Accountable, not just compliant: Governing Agentic AI in APAC May 14, 2026 | 6 min Read

Accountable, not just compliant: Governing Agentic AI in APAC

Picture the moment it goes wrong. An AI agent you deployed last quarter, the one that was supposed to triage leads and trigger campaigns on its own, has just sent a pricing offer to the wrong customer segment in three markets.

It reasoned its way there. It selected the tool, executed the action, and adapted to the feedback, exactly as designed. Nobody approved the decision, because the whole point was that nobody had to.

Now the question lands on someone’s desk: who is accountable for what the agent did?

If your honest answer is “the model,” or “the vendor,” or a long silence, you are not ready for agentic AI. And as of January 2026, Singapore has put that question in writing.

The Framework Arrived Faster Than Most Boards Noticed

At the World Economic Forum in January 2026, Singapore’s Infocomm Media Development Authority launched the Model AI Governance Framework for Agentic AI, billed as the world’s first governance framework written specifically for AI that can plan, reason and act on its own. It is the natural successor to the generative-AI framework that came before it, and it lands at exactly the moment APAC enterprises are moving agents from pilots into production.

Here is the part leaders need to sit with. Compliance with the framework is voluntary. Your accountability for what your agents do is not.

The framework is explicit that organisations remain responsible for the behaviour and actions of the agents they deploy, whether they built those agents in-house or bought them from a third party. “Voluntary” describes the guidance. It does not describe your exposure.

That distinction is where most organisations will get this wrong.

The Compliance Trap

I have watched this pattern play out for a decade across enterprise data programmes in Europe and APAC. A new regulation appears, legal reads it, a policy gets written, a box gets ticked, and everyone moves on. The framework becomes a document, not a behaviour.

You cannot do that with agentic AI, because the framework is not really asking you for a policy. It is asking you to redesign where decisions sit in your organisation.

The framework sets out four core dimensions: assess and bound the risks before you deploy, make humans meaningfully accountable, put the technical controls and processes in place, and enable end users to act responsibly. Three of those four are technical and procedural, and your engineers and vendors can help you with them. The second one, making humans meaningfully accountable, is not a technical problem at all. It is an organisational one. And it is the one that will decide whether your agentic AI creates value or quietly creates liability.

“Meaningfully Accountable” is an Org-Chart Problem

Accountability is easy to write into a policy and hard to locate in a real company. When an agent acts autonomously across functions, the old answer, “the person who pressed the button,” disappears, because no one pressed a button. So accountability has to be designed in advance: named owners, defined boundaries for what an agent may decide alone, clear escalation points where a human must step in, and a record of who was responsible when.

This is the same failure I see in every stalled transformation, in a new costume. The team that bought the platform is rarely the team expected to run it. With agents, the gap widens: the team that deploys the agent is rarely the team that owns the consequences of its decisions.

If you cannot point to a specific person who is accountable for a specific agent’s actions, you do not have governance. You have hope with a logo on it.

APAC Makes This Harder, Not Easier

If you operate across the region, multiply the problem. An agent governed sensibly from a Singapore headquarters may breach expectations, or regulations, the moment it acts in Jakarta or Hong Kong. Accountability that is clear in one market becomes ambiguous across five, where reporting lines, data-residency rules and consumer expectations all differ.

This is the cross-border complexity I have written about before, now with autonomy added on top. A standardised global agent policy pushed onto fragmented regional teams will not hold.

You need accountability that is clear locally and coherent regionally, which is an organisational design challenge long before it is a technical one.

Sovereignty is Part of Governance

There is one more dimension boards underestimate: where your data goes when an agent acts. Agentic systems reach for tools and context constantly, and every one of those calls is a decision about whether your customer and commercial data leaves your control.

Responsible agentic AI is not only about what the agent decides. It is about ensuring it decides without exposing your data to third-party or public models you do not govern. Governance and data sovereignty are the same conversation, and in this region they are increasingly a commercial argument, not just a legal one.

What to Actually Do Before You Scale Agents

The framework gives you the destination. The work is operational, and it looks a lot like the discipline any real transformation needs.

Bound the risk before deployment, not after an incident. Assign named human accountability for every agent, with explicit limits on what it may decide alone. Build the controls and the audit trail so you can answer “who was responsible” after the fact. And invest in the adoption side, the part everyone skips, so the people around the agent understand what it does, when to intervene, and why it matters.

None of that is exotic. It is the same principle behind everything I do: technology only delivers when the organisation around it is designed to hold it. Agentic AI just raises the stakes, because now the technology acts on its own.

A Question for Your Board

You can probably name the AI agents you have deployed or plan to. Now try the harder question. For each one, can you name the person who is accountable when it acts, the boundary it must not cross alone, and the point at which a human takes back control?

If you cannot answer that with specific names and clear mandates, the framework is not your most urgent problem. Your org chart is.

If you are deploying agentic AI in APAC and want to get the human accountability right before it costs you, let’s talk.

Sources / further reading