Enterprises are expanding the deployment of AI-powered workflow agents in finance, HR, IT, and customer operations, yet adoption is slowed by governance challenges. This month, vendors such as Anthropic and ServiceNow introduced new orchestration platforms to address the need for visibility and control amid heightened regulatory scrutiny and requirements for return on investment (ROI). Organizations are also adopting approaches like policy-as-code to ensure auditability, enforce chain-of-responsibility, and establish trustworthy automation.

Background

AI agents-autonomous systems that perform multi-step tasks-are moving from pilot implementations to core enterprise workflows, including approval routing and customer service delegation. Analysts report that up to 95% of AI initiatives fail to deliver value, often due to inadequate governance, integration barriers, and unclear ROI.[1] Enterprises are adapting to regulatory changes such as the EU AI Act, which mandates compliance documentation, governance, and audit capabilities for high-risk automated systems.[2]

Details

Anthropic recently released ten workflow plugins targeting sectors such as investment banking, wealth management, and HR. These plugins position Claude as a platform layer interfacing with orchestration tools that monitor agent activity, supporting enterprise demands for transparency in agent actions, controlled data access, and the prevention of unauthorized deviation.[3] ServiceNow launched its AI Platform, designed as a central "control tower" to manage thousands of agents, aiming to address governance as a primary obstacle to scalability.[3]

Kyndryl introduced a policy-as-code capability that translates organizational policies and regulations into machine-readable instructions. This ensures AI agents operate strictly within defined parameters: "If it's in the code, the AI agent must execute. And if an instruction is not in the code, the AI agent cannot see or act upon it," said Patrick Gormley, Kyndryl's global data science and AI consult lead.[4]

Research-driven governance architectures are also advancing. Systems such as MAPL employ cryptographic attestations and dynamic policy enforcement across prompts, data sources, tools, and workflows, delivering deterministic security in agent-based operations.[5] POLARIS and similar frameworks incorporate typed planning, policy enforcement, and audit-grade execution in back-office agents, demonstrating precise, traceable execution paths.[6]

Outlook

To balance ROI objectives and trust, enterprises are focusing on integrating governance into orchestration platforms and policy frameworks. Scaling initiatives are prioritizing real-time audit trails, human-in-the-loop validation checkpoints, and compliance alignment. Leadership is expected to play a central role in building oversight structures, enabling the transition from experimentation to enterprise-wide deployment.