How to keep AI plans intact before agents run amok

In an MIT report released in November, 35% of companies have already adopted agentic AI, and another 44% plan to deploy it soon.

The report, based on a survey of more than 2,000 respondents in collaboration with the Boston Consulting Group, recommends that companies build centralized governance infrastructure before deploying autonomous agents. But governance often lags when companies feel they’re in a race for survival. One exception to this rule is regulated industries, such as financial services.

“At Experian, we’ve been innovating with AI for many years,” says Rodrigo Rodrigues, the company’s global group CTO. “In financial services, the stakes are high. We need to vet every AI use case to ensure that regulatory, ethical, and performance standards are embedded from development to deployment.”

All models are continuously tested, he says, and the company tracks what agents it has, which ones are being adopted, what they’re consuming, what versions are running, and what agents need to be sunset because there’s a new version.

“This lifecycle is part of our foundation,” he says. But even at Experian, it’s too early to discuss the typical lifecycle of an agent, he says.

“When we’re retiring or sunsetting some agent, it’s because of a new capability we’ve developed,” he adds. So it’s not that an agent is deleted as much as it’s updated.

In addition, the company has human oversight in place for its agents, to keep them from going out of control.

“We aren’t in the hyperscaling of automation yet, and we make sure our generative AI agents, in the majority of use cases, are responsible for a very specific task,” he says. On top of that, there are orchestrator agents, input and output quality control, and humans validating the outcome. All these monitoring systems also help the company avoid other potential risks of unwanted leftover agents, like cost overruns due to LLM inference calls by AI agents that don’t do anything useful for the company, but still rack up bills.

“We don’t want the costs to explode,” he says. But financial services, as well as healthcare and other highly regulated industries, are outliers.

For most companies, even when there are governance systems in place, they often have big blind spots. For example, they might focus on only the big, IT-driven agentic AI projects and miss everything else. They might also focus on accuracy, safety, security, and compliance of the AI agents, and miss it when agents become obsolete. Or they might not have a process in place to decommission agents that are no longer needed.

“The stuff is evolving so fast that management is given short shrift,” says Nick Kramer, leader of applied solutions at management consultancy SSA & Company. “Building the new thing is more fun than going back and fixing the old thing.” And there’s a tremendous lack of rigor when it comes to agent lifecycle management.

“And as we’ve experienced these things in the past, inevitably what’s going to happen is you end up with a lot of tech debt,” he adds, “and agentic tech debt is a frightening concept.”

Do you know where your agents are?

First, agentic AI isn’t just the domain of a company’s data science, AI, and IT teams. Nearly every enterprise software vendor is heavily investing in agentic technology, and most enterprise applications will have AI assistants by the end of this year, says Gartner, and 5% already have task-specific autonomous agents, which will rise to 40% in 2026.

Big SaaS platforms like Salesforce certainly have agents. Do-it-yourself automation platforms like Zapier have them, too. In fact, there are already four browsers — Perplexity’s Comet, OpenAI’s Atlas, Google’s Gemini 3, and Microsoft’s Edge for Business — that have agentic functionality built right in. Then there are the agents created within a company but outside of IT. According to an EY survey of nearly 1,000 C-suite leaders released in October, two-thirds of companies allow citizen developers to create agents.

Both internally-developed agents and those from SaaS providers need access to data and systems. The more useful you want the agents to be, the more access they demand, and the more tools they need to have at its disposal. And these agents can act in unexpected and unwanted ways — and are already doing so.

Unlike traditional software, AI agents don’t stay in their lanes. They’re continuously learning and evolving and getting access to more systems. And they don’t want to die, and can take action to keep that from happening.

Even before agents, shadow AI was already becoming a problem. According to a November IBM survey, based on responses from 3,000 office workers, 80% use AI at work but only 22% use only the tools provided by their employers.  

And employees can also create their own agents. According to Netskope’s enterprise traffic analysis data, users are downloading resources from Hugging Face, a popular site for sharing AI tools, in 67% of organizations.

AI agents typically function by making API calls to LLMs, and Netskope sees API calls to OpenAI in 66% of organizations, followed by Anthropic with 13%.

These usage numbers are twice as high as companies are reporting in surveys. That’s the shadow AI agent gap. Staying on top of AI agents is difficult enough when it comes to agents that a company knows about.

“Our biggest fear is the stuff that we don’t know about,” says SSA’s Kramer. He recommends that CIOs try to avoid the temptation of trying to govern AI agents with an iron fist.

“Don’t try to stamp it out with a knee-jerk response of punishment,” he says. “The reason these shadow things happen is there are too many impediments to doing it correctly. Ignorance and bureaucracy are the two biggest reasons these things happen.”

And, as with all shadow IT, there are few good solutions.

“Being able to find these things systematically through your observability software is a challenge,” he says, adding that with other kinds of shadow IT, unsanctioned AI agents can be a significant risk for companies. “We’ve already seen agents being new attack surfaces for hackers.”

But not every expert agrees that enterprises should prioritize agentic lifecycle management ahead of other concerns, such as just getting the agents to work.

“These are incredibly efficient technologies for saving employees time,” says Jim Sullivan, president and CEO at NWN, a technology consultancy. “Most companies are trying to leverage these efficiencies and see where the impact is. That’s probably been the top priority. You want to get to the early deployments and early returns, but it’s still early days to be talking about lifecycle management.”

The important thing right now is to get to the business outcomes, he says, and to ensure agents continue to perform as expected. “If you’re putting the right implementations around these things, you should be fine,” he adds.

It’s too early to tell, though, if his customers are creating a centralized inventory of all AI agents in their environment, or with access to their data. “Our customers are identifying what business outcomes they want to drive,” he says. “They’re setting up the infrastructure to get those deployments, learn fast, and adjust to stay to the right business outcomes.”

That might change in the future, he adds, with some type of agent manager of agents. “There’ll be an agent that’ll be able to be deployed to have that inventory, access, and those recommendations.” But waiting until agents are fully mature before thinking about lifecycle management may be too late.

What’s in a shelf life

AI agents don’t usually come with pre-built expiration dates. SaaS providers certainly don’t want to make it easy for enterprise users to turn off their agents, and individual users creating agents on their own rarely think about lifecycle management. Even IT teams deploying AI agents typically don’t think about the entire lifespan of an AI agent.

“In many cases, people are treating AI as a set it and forget it solution,” says Matt Keating, head of AI security at Booz Allen Hamilton, adding that while setting up the agents is a technical challenge, ongoing risk management is a cross-disciplinary one. “It demands cross-functional collaboration spanning compliance, cybersecurity, legal, and business leadership.”

And agent management shouldn’t just be about changes in performance or evolving business needs. “What’s equally if not more important is knowing when an agent or AI system needs to be replaced,” he says. Doing it right will help protect a company’s business and reputation, and deliver sustainable value.

Another source of zombie agents is failed pilot projects that never officially shut down. “Some pilots never die even though they fail. They just keep going because people keep trying to make them work,” says SSA’s Kramer.

There needs to be a mechanism to end pilots that aren’t working, even if there’s still money left in the budget.

“Failing fast is a lesson that people still haven’t learned,” he says. ” There have to be stage gates that allow you to stop. Kill your pilots that aren’t working and have a more rigorous understanding of what you’re trying to do before you get started.”

Another challenge to sunsetting AI agents is that there’s a temptation to manage by disaster. Agents are retired only when something goes visibly wrong, especially if the problem becomes public. That can leave other agents flying under the radar.

“AI projects don’t fail suddenly but they do decay quietly,” says David Brudenell, executive director at Decidr, an agentic AI vendor.

He recommends enterprises plan ahead and decide on the criteria under which an agent should be either retrained or retired, like, for example, if performance falls below the company’s tolerance for error.

“Every AI project has a half-life,” he says. “Smart teams run scheduled reviews every quarter, just like any other asset audit.” And it’s the business unit that should make the decision when to pull the plug, he adds. “Data and engineering teams support, but the business decides when performance declines,” he says.

The biggest mistake is treating AI as a one-time install. “Many companies have deployed a model and moved on, assuming it will self-sustain,” says Brudenell. “But AI systems accumulate organizational debt the same way old code does.”

Experian is looking at agents from both an inventory and a lifecycle management perspective to ensure they don’t start proliferating beyond control.

“We’re concerned,” says Rodriques. “We learned that from APIs and microservices, and now we have much better governance in place. We don’t just want to create a lot of agents.”

Experian has created an AI agent marketplace so the company has visibility into its agents, and tracks how they’re used. “It gives us all the information we need, including the capability of sunsetting agents we’re not using any more,” he says.

The lifecycle management for AI agents is an outgrowth of the company’s application lifecycle management process.

“An agent is an application,” says Rodrigues. “And for each application at Experian, there’s an owner, and we track that as part of our technology. Everything that becomes obsolete, we sunset. We have regular reviews that are part of the policy we have in place for the lifecycle.”