When AI takes the controls

Enterprises are moving into a more consequential phase of artificial intelligence adoption, one in which software no longer just drafts, suggests or summarises but can carry out multi-step work across finance, customer service, coding, procurement and compliance. That shift is forcing boards, risk teams and technology leaders to rethink an assumption that has shaped enterprise software for decades: if a human still presses the final button, responsibility is easy to locate. Once AI systems begin executing tasks with limited supervision, accountability becomes harder to pin down and far more important to design in from the start.

The change is being driven by both capability and pressure. Microsoft’s 2025 Work Trend Index found that 82% of leaders saw that year as a pivotal moment to rethink strategy and operations, while enterprise AI use was spreading from isolated experiments into repeatable, multi-step workflows. OpenAI said in late 2025 that workplace adoption had accelerated sharply and that organisations were moving beyond experimentation towards operational use. Deloitte’s 2026 enterprise research points in the same direction, with autonomous agents being tested or deployed across customer support, cybersecurity, knowledge work, research and supply chains.

That evolution changes the risk profile. A chatbot that drafts an email can usually be corrected by an employee before anything happens. An agent that has access to internal systems, customer records, payment rails or code repositories can make or trigger decisions at speed, at scale and sometimes with only patchy visibility for managers. Reuters has noted that risks increase as agents gain autonomy and wider access to tools and data, including misalignment, data leakage and amplified operational harm. The World Economic Forum has also warned that organisations need proportionate governance for agentic systems because the combination of autonomy, unpredictability and context creates a different class of control problem from earlier AI tools.

Traceability is becoming the core issue. Enterprises now need records that show what an AI system was asked to do, what data and tools it accessed, what intermediate steps it took, what model or version was used, what confidence thresholds were applied and where a human intervened or failed to intervene. Without that chain, it becomes difficult to investigate errors, assign responsibility, satisfy regulators or defend decisions to customers and shareholders. NIST’s generative AI profile, ISO/IEC 42001 and the OECD’s due-diligence guidance all point in the same direction: trustworthy AI depends not just on model performance but on documented governance, monitoring, accountability and continuous review.

Regulation is also catching up. The European Union has kept the AI Act on its legal timetable, rejecting calls for a pause, with high-risk obligations due to apply from August 2026. That matters beyond Europe because multinational companies rarely build separate governance structures for each jurisdiction when the same systems run across global operations. Firms that have treated AI governance as a policy deck rather than an operating discipline are now running into a harder reality: they will need auditable controls, role clarity and evidence that oversight is real rather than symbolic.

The market is already showing signs of strain between ambition and preparedness. Gartner said last year that more than 40% of agentic AI projects would be scrapped by the end of 2027 because of rising costs and unclear value, while a Grant Thornton survey reported by Axios this month found that around 80% of senior executives believed their companies would fail an AI-governance audit. Those figures suggest the problem is no longer whether enterprises can launch pilots, but whether they can make autonomous systems reliable, governable and economically defensible.

For professional and technology services firms, the shift is just as disruptive. Clients are no longer paying only for advice, headcount and implementation hours; they increasingly want measurable outcomes, faster deployment and shared responsibility for how AI behaves in production. Thomson Reuters’ 2026 professional services report says firms are moving from internal AI use towards client-facing work and fuller workflow automation. Accenture’s earnings in March showed strong demand for AI-related work, while Reuters reported in February that field deployment engineers and similar embedded roles had become one of the hottest jobs in the sector because the real bottleneck is making AI function in the messy conditions of live operations.

That points to a broader rewrite of the services model. The winning firms are likely to be those that can combine engineering, domain expertise, governance design and operational accountability rather than simply sell licences or advisory hours. Some will become long-term partners managing agent performance, audit trails and incident response. Others may find that traditional consulting economics are weakened when clients expect automation to reduce billable labour rather than expand it. Reuters Breakingviews has already argued that AI poses a structural challenge to large consultancies, especially if clients start valuing execution and accountability over manpower-heavy project work.