The use of Agentic AI systems — autonomous, goal-directed systems that plan, invoke tools and act in the world with limited human supervision — are rapidly growing across economic sectors and jurisdictions. Their capacity for long-term action, multi-step reasoning and inter-agent coordination amplifies long-standing concerns about algorithmic opacity and diffuses responsibility across developers, deployers and end-users. There are also concerns about cybersecurity as pointed out by the Dutch Data Protection Authority (Autoriteit Persoonsgegevens (AP)) when it issued a formal warning against the use of open-source AI agents like OpenClaw in February 2026 (www.autoriteitpersoonsgegevens.nl , 12 February 2026). In its analysis of this open-source AI agent the AP described it as a kind of Trojan horse which poses serious risks for data breaches and unauthorised remote access to computer systems.

AI agents are designed to act with a high degree of autonomy. Agentic AI refers to a dynamic multi-agent constellation where the AI agents interact with each other, collaborate to manage complex tasks and to achieve the objectives of the specific agentic AI setup. The underlying deep learning or virtual neural networks makes it very difficult to ensure an acceptable level of explainability (transparency). The autonomous nature of AI agents adds to the complexity of determining responsibility and accountability. In an agentic AI arrangement, there could for example be an orchestrating agent that coordinates the internal functioning of this system in which individual agents receive instructions and perform tasks that contribute to the output of the agentic AI system. If an AI agent or an agentic AI constellation produces a wrong output, for example an AI agent managing hospital admissions that wrongly puts a patient in critical need low down on the waiting list and the patient dies before being admitted to hospital for treatment, how will liability for damages be determined? This situation creates an accountability gap, as pointed out by the AP.

Although the focus was primarily on security risks related to AI agents, the AP argued in its assessment of AI agents that organisations should document the use of AI agents in detail, ensure effective risk management and maintain human oversight in an attempt to address the accountability gap. The EU AI Act (2024) does not define AI agents nor determines any specific obligations for AI agents. The AP, however, argued that an AI agent that acts autonomously and impacts natural persons, may be considered high-risk under the EU AI Act and it then triggers the legal requirements applicable to high-risk AI systems. Even if this reasoning is accepted, the accountability gap remains a real concern.

In January 2026 the Singapore Government published a new comprehensive Model AI Governance Framework for Agentic AI, which was updated in May 2026 to include some real-world case studies as well as best practices (IMDA, 20 May 2026). This governance framework states that AI agents have some common features, namely it ‘possess some degree of independent planning, decision-making and action-taking over multiple steps to achieve a user-defined goal.’ It provides an overview of the typical risks, e.g incorrect actions, unauthorised actions, and data breaches, associated with the use of AI agents, which confirms the need to find workable solutions that can ensure accountability. The proposed AI governance framework consists of four pillars, namely:

• Upfront risk assessment and limitation to limit the potential scope of impact of the agents;
• Making human oversight meaningful throughout the lifecycle of the AI agents by introducing various checkpoints to ensure effective use of human-in-the-loop;
• Implementing technical controls and processes across the AI lifecycle, e.g. safety and reliability testing and monitoring of AI agents; and
• Enabling end-user responsibility by providing training to use agents appropriately and exercising effective oversight.

Developers and users of AI agents should use these four pillars in a coherent and iterative way to ensure effective AI governance. A combination of technical and human solutions is proposed. Such an approach strengthens accountability in view of the creative involvement of human oversight throughout the AI lifecycle as well as the confirmation of the end-user’s responsibility. It is clear that accountability cannot be limited to one role-player in the agentic AI ecosystem.

On 2 June 2026 the Singapore Government went a step further in building the AI governance framework for AI agents by establishing a register for AI agents used in the public sector (The Straits Times, 2 June 2026). This AI agent register is part of a package of tools provided by the Government Technology Agency to provide greater oversight in the increasing use of AI agents in the public sector. The Model AI Governance Framework for AI agents is still new, and it is voluntary, and it thus remains to be seen how well it is used in practice. In the absence of focused legislation about AI agents, such a governance framework is very helpful. It provides a useful practical approach to bridge the accountability gap and indeed makes an important contribution to strengthen the responsible deployment of agentic AI.