Last week I was at the IDC CIO Summit in Zurich. The conversations were open. Senior technology leaders from Swiss and global companies, many with operations across multiple continents, shared the same frustration: agentic AI looks impressive in demos and controlled pilots, but it is not moving into production at scale. Not here.
Two reasons came up repeatedly. First, there is a trust gap. Not a technology gap. The models work. The platforms exist. But organizations, especially Swiss ones, remain cautious about letting AI act rather than advise. Second, there is an accountability void. When an AI agent makes a decision and executes it autonomously, nobody is quite sure who owns that outcome and its consequences. Not legally. Not operationally. Not culturally.
These are not abstract concerns, as after researching further, I discovered that a Deloitte poll published in July 2025 found that trust in agentic AI to support workflows, including the underlying data and programming of AI agents, emerged as the leading barrier to tool use at 21.3%, while just 13.5% of organizations said they were already using agentic AI. The Swiss context makes this even more acute. In a market defined by regulatory precision, reputational caution, and a strong preference for measurable outcomes before commitment, “it worked in the pilot” is not enough.
Gartner‘s 2026 Hype Cycle for Agentic AI confirms the picture: rising enterprise concern about accountability, control, and economic sustainability is visible early in the adoption cycle, and the mechanisms required to manage risk, trust, and cost are still maturing.
So, what should you do as a CIO? The answer is not to wait for the technology to mature further or for regulators to hand you a rulebook. The answer is to build a structured readiness framework now and run your organization through it before you think about scaling another agent pilot.
Start with an Honest Risk Assessment
Before you approve any agentic AI deployment that moves beyond a controlled pilot, you need to answer six questions. These are not theoretical. They should be asked in a room with your legal counsel, risk officer, and the business owner who will own the process.
- What decisions can this agent make, and what are the financial and operational boundaries of those decisions?
- Can we explain what the agent did and why, after the fact? Will that explanation hold up in a regulatory review?
- Who is named as accountable if the agent causes a downstream error? Is that accountability documented?
- What happens when the agent encounters a situation outside its training scope? Is there an escalation path, or does it default to action?
- Do we have audit logs that capture every agent action in a format we can actually query?
- Does the scope of this agent cross jurisdictions, data classifications, or third-party systems in ways we have not fully mapped?
If you cannot answer all six clearly, the deployment is not ready. That is not a failure of ambition. It is a governance gap that needs to close before you go live.
The Warning Signs to Watch For
Some organizations are moving forward with agentic AI deployments without addressing the core issues. The signs are visible if you know what to look for.
You are moving too fast if business units are deploying agents through vendor platforms without IT or legal sign-off. You are moving too fast if the agent’s decision logic is opaque and no one on the technical team can explain it in plain language to a non-technical executive. You are moving too fast if “the vendor is responsible” is the answer to who owns accountability.
Vendors own the platform. You own the outcome.
Watch also for diffuse ownership. When AI becomes fragile because it belongs to everyone and no one, a strong enterprise AI strategy needs an operating model that defines ownership across product, platform, and governance, because when an AI output fails, the key question is who owns the fix, the communication, and the evidence trail.
A Practical Autonomy-Accountability Framework
The most useful mental model I have found is what Singapore’s IMDA formalized in January 2026. Their Model AI Governance Framework for agentic AI introduces a five-tier graduated autonomy taxonomy ranging from “tool-assisted” at Level 0 to “fully autonomous” at Level 4, with governance requirements increasing at each level, plus an operator-deployer responsibility framework that clearly allocates liability between the entity that builds an AI agent platform and the entity that deploys it in a specific context as indicated by Prof. Hung-Yi Chen.
You do not need to adopt this framework one to one. But the underlying logic is sound and directly applicable in your organization today.
Map every active or planned agent to one of five levels:
- Level 0: AI suggests, human decides and executes
- Level 1: AI executes routine, pre-approved actions within fixed parameters
- Level 2: AI takes multi-step actions with periodic human checkpoints
- Level 3: AI operates autonomously with exception-based alerts to humans
- Level 4: Fully autonomous, self-learning, self-correcting action
For each level above 1, you need a named accountable owner, a defined decision boundary, a real-time audit trail, and a tested escalation path. IDC research indicates that the organizations succeeding with agentic AI share a common mindset: they see governance and growth as inseparable, and their design uses decision thresholds or hard-coded events that trigger human interventions before outcomes cross defined boundaries.
If you cannot assign a named human owner to a Level 3 or Level 4 agent, it should not be at Level 3 or 4 yet. Move it down.
Building Your Simplification Roadmap
The goal here is not to create a governance bureaucracy. It is to build trust fast enough that your business does not lose competitive ground while you wait for perfect conditions.
Step 1: Inventory. List every AI agent running or in active pilot across the organization. Include shadow deployments. Business units running agents through vendor portals without central oversight are a liability, not an asset. Get the big picture.
Step 2: Classify by autonomy level . Use the five-level model above. For each agent, note the autonomy level, the data it touches, the decisions it makes, and whether it crosses regulatory boundaries. A procurement agent operating at Level 2 inside a Swiss entity is a very different risk profile from a customer-facing agent operating at Level 3 across EU jurisdictions where the EU AI Act’s high-risk obligations become fully applicable in August 2026.
Step 3: Assign ownership and accountability. Every agent at Level 2 and above needs a named business owner and a named technical owner. Not a team. A person. Document this formally. This is the single most important step, and most organizations skip it.
Step 4: Build your audit and escalation infrastructure. Every agent action at Level 2 and above should write to a log. Define what triggers an escalation, and test it. Real-time monitoring, automated guardrails, and defined escalation paths when systems deviate from expected behavior are no longer optional features but governance requirements, and documentation gaps themselves may constitute regulatory violations.
Step 5: Run a trust audit with the business. Bring the business owners of each deployed agent into a structured review. Ask them whether they understand what the agent does, whether they trust the outputs, and whether they would be comfortable defending a decision the agent made to their board or to a regulator. The answers will tell you where to invest next.
Step 6: Scale what passes, pause what does not. Agents that clear the trust audit with clean ownership, clean logs, and clear escalation paths are ready to expand. Agents that do not meet the requirements should be held at their current autonomy level until the gaps are closed.
On the Broader Picture
Trust is not a feature you add to an AI agent after deployment. It is a property of the system and the governance around it. The organizations I see getting this right are not necessarily the most technically advanced. They are the ones that treat agentic AI accountability the same way they treat financial accountability: with named owners, documented decisions, and clear lines of responsibility.
This connects to something I wrote about recently regarding IT resilience. In my article on why IT operations must become a resilience engine, I argued that keeping systems running is no longer enough; modern IT must protect business continuity under pressure. Agentic AI is the next version of that same challenge. The question is not whether the agent can execute. The question is whether your organization can absorb, explain, and recover from what it executes.
As VentureBeat noted, one of the most common pitfalls in enterprise AI adoption is the gap between promising pilots and at-scale results, and agentic AI cannot afford to fall into this trap.
The CIOs at the IDC Summit were not resistant to agentic AI. They were asking the right questions. Now the job is to answer them with a framework, not just a vision.
If the tension between AI autonomy and accountability is something you are navigating in your organization, these are questions I explore in depth in Life in the Digital Bubble, alongside broader perspectives on how technology is reshaping trust, decisions, and responsibility at both an organizational and human level. If you are working through an agentic AI strategy and want a structured conversation, let’s talk. More perspectives on AI leadership and digital transformation are across the Insights section of this site.