Microsoft is making the missing layer in AI agents visible
On June 9, KPMG and Microsoft announced that KPMG will use Microsoft Agent 365 to manage, monitor, and secure AI agents across its organization. This is not just product news. It is a signal that enterprise AI is maturing: once agents move into operations, they need to become governable.
The interesting shift is not “more agents”. It is the recognition that agents cannot be scaled safely if nobody knows which agents exist, what they can access, which actions they may prepare, and who remains accountable.
From chatbot to operational system
Many organizations are still in the first phase: pilots, internal assistants, isolated Copilot workflows, and small automations per team. Useful, sometimes. But it also creates a new form of shadow IT. An agent is not just a text interface. An agent can retrieve information, interpret files, prepare decisions, enrich tickets, or move data toward another system.
Once that happens, the question changes. Not: “can the model do this?” But: “is this system allowed to do this, with this context, for this user, in this process?”
Governance is not the brake. It is the condition for scale
The weak pattern is treating governance as end-of-project compliance. Build first, add policy later. That does not hold for AI agents. Without governance you do not know which context is being used, which source is authoritative, where human approval is required, or how to explain what happened afterwards.
That is why the Microsoft/KPMG announcement matters: the market is starting to treat agents as operational assets that need management. Not toys in a lab. That is the shift required to move from AI experiments to AI-native operations.
Where it breaks in practice
The weak spots are usually concrete:
- No inventory: teams do not know which agents already exist or which tools are being used.
- Overbroad access: agents can see more documents, inboxes, or systems than they need.
- Unclear action boundaries: the line between preparing, recommending, and executing is not designed hard enough.
- No audit trail: it is difficult to trace which source, prompt, user, or workflow produced an output.
- No ownership: nobody owns quality, escalation, monitoring, and lifecycle management.
These are not abstract AI risks. They are ordinary operational risks, now attached to systems that connect language, data, and workflows.
The layer companies need
A production-grade agent needs more than a strong model. It needs reliable context, clear reasoning tasks, and safe integration with real actions. In plain language: AI must be able to find the right information, prepare a task reliably, and then connect to the process within explicit boundaries.
That means respecting permissions, preserving source references where needed, adding human-in-the-loop for risky steps, applying least privilege to integrations, and designing what an agent must never do autonomously.
What management should ask now
If you want to use AI agents seriously, do not start with the fastest-growing tool. Start with these questions:
- Which processes actually deserve an agent because they contain repetition, context switching, or handovers?
- Which data and documents are authoritative, and how do we protect permissions and version reliability?
- Where may AI only prepare work, and where may it prepare actions after human approval?
- Who owns quality, monitoring, escalation, and retirement?
- How do we prevent every department from building its own invisible agent landscape?
The companies that put this in order now will move faster than companies that wait until governance becomes an incident response.
Laava’s point
The next phase of enterprise AI will not be won by the most demos. It will be won by organizations that place AI inside operations with control: solid context, clear action boundaries, safe integrations, and measurable quality.
That is less spectacular than a prompt demo. It is also where the value is.
Sources
Forbes: Microsoft Makes Governance The Gate For Enterprise AI Agents