How to Manage Agentic AI Risks

by Zachary Barlow

February 12, 2026

Yesterday, I wrote about the compliance risks that agentic commerce poses to businesses. However, the risks don’t stop at automated transactions. John has previously highlighted the risks of agentic AI reporting out rather than up and the possibility of AI agent misconduct.  Here are some tips from a recent Steptoe memo on how to manage and mitigate these and other agentic AI risks:

  • “Implementing organization-wide policies and procedures regarding the approved use cases and overall governance of agentic AI, and reinforcing how existing policies and processes (e.g., IT security or privacy) continue to apply to employee conduct.
  • If not done already, consider explicit guidance on proscribing the shadow use of unapproved AI tools to accomplish work tasks, particularly work involving personal, confidential, or proprietary information.
  • Consider providing employees with training on agentic AI tools, resources, and protocols (including protocols such as Model Context Protocol and Agent-to-Agent), so that employees are familiar with the differences between agentic AI and run-of-the-mill generative AI.
  • Launch or refresh an emerging technology risk and controls assessment to identify areas where new processes are needed to maximize capturing the benefits of AI while mitigating downside consequences, particularly in the fields of intellectual property (especially trade secrets), cybersecurity, and privacy.
  • Develop and deploy employee AI literacy training with a focus on Do’s and Don’ts regarding the use of agentic AI and similar capability, including training on the associated liability risks and points of failure.
  • Assess cyber-security processes and protocols to identify and mitigate security risks posted by AI.
  • Deploy AI to manage AI via governance, monitoring, and auditing platforms.”

Agentic AI is the most cutting-edge and dangerous form of AI. However, if offerings improve, it also stands to be the most revolutionary. Companies should study up now and understand agentic AI, its risks, and how to manage them, before implementing these emerging products.