As digital agents gain the ability to access bank accounts, manage supply chains, and interact with customers, guardrails need to be put in place to ensure safety, compliance, and ethical alignment.
Agentic AI focuses on the ability to complete a goal with minimal human intervention. While productive, unconstrained agents pose significant risks, including unpredictable behaviour, security vulnerabilities, and hallucinated actions.
Dr Mike Banbrook, CEO of Convai, comments, “AI should have the autonomy to decide how to ask a question – adapting to a customer’s tone or context – but it should never have autonomy over the answer it provides.
Whether it’s a product detail or a refund decision, the output must be 100% governed. Because LLMs are probabilistic, hallucinations aren’t just a risk; they are a statistical certainty over time. To solve this, we replace the ‘Human-in-the-Loop’ with a ‘Logic-in-the-Loop’, a deterministic set of rules that verify every outcome before it reaches the customer. If the AI can’t verify the fact, it doesn’t state it.”
Governed Agents solve this by integrating a layer of oversight directly into the agent’s architecture. This ensures that every decision made by the AI remains within the predefined legal, ethical, and operational boundaries of an organisation.
Maintaining the guardrails, however, is a deeply complex technical and operational challenge. A number of critical friction points exist that make setting and forgetting guardrails impossible
- The semantic escape – Traditional software uses rigid code, but agentic AI uses natural language. This creates a semantic vulnerability where an agent can be talked into bypassing its own rules.
- Multi-agent cascading failures – When multiple specialised agents work together, the complexity of governance scales exponentially.
- Identity and privilege management – Traditional identity and access management is designed for humans, not for non-human identities that act at machine speed.
Useful memory vs. privacy
Achieving hyper-personalisation requires a strategic approach to data architecture that prioritises user trust without sacrificing the agent’s ability to provide tailored assistance. Agentic AI designers must distinguish between long-term memory (core user preferences) and ephemeral context (data needed only for a single transaction), ensuring the latter is purged immediately upon task completion.
Dr Banbrook, says” Hyper-personalisation shouldn’t require a permanent digital footprint in the AI’s brain. The line is drawn at training. The architecture must be built so the LLM acts as a processor, not a storage locker. It ‘knows’ the customer for the duration of the mission to provide a seamless experience, but it cannot ‘retain’ that sensitive data.”
Sentiment-driven governance and the human handoff
The boundary between automated assistance and human intervention is defined by specific sentiment triggers designed to protect the brand relationship when AI reaches its emotional or technical limits.
“In a ‘black box’ LLM setup, you’re at the mercy of the AI deciding when it’s failing. We’ve seen that lead to AI ‘looping’ – trying one more time to be helpful when the customer is already boiling over”, observes Dr Banbrook.
He adds,“We use Composite AI to prevent this. While the LLM identifies the sentiment (the frustration), it does not have the authority to decide whether to continue. That decision is hard-coded into deterministic rules. When frustration hits a specific threshold, the ‘safety valve’ triggers an immediate human handoff. We don’t let the AI guess if a customer is unhappy; we program the system to act on it instantly.”
Agents need to be designed to detect high-arousal negative vocabulary and respond with validated empathy statements, avoiding defensive or repetitive loops that exacerbate customer irritation. A critical guardrail is the monitoring of sentiment velocity. If a customer’s frustration score drops below a predefined numerical threshold or fails to improve after two interaction turns, the agent should be mandated to initiate a transition.
Synchronised brand voice via multi- agent orchestration
In the era of multi-agent orchestration, ensuring a consistent brand voice requires the the synchronisation of the linguistic output of specialised agents. When a sales agent and a support agent collaborate on a single customer journey, the primary challenge is preventing tonal whiplash -a disjointed experience where the persona shifts abruptly from persuasive to technical.
Dr Banbrook says, “The industry talks about Multi-Agent Orchestration, but from a customer’s perspective, that often feels like being bounced between departments. We hate that with humans; we’ll hate it more with bots”.
“Our approach isn’t to have a sales agent and a support agent talking to each other. It’s to have one persistent Agent whose behavior and rule-sets evolve as the conversation progresses. By keeping the core identity consistent and simply updating the ‘capabilities’ in real-time, we ensure a seamless brand voice. The tone might shift from empathetic support to proactive sales, but the personality remains grounded in the same brand principles.”
Reskilling for the agent supervision era
The transition to governed agents requires a fundamental shift in the workforce, moving from direct task execution to agent supervision. This evolution requires a new set of competencies centred on AI orchestration, prompt auditing, and the management of human-in-the-loop workflows for when an agent encounters a logic boundary.
Dr Banbrook comments, “The biggest shift isn’t technical; it’s operational. We are moving away from the IT-centric model where Bot updates happen quarterly. The new ‘Agent Supervisor’ is a business stakeholder – someone who understands the customer journey – using no-code tools to tune the AI in near-real-time”.
“Reskilling means teaching CX managers to think like supervisors: monitoring performance, adjusting rules on the fly and closing the gap between a customer’s need and the system’s response to zero. The workflow of the future isn’t ‘fixing code’; it’s ‘refining logic’ to ensure the AI stays within its boundaries while consistently delivering a human experience.”
The transition from generative models to governed agents represents the ‘coming of age’ for artificial intelligence in the enterprise. The goal is no longer to see how much an agent can do in isolation, but how reliably it can perform within a structured ecosystem. The success of thisdepends on a fundamental shift in perspective. Governance is not a peripheral security feature; it is the core infrastructure upon which trust is built.
