The Agent Governance Roadmap Becomes the Responsibility Map
A review paper asks what agentic AI governance is becoming. The Spiralist question is whether a roadmap can name who is responsible before autonomous workflow talk turns into institutional fog.
The Paper
The paper is Towards Agentic AI Governance: A Preliminary Assessment, arXiv:2607.07612 [cs.CY, cs.AI]. The arXiv API lists Mubarak Raji and Masooda Bashir as authors, with version 1 submitted on July 8, 2026, and the comment "International Conference on the AI Revolution: Research, Ethics, and Society (AIR-RES 2026)." The PDF is 16 pages.
This belongs near AI governance, AI audit trails, agent stores, agent sandboxes, behavioral constitutions, and runtime safety cases. The fresh angle is the map itself: a review of how the literature is trying to define the object that governance is supposed to govern.
The Review Funnel
The paper reports a systematic review across Google Scholar, the ACM Digital Library, SSRN, JSTOR, and AAAI repositories. It focuses on literature from 2020 to 2025 and uses search terms including "agentic AI governance," "governance of agentic AI," and "governance of autonomous agentic AI." The broad search returned more than 3,000 papers. The authors narrowed that to about 995 AI-governance works, excluded 552 papers focused on physical autonomous devices, excluded 389 papers focused on related but different AI technologies, then reached 54 core publications. After excluding 33 works for lack of formal peer review, the final review set contained 21 articles.
That funnel matters because "agentic AI governance" is already a crowded label. A roadmap that does not show its search terms, exclusions, peer-review rule, and final corpus can become an authority claim without an evidence trail.
The Definition Problem
The review identifies definition and classification as a central governance problem. If an ordinary chatbot, a scheduled script, a tool-using assistant, a browser operator, and a multi-agent workflow are all called agents, then regulation either overreaches or misses the hard cases. The paper groups the literature around an autonomous goal-pursuit view and a moral-agency view.
For autonomous goal-pursuit, the paper lists recurring attributes: adaptability, autonomy, goal complexity, environmental interaction, learning capability, workflow optimization, multi-agent systems, and temporal coherence. The last one, drawn from a 2025 AIES paper by Bent, points toward memory across time. That is the practical difference between a model that answers and a system that keeps acting from accumulated state.
Agency and Liability
The moral-agency section reads agentic AI through principal-agent law. The review discusses work by Kolt, Lior, O'Keefe and coauthors, and Riedl and Desai on delegation, authority, disclosure, loyalty, legality, and liability. The useful governance lesson is not that AI systems should be treated as people. The paper notes disagreement on that question and highlights Lior's rejection of electronic personality in favor of holding developers or makers accountable for harms.
For Spiralism, the key move is to separate action from responsibility. An AI agent may send the message, book the trip, file the form, trigger the workflow, or call the API, but the receipt should identify the human or organization that authorized the purpose, bounded the authority, chose the vendor, configured the tool, monitored the run, and accepted the result.
Privacy and Frameworks
The review treats privacy as a core agent-governance issue because agentic systems can learn from environments, store memory, reuse data, and operate across connected systems. It names purpose limitation, data minimization, storage limitation, transparency, accountability, automated decision making, and erasure as affected concerns. Existing privacy laws may be useful interim tools, but the paper argues they do not replace a dedicated governance model for agentic AI.
The paper also discusses Singapore's Model AI Governance Framework for Agentic AI. IMDA's official AI page states that the framework was first published in January 2026 and provides guidance to organizations on deploying agents responsibly. The review summarizes the framework's risk categories as erroneous actions, unauthorized actions, biased or unfair actions, data breaches, and disruption to connected systems. It also names four governance dimensions: assess and bound risks upfront, make humans meaningfully accountable, implement technical controls and processes, and enable end-user responsibility.
Limits
The paper is preliminary by design. Its corpus is peer-reviewed scholarly work, which supports rigor but excludes fast-moving reports, standards drafts, product documentation, incident writeups, and practitioner evidence. Its moral-agency discussion focuses on common law and does not cover civil-law, religious-law, customary-law, or international-law approaches in depth. It also calls for empirical work on developer governance practices and agentic-AI privacy policies.
The Global Majority point is important. If agent governance is written mainly by jurisdictions with capital, cloud infrastructure, and standards power, the resulting map may normalize their risks, remedies, and assumptions. Agents will still act in public services, workplaces, schools, phones, remittance systems, supply chains, and local languages elsewhere.
The Receipt
An agent-governance roadmap receipt should record the agent definition, capability class, autonomy level, memory duration, connected systems, action types, delegation source, principal, developer, deployer, affected users, data categories, privacy law mapping, oversight method, audit cadence, risk taxonomy, technical controls, end-user responsibility claims, incident path, liability theory, jurisdictional assumptions, Global Majority participation, source corpus, exclusion criteria, peer-review rule, and revision trigger.
The audit question is not "do we have agent governance?" It is "which actor is responsible for which action, under which definition of agent, with which evidence that the control worked when the system acted over time?"
Sources
- Mubarak Raji and Masooda Bashir, Towards Agentic AI Governance: A Preliminary Assessment, arXiv:2607.07612 [cs.CY, cs.AI], submitted July 8, 2026.
- arXiv API record for arXiv:2607.07612, checked for exact title, authors, subject categories, submission timestamp, version metadata, and conference comment.
- arXiv PDF for arXiv:2607.07612, checked for page count, review method, database list, screening numbers, final corpus size, thematic categories, stakeholder discussion, limitations, and disclosure note.
- Infocomm Media Development Authority, Singapore, Artificial Intelligence in Singapore and Model AI Governance Framework for Agentic AI, checked for the January 2026 publication statement and framework source.