority must be explicit, articulated, and continuously supervised.

From model accuracy → to accountability clarity
When systems act, ownership must be unambiguous.

The Real Shift

Traditional operational risk focused on process failure. Agentic AI forces us to govern delegated authority at scale. That is a higher bar — but it is not a new discipline.

The institutions that will scale AI responsibly will not discard their frameworks.
They will apply them with greater rigor.

Innovation and governance are not opposing forces. In the age of autonomy, they are inseparable.