Trust must be built into runtime
Enterprise conversations are shifting: trust and governance are no longer just compliance checkboxes but runtime infrastructure that must be designed into agentic systems. Insurance-focused analyses warn that when both sides of a workflow are partly automated the failure modes multiply, driving demand for audit trails, policy enforcement and clear exclusion/coverage mapping. Regulators are likewise moving from model rules to procedural safeguards, so orchestration that embeds approvals, logging and identity will matter for liability and procurement. ( ).
The new fight inside big companies is no longer “should we use artificial intelligence.” It is “what happens when one software agent approves, edits, buys, or denies something after talking to another software agent with no human in the middle.” (canadianunderwriter.ca) That question moved from theory to insurance this week, where speakers at the Insurance Bureau of Canada’s 2026 Insight Summit warned that brokers may need to keep auditing where machine-generated data came from and whether it stayed intact as agentic systems spread through property and casualty workflows. (insuranceinstitute.ca) The problem is simple: one automated step can be checked after the fact, but two automated parties talking to each other create a chain of decisions, handoffs, and assumptions that is much harder to reconstruct. Insurance people care because claims fights often turn on a timeline, a log, and a record of who did what. (canadianunderwriter.ca) Lawyers are seeing the same shift from the other side. A Jones Day analysis published on April 7 said many traditional policies may still respond to artificial intelligence losses, but insurers are also starting to add artificial-intelligence-specific exclusions that narrow what gets paid. (lexology.com, jonesday.com) That means the technical design now affects the legal argument. If a company cannot show which agent accessed which system, under whose identity, with what approval, and under what policy, it gets harder to argue that a loss fits neatly inside cyber, errors and omissions, directors and officers, or crime coverage. (lexology.com, jdsupra.com) Regulators are moving in the same direction. The European Union’s Artificial Intelligence Act already requires record-keeping, human oversight, technical documentation, and automatically generated logs for high-risk systems, and the current implementation phase is adding procedure rules around how those safeguards work in practice. (dig.watch, dig.watch) On April 8, Digital Watch reported that a European Commission consultation on draft procedure rules had just closed, with the draft focused on model access and procedural safeguards rather than flashy new model limits. The center of gravity is shifting from “what the model is” to “how the system is run.” (dig.watch) That is why “governance” is starting to look less like a policy binder and more like plumbing. Microsoft’s guidance for enterprise agents says organizations need concrete controls for what data agents can use, where they can operate, how long they retain information, and what observability tools record their behavior. (learn.microsoft.com) The same idea is showing up in products and open-source tools. Microsoft’s Agent Governance Toolkit describes itself as infrastructure that sits between an agent framework and the actions an agent takes, enforcing policy, identity checks, sandboxing, and runtime reliability controls. (github.com) So the buying question for enterprise artificial intelligence is changing. Instead of asking only whether a model is smart, security teams, procurement teams, and insurers are asking whether the runtime can produce approvals, logs, identities, and policy evidence after something goes wrong on a Tuesday at 2:17 p.m. (github.com, canadianunderwriter.ca, lexology.com)
