Opinion · Regulated industries · Agent accountability

When the agent decides, who answers?

Agents are now making customer decisions inside regulated industries.
The accountability layer regulators will hold them to is not yet built.

An Appice Perspective
A Moment to Think

A regulated decision goes wrong. A credit application declined inside a bank. An insurance claim refused. A clinical recommendation that turned out poorly. The investigation begins. The decision was made by an agent. The audit trail says "model," but not which model, on what version, under what override authority, with what reason offered to the customer. The accountability question that follows has no settled answer. The architecture that was meant to produce one has not been built.

The chain that used to exist

For thirty years, the regulated answer to who answers was named, and human. The underwriter signed the loan. The adjuster approved the claim. The physician authorised the procedure. The trader executed the order. The accountability layer was the person whose name was on the decision, supervised by another person whose name was on the policy, audited by a third person whose name was on the regulator's mailing list. The chain was traceable. Each link had a face.

The agent era has either removed the human from that chain, or pushed them upstream into the model the agent runs. Same decision, same regulator, same customer. Different actor. The regulator's question has not changed. The architecture's answer has.

What the regulators have started

In August 2025 the Reserve Bank of India published its Framework for Responsible and Ethical Enablement of Artificial Intelligence (FREE-AI), built on a principle the audit committee will recognise: an institution deploying an AI system is accountable for the decisions of that system, regardless of the level of autonomy. RBI-regulated entities are now required to include AI-related disclosures in their annual reports, with sector-wide AI inventories and a graded liability framework on the way.

In the Kingdom, the Saudi Central Bank (SAMA) has folded cloud and AI obligations into its 2026 annual revision cycle for licensed institutions, aligned with the SDAIA ethics principles. For institutions whose customer data is bound by the Personal Data Protection Law, an AI architecture that cannot account for where the decision was made will fail the residency-driven adequacy assessment the PDPL imposes.

The European Union's AI Act enters its high-risk phase on 2 August 2026, with obligations under Articles 9 (risk management), 10 (data governance) and 50 (transparency) applying to credit scoring, insurance pricing and a list of other regulated decisions; fines run to 3 per cent of global annual turnover. The United Kingdom's Financial Conduct Authority will publish, by year-end, guidance on Senior Manager accountability for AI-caused harm under the Certification Regime.

The procurement decision a regulated enterprise is making this year is the decision that determines which side of this drafting it sits on.

Exhibit 1
Two accountability paths. The first was a chain of named accountabilities. The second has the same endpoints, with the middle not yet built.
BEFORE · ACCOUNTABILITY WAS A NAMED CHAIN A DECISION credit · claim · clinical THE UNDERWRITER named human, signed THE SUPERVISOR policy owner, on the record THE REGULATOR audit, on the record Each link had a face. NOW · MOST ARCHITECTURES CANNOT ANSWER A DECISION credit · claim · clinical THE AGENT which model? which version? RATIONALE? rarely produced at decision time THE REGULATOR asking what cannot be produced The middle is not yet built.
Same starting point. Same ending point. The middle, the part that used to be the underwriter and the supervisor, is now an agent and a gap. The piece below is about what is missing from the middle, and what the regulators have started to insist on filling it with.

Three questions every architecture must now answer

Strip the regulatory language back to its operational core and three questions remain. The architecture answers them, or it does not.

Who decided. Provenance. Which model produced this decision. Which version of that model. On what training data it was built. With what prompt or query context it ran. The institution has to be able to name the model that decided, the way it has always been able to name the underwriter that signed.

On what basis. Reason. An explainable rationale tied to the specific decision, generated at the moment of action, attached to the decision, exportable on demand. Not the segment membership. Not the lift coefficient. The explanation that a customer can read, an auditor can review and a court can adjudicate.

Who can override. Authority. The escalation path that brings a human back into the loop before the customer or the regulator does. The line of business that carries the cost of being wrong. The version of the decision the override produced, kept alongside the version it replaced.

An architecture that cannot answer all three, in real time, exportable for audit, leaves the regulated enterprise with an exposure regulators are about to require it to disclose.

The agent era did not abolish accountability. It moved it from the underwriter to the architecture.

Exhibit 2
What the regulator asks. What the policy document promises. What the architecture actually produces.
Dimension What the regulator asks What most stacks produce today
Provenance Which model, which version, which training data, which prompt context. Logs of system access. Not always the version of the model that decided.
Reason An explainable rationale tied to the specific decision, in language a customer and a court can both read. A segment membership or a lift score. Rarely the rationale tied to the act.
Override A defined escalation path with a named human authority and a recorded outcome. Code-level conditions and case routing, often not visible to audit at all.
Audit trail Decision-level, real-time, exportable in the format the regulator's examiners can run. Operational system logs, post-hoc, partial, in the platform's own format.
Line of business A named accountable executive who can extract the rationale from the system on demand. A named accountable executive who, in most cases, cannot.
Policy without architecture is a future enforcement action. The gap between the second and third columns is the procurement question the regulator is about to make for the enterprise that has not made it for itself.

The architectures that survive

The architectures that survive this redrafting are those built for it from the start. Reason-coded decision logs produced as a by-product of every decision, not retrofit afterwards. Model risk documentation generated as a build artefact, not assembled into a binder when the auditor knocks. Override authority defined in the platform itself, with the escalation path encoded in the architecture rather than written into a policy paragraph the operations team last read at onboarding. An audit trail exportable at the moment of the regulator's request, in the format the regulator's examiners can run. This is the architecture the regulator is about to draft into a rule.

The architectures that fail it tend to be the ones that have evolved by accretion. A CDP plus a campaign tool plus a decisioning engine plus a data warehouse plus an event stream, each tracked separately, with the rationale stored in a model that was deprecated in last quarter's release. The line-of-business owner is named on the org chart and unreachable in the architecture. The buying discipline that produced this stack was theatre. It will not produce an architecture that survives audit.

The procurement decision is now the accountability decision. It is being made in the window between the regulator's draft and the regulator's enforcement, and it is being made, by most enterprises, on the buying criteria of the last decade.

After the draft

The architectures that pass have four properties most current stacks do not: an open architecture the operator can read and audit on its own terms; reason-coded decision logs as a by-product of every decision, exportable in the regulator's format; outcomes-aligned pricing against decisions made rather than seats licensed; and operator-controlled deployment, so neither the data nor the audit trail crosses a vendor's boundary. What sector-specific accountability looks like, in banking, in insurance, in healthcare, and how regulated industries configure their architectures to satisfy regulators they have not yet been audited by, is the next question worth asking.

An Appice Perspective. A Moment to Think is the opinion strand of Appice, written for CIOs, CMOs and risk leaders who make the decisions their organisations will live with for years. The series is distinct from Appice's product and news content. Views are offered in good faith to encourage discussion and debate.
Appice is the real-time, audit-grade decisioning and execution layer for regulated industries. Deployed under operator control: on-premise, private cloud, or hybrid. appice.ai  ·  © Appice. Sources cited inline; figures and regulatory milestones from the Reserve Bank of India FREE-AI Framework, the European Commission AI Act, the Saudi Central Bank, and the UK Financial Conduct Authority, current to mid-2026.