
THE SIGNAL
The guardrail tax you’re already paying.
Every major go-live has a war room. The industry calls it hyper-care a temporary team that catches what the system misses during stabilization. It's supposed to last six weeks.
I sat inside an SAP implementations — manufacturing, luxury fashion, FMCG, pharmaceuticals, multi-country — where the hyper-care team was still there eighteen months later. It had a budget line, a manager, and a backlog. Its job was catching transactions the system should never have allowed. The controls that belonged in the process design were being performed by people. Every day. Indefinitely.
That's what a retrofit looks like. The control gets built after the system ships and you pay for it monthly instead of once.
→ Sinch just published the numbers that show this pattern repeating with agents. The AI Production Paradox surveyed 2,527 senior decision makers across 10 countries. The headline: 74% of enterprises have rolled back or shut down a deployed AI agent after a governance failure.
But the number that matters is buried lower: 84% of AI engineering teams spend at least half their time building and maintaining safety infrastructure. Enterprises now invest more in trust, security, and compliance (75%) than in AI development itself (63%).
Sinch's CPO calls it the guardrail tax — and prescribes better communications infrastructure to absorb it. He sells infrastructure, so that's the prescription you'd expect.
The diagnosis is right. The prescription is incomplete.
→ The guardrail tax isn't levied because the infrastructure is weak. It's levied because the governance was bolted on after the agent shipped. Every manual review step, every alert someone has to babysit, every patch added after an incident is a decision nobody made at design time: what is this agent authorized to do, where does a human check it, what happens when it's wrong.
I've run this math in every transformation I've worked on. A control designed into the process costs you once, at design time. A control retrofitted after go-live bills you in engineering hours every month, forever. SOX taught enterprises this two decades ago that's why control design happens before the system goes live, not after the audit finding.
And the report's strangest number proves the point. Rollback rates hit 81% among organizations with the most mature guardrails — higher than the average. Sinch reads that correctly: mature teams aren't failing more, they're seeing failures sooner. A rollback is a control point firing.
The cohort that should worry you is the 26% who never rolled anything back. A few of them are deploying flawlessly. Most of them just aren't looking.
So the picture is this: almost everyone is paying a recurring tax for governance they didn't design, and the best-run organizations are using that governance mostly as a brake. Both are downstream of the same omission nobody designed the operating model before the agent went live.
Governance you retrofit is a tax. Governance you design is an asset. Same control, different price.
THE PATTERN
The Retrofit Audit
Take any guardrail currently wrapped around one of your agents — a human review step, a monitoring alert, a manual reconciliation, a kill switch. Ask four questions:
1. When was it born? Before go-live, as part of the design — or after an incident, as a patch? Controls born from incidents are scar tissue. Scar tissue protects, but it doesn't scale.
2. Where does it live? In the process, enforced automatically — or in someone's workload? If a human performs the check manually every day, that's headcount pretending to be a control.
3. Does it know why it exists? Documented trigger, named owner, scheduled review date — or tribal knowledge? A guardrail nobody can explain is one reorg away from disappearing.
4. What does it cost monthly? Count the engineering and review hours spent maintaining it. Designed controls trend toward zero marginal cost. Retrofitted ones never do.
The rule: Guardrails that were born after an incident, live in someone's workload, and have no documented owner are your guardrail tax line items. Count how many of your controls are designed-in versus bolted-on. Most organizations find the majority are bolted-on — that ratio, not the agent count, is what predicts whether you're in the 84%.
THE SIGNAL BOARD
WHAT I AM TRACKING THIS WEEK:
→ Gartner: uniform governance will sink your agents. A May 26 press release argues that applying the same governance to all AI agents regardless of autonomy and scope leads to failure — too heavy for simple agents, too light for critical ones. The analysts have arrived where the blast radius triage starts: governance scaled to consequence, not applied as a blanket. → Gartner
→ Microsoft IQ goes GA at Build 2026. A new context layer across GitHub Copilot, Microsoft Foundry, and Copilot Studio that grounds agents in enterprise knowledge — emails, meetings, documents, structured data — with Work IQ APIs landing June 16. The platforms are racing to own enterprise context. Context makes agents more capable. It doesn't decide what they're authorized to do with it. → Microsoft
→ NVIDIA and ServiceNow put autonomous agents on the desktop. Project Arc connects an autonomous desktop agent — with access to local file systems, terminals, and applications — to ServiceNow's Action Fabric for governance and auditability. The blast radius now reaches every laptop in the building. The governance question follows it there. → NVIDIA
→ EU AI Act: the deadline moved, the readiness gap didn't. High-risk obligations still bite August 2, 2026 for most categories, though Brussels agreed to push certain high-risk areas to December 2027. Meanwhile a Vision Compliance readiness report finds 78% of enterprises haven't taken meaningful steps toward compliance. Extensions reward the prepared. They just postpone the bill for everyone else. → Travers Smith
→ Colorado rewrote its AI law before it ever took effect. SB 189, signed May 14, delays the Colorado AI Act to January 2027 and strips its risk-management framework down to notice-and-transparency requirements. If your governance roadmap was "wait for the regulator to force it," the regulator just blinked. The risk didn't. → Littler
THE MOVE
This week's exercise: The Gaurdrail Ledger
Twenty minutes. Pick your most important deployed agent, the one whose failure would hurt.
List every guardrail around it: human review steps, monitoring alerts, manual checks, escalation paths, kill switches. For each one, fill two columns:
Born when — designed in before go-live, or added after an incident. Paid how — one-time build, or recurring human and engineering hours.
Total the recurring column. That's your weekly guardrail tax for one agent. Multiply by the number of agents you're running and you'll understand why 84% of AI engineering teams spend half their time on safety infrastructure instead of capability.
The ledger won't fix anything by itself. But it converts a vague sense of drag into a number — and a number is something you can take to the people who approve redesigns.
→ If your ledger shows more bolted-on than designed-in: DM me on LinkedIn or book 15 minutes — cal.com/ai-workflow/readiness-score

Agentic Congruence is a weekly newsletter about orchestrating ventures, agents, and systems. Published by La Maestría. Reply to this email anytime — I read everything.
