By 2028 Microsoft projects more than 1.3 billion AI agents will be operational—so unmanaged agents are fast becoming a business risk. Here's what you need to know: on Nov. 18, 2025 Microsoft launched Agent 365 to give IT appliance‐like oversight (authorize, quarantine, secure) and Work IQ to build agents using Microsoft 365 data and Copilot; the same day Google released Gemini 3.0, a multimodal model handling text, image, audio and video. These moves matter because firms face governance gaps, identity sprawl, and larger attack surfaces as agents proliferate. Immediate implications: treat agents as first‐class identities (Entra Agent ID), require audit logs, RBAC, lifecycle tooling, and test multimodal risks. Watch Agent 365 availability, Entra adoption, and Gemini 3.0 enterprise case studies—and act now to bake in identity, telemetry, and least privilege.

As of 2 August 2025 the EU AI Act’s obligations for providers of general-purpose AI (GPAI) models entered into application across the EU, imposing rules on transparency, copyright and safety/security for models placed on the market, with models already on market required to comply by 2 August 2027; systemic‐risk models—e.g., those above compute thresholds such as >10^23 FLOPs—face additional notification and elevated safety/security measures. A July 2025 template now mandates public training‐data summaries, a voluntary Code of Practice was finalized on 10 July 2025 to help demonstrate compliance, and enforcement including fines up to 7% of global turnover will start 2 August 2026. Impact: product release strategies, contracts and deployments must align to avoid delisting or penalties. Immediate actions: classify models under GPAI criteria, run documentation and safety gap analyses, and decide on CoP signatory status.

Two federal memoranda—OMB M-25-21 and M-25-22—redefine U.S. executive-branch AI governance and procurement. M-25-21 requires agencies and independent regulators to remove barriers to AI adoption, maximize reuse of federal code, create internal AI governance boards, join an interagency CAIO Council, designate a Chief AI Officer within 60 days, and apply enhanced oversight to “high-impact” AI. M-25-22 tightens acquisition: procurement documents issued after October 1, 2025 must assess “high-impact” status upfront and include testing, oversight, interoperability and data-rights terms; agencies have 270 days to update acquisition policies and GSA will issue templates in 100–200 days. These directives force pre-validation of AI for rights- and safety-affecting uses, shift compliance burdens onto agencies and vendors, and impose an aggressive implementation timeline.

In the past two weeks the field of agentic-AI governance crystallized around new technical and policy levers: two research frameworks—AAGATE (NIST AI RMF‐aligned, released late Oct 2025) and AURA (mid‐Oct 2025)—aim to embed threat modeling, measurement, continuous assurance and risk scoring into agentic systems, while regulators have accelerated action: the U.S. FDA convened on therapy chatbots on Nov 5, 2025; Texas passed TRAIGA (HB 149), effective 2026‐01‐01, limiting discrimination claims to intent and creating a test sandbox; and the EU AI Act phases begin Aug 2, 2025 (GPAI), Aug 2, 2026 (high‐risk) and Aug 2, 2027 (products), even as codes and harmonized standards are delayed into late 2025. This matters because firms face compliance uncertainty, shifting liability and operational monitoring demands; near‐term priorities are finalizing EU standards and codes, FDA rulemaking, and operationalizing state sandboxes.

On July 1, 2025 the U.S. Senate voted 99–1 to remove a provision that would have imposed a 10‐year moratorium on state AI rules and blocked states from a $500 million AI infrastructure fund, signaling a retreat from federal centralization and preserving state authority; California then enacted SB 53 on Sept. 29, 2025, requiring AI developers with model training costs over $100 million to disclose safety protocols and report critical safety incidents within 30 days, defining “catastrophic” as >$1 billion in damage or >50 injuries/deaths and allowing fines up to $1 million. Meanwhile the EU AI Act, in force since August 2024, imposes obligations on general‐purpose and foundation models starting Aug. 2, 2025 (risk assessments, adversarial testing, incident reporting, transparency). Impact: states are filling federal gaps, creating overlapping compliance, operational and market risks for firms; watch other states’ actions, federal legislation, and corporate adjustments.

Researchers and practitioners are shifting from benchmark-focused AI work to formal assurance for agentic systems: on 2025-10-15 a team published a formal framework defining two models (host agent and task lifecycle) and 17 host/14 lifecycle properties expressed in temporal logic to enable verification and prevent deadlocks; on 2025-10-29 AAGATE launched as a Kubernetes-native governance platform aligned with the NIST AI Risk Management Framework (including MAESTRO threat modeling, red‐team tailoring, policy engines, and accountability hooks); control‐theoretic guardrails argue for proactive, sequential safety with experiments in automated driving and e‐commerce that reduce catastrophic outcomes while preserving performance; legal pressure intensified when Amazon sued Perplexity on 2025-11-04 over an agentic shopping tool. These developments matter for customer safety, operations, and compliance—California’s SB 53 (15‐day incident reporting) and SB 243 (annual reports from 7/1/2027) force companies to adopt formal verification, runtime governance, and legal accountability now.