The Agentic Enterprise — a readiness field guide Reports Lab Chapters Scorecard Reference
The Agentic Enterprise  ·  Chapter 10
Chapter 10

The Regulatory Perimeter

EU AI Act, US executive orders, sectoral rules — what bites and what doesn't

€35Mor 7% of global turnover
Maximum EU AI Act penalty for prohibited practice violations
Aug 2026
EU AI Act full enforcement date for high-risk AI systems

The regulatory landscape for agentic AI is neither as clear as regulators claim nor as murky as vendors prefer. Several major frameworks are now in effect, more are in enforcement phases that will become material within the next two years, and the sectoral overlays — in financial services, healthcare, critical infrastructure, and defense — add specificity that general AI regulations lack. Understanding the regulatory perimeter is not optional for enterprises deploying agents in consequential domains. The question is not whether regulation applies; it is which regulations apply, with what obligations, on what timeline, and with what penalties for non-compliance.

The EU AI Act

The EU AI Act (Regulation 2024/1689) entered into force on August 1, 2024, making it the world's first comprehensive, binding AI regulation with significant extraterritorial reach. Any enterprise deploying AI systems that affect EU residents — regardless of where the deploying organization is headquartered — is within scope. The regulation's enforcement is phased: prohibited practices (social scoring, subliminal manipulation, real-time remote biometric ID in public spaces) became enforceable in February 2025; high-risk AI obligations (Annex III systems in employment, education, credit, law enforcement, and others) become fully enforceable in August 2026; and General Purpose AI Model obligations were effective from August 2025.

Agentic AI sits awkwardly in the EU AI Act's risk taxonomy. The regulation does not use the term "agentic AI" and was drafted primarily with static AI systems in mind. However, several provisions apply directly to autonomous agents: GPAI models with "autonomous scalability and tool access" are flagged for systemic risk consideration; systems that operate with meaningful autonomy in high-risk domains fall under Annex III obligations regardless of their autonomous character; and the human oversight requirements in Article 14 apply to any high-risk AI system, which agentic deployments in regulated domains will typically be. The EU AI Office has stated that clarification guidance on agentic AI classification will be a priority in 2026.

For enterprises, the practical AI Act obligations for likely high-risk agentic deployments include: a risk management system (Article 9) documenting the agent's operation and residual risks; data governance practices (Article 10) covering the training data and, implicitly, the retrieval data used by RAG systems; technical documentation (Article 11) that can survive a regulatory audit; logging requirements (Article 12) that create a record of the agent's operations; and human oversight mechanisms (Article 14) that are genuinely effective, not merely nominal. The penalties for non-compliance — up to €35 million or 7% of global annual turnover for the most serious violations — are large enough that compliance cannot be treated as optional by any organization of scale.

The US Federal Landscape

The United States federal AI regulatory landscape has been in flux since the Biden administration's Executive Order 14110 on AI was revoked by the Trump administration's Executive Order 14179 in January 2025. EO 14179 takes a markedly different posture: innovation-first, with less emphasis on pre-deployment safety requirements. However, the federal AI governance infrastructure built under EO 14110 — including NIST's AI Risk Management Framework and the sector-specific AI frameworks developed by agencies — has not been dismantled and continues to operate.

The Office of Management and Budget's M-25-21, issued in April 2025, replaced Biden-era M-24-10 and established the current federal AI governance requirements: Chief AI Officers at major agencies, AI impact assessments for high-impact uses, and human oversight for AI decisions that affect individuals' significant rights and interests. M-25-21 is binding only for federal agencies, but it heavily influences the expectations of federal contractors and regulated industries. Enterprises in defense, healthcare (CMS, FDA-regulated devices), financial services (OCC, Federal Reserve), and critical infrastructure should treat federal agency guidance as leading indicators of mandatory requirements for their own sectors.

At the state level, Colorado's AI Act (effective February 2026) established the first US state-level high-risk AI obligations broadly analogous to the EU AI Act's framework. California's AI transparency and safety bills represent a second major jurisdiction with emerging requirements. The patchwork nature of US state AI regulation — and the prospect of a federal preemption debate — creates planning uncertainty that is best addressed by building toward the most demanding applicable standard rather than optimizing for the most permissive.

Sectoral Rules

General AI frameworks set the floor; sectoral rules add the ceiling in specific industries. In financial services, the US banking regulators' revised model risk guidance (OMB-led revision, finalized April 2026) explicitly excludes generative and agentic AI from its scope — not as an exemption but because regulators have signaled they will issue separate, more specific guidance for AI-based decision systems. The OCC has published supervisory letters on AI governance that apply to agents used in credit underwriting, fraud detection, and customer communications. MiFID II and DORA in the EU impose specific requirements for operational resilience and outsourcing that apply to AI systems used in financial services.

In healthcare, the FDA's AI-Enabled Device Software Functions framework (finalized guidance December 2024) applies to AI systems used in clinical decision support and medical devices. Agentic AI deployed in clinical settings — for patient record review, diagnostic support, treatment recommendation — may qualify as a Software as a Medical Device (SaMD) and require pre-market submission. The FDA's Predetermined Change Control Plan requirements, which allow for AI systems that update based on real-world performance without re-submission, are directly relevant to agentic systems whose behavior may evolve over time.

In critical infrastructure — energy, water, transportation, telecommunications — CISA and sector-specific regulators have published AI risk guidance that, while not yet binding for most organizations, signals the direction of mandatory requirements. The EU NIS2 directive, which became effective in October 2024 and is being transposed into member state law through 2025, imposes cybersecurity requirements for AI systems used in essential services that subsume agentic AI deployments in regulated infrastructure.

The Accountability Gap

One of the most persistent regulatory tensions in agentic AI is the accountability gap: the difficulty of assigning clear legal and regulatory responsibility for actions taken by an autonomous system with multiple principals — the model provider, the platform deployer, the enterprise deployer, the end user. The EU AI Act's provider/deployer distinction provides a starting point: the provider (who places the AI system on the market) bears obligations for system design and documentation; the deployer (who deploys it in a specific context) bears obligations for appropriate use and human oversight.

But in an agentic supply chain — where a foundation model is trained by one company, integrated into an orchestration framework by a second, deployed on a cloud platform by a third, fine-tuned by a fourth, and operated by an enterprise — the provider/deployer distinction becomes a complex, contested, and potentially litigation-rich question. Organizations should document their position in the AI supply chain for each agentic deployment, identify which obligations apply to them as providers vs. deployers vs. users, and obtain contractual representations from upstream providers about their compliance with applicable obligations. This is unglamorous legal work, but it is the work that determines who answers when something goes wrong at scale.

Preparing for the Next Regulation

The regulatory landscape for agentic AI is in its early innings. The EU AI Act is the most mature framework, but it is not yet fully enforced. The US federal landscape will evolve as specific AI-related incidents drive regulatory responses. The OECD AI Principles, updated in 2024 to reflect generative and autonomous AI, continue to influence national legislation across forty-two signatory countries. Organizations that build toward the highest common denominator — full EU AI Act compliance, NIST AI RMF alignment, and sector-specific requirements — will spend more upfront but avoid the more expensive retrofits that selective compliance strategies typically require.

The OECD AI Principles provide a useful international convergence reference: their five principles — inclusive growth, human-centred values, transparency, robustness and security, accountability — are reflected in virtually every national AI regulatory framework. Organizations whose governance programs demonstrably embody these principles will find regulatory alignment easier and more credible than those whose compliance is narrowly legalistic.

"The regulators who are writing today's AI rules are largely doing so without having deployed an agent. The rules that emerge from that process will be imperfect. But they will be enforceable. The enterprise that waits for perfect rules before building governance infrastructure will wait forever and comply never."