Enterprise adoption of AI agents has moved from experimentation to full-scale production, but governance infrastructure hasn't caught up. According to a new survey of nearly 1,900 global IT leaders, 96% of organizations are already using AI agents in some capacity, and 97% are exploring system-wide agentic AI strategies . However, 94% report serious concerns that AI sprawl is increasing complexity, technical debt, and security risk, even as most enterprises lack centralized governance approaches .

This represents a fundamental shift in how enterprises build software. Agentic AI systems can autonomously execute workflows, make decisions, and adapt in real time, operating across multiple tools and data sources simultaneously. Gartner predicts that 40% of enterprise applications will include task-specific AI agents by the end of 2026, signaling how rapidly these systems are becoming embedded in mission-critical operations .

Why Is Governance Failing to Keep Pace With Adoption?

The core problem is architectural fragmentation. Thirty-eight percent of organizations globally are mixing custom-built and pre-built agents, creating AI stacks that are difficult to standardize and secure . Only 12% have implemented a centralized platform to manage sprawl, meaning most enterprises are experimenting with governance approaches that vary by team and region .

This fragmentation creates multiple vulnerabilities. When AI agents orchestrate multi-step workflows across models and systems, they often touch sensitive data at every step, querying databases, calling external APIs, and using coding agents to generate or modify code . Traditional governance tools weren't built for this world because they operate in silos and can't provide unified visibility across the full lifecycle of an agent's actions .

The stakes became clearer when security researchers disclosed a systemic vulnerability in Anthropic's Model Context Protocol (MCP), the industry standard for connecting AI agents to external tools and data sources. The flaw enables arbitrary command execution on vulnerable systems, affecting up to 200,000 servers and impacting tools like Cursor, VS Code, Claude Code, and Gemini-CLI . Anthropic declined to fix the architecture, calling the behavior "expected" and pushing responsibility to developers .

How Are Leading Enterprises Managing Agent Deployment at Scale?

Despite governance challenges, major organizations are moving forward with large-scale deployments. EY announced a global rollout of enterprise-scale agentic AI across its entire Assurance workforce of 130,000 professionals conducting 160,000 audits in more than 150 countries . The multi-agent framework, built on Microsoft Azure, Foundry, and Fabric, is now embedded directly into EY Canvas, the firm's unified audit platform that processes over 1.4 trillion lines of journal entry data per year .

This is not a pilot. EY is backing the deployment with what it calls a "multibillion-dollar" investment in audit quality and technology, with full end-to-end AI-supported audits expected by 2028 . The company is also running a global training program throughout 2026 and has joined Stanford's Human-Centered AI Industrial Affiliates Program to upskill its workforce .

Similarly, Canva unveiled AI 2.0 at its Create 2026 event, transforming the design platform from a tool that responds to prompts into an agentic creative workforce platform. The update supports conversational design from natural language prompts, agentic orchestration across its design engine, a Memory Library that retains brand preferences across sessions, and connectors to Slack, Notion, Zoom, Gmail, and Google Calendar . Canva claims its proprietary models are 7 times faster and 30 times cheaper than comparable alternatives, and the rollout is reaching its first 1 million users now .

What Governance Solutions Are Emerging to Address the Sprawl?

New governance platforms are beginning to address the control gap. Databricks announced major enhancements to its AI Gateway, which is now part of Unity Catalog as Unity AI Gateway, extending governance capabilities to agentic AI . This allows organizations to apply the same permissions, auditing, and policy controls to how agents access large language models (LLMs) and interact with tools like MCP servers and APIs .

The platform provides several critical capabilities for managing agent sprawl:

• MCP Governance: Control which agents can access external systems with fine-grained permissions, including on-behalf-of user execution so agents operate with the requesting user's exact permissions rather than elevated service accounts .
• Multi-Model Support: Configure governance once across Anthropic, OpenAI, Google, and open-source models, with policies staying consistent across providers without duplicate setup .
• Guardrails and Detection: Deploy PII detection and redaction, content safety filters, prompt injection detection, data exfiltration prevention, and hallucination guards, with each guardrail backed by an editable prompt and configurable model .
• End-to-End Observability: Monitor LLM and MCP calls, track usage, and attribute costs across models, teams, and workflows with actual dollar costs rather than just token counts .
• Unified APIs and Fallbacks: Use OpenAI-compatible APIs for seamless provider switching, with automatic fallback to backup models if the primary model hits rate limits or experiences outages .

OutSystems recently introduced OutSystems Agentic Systems Engineering, described as an open approach to AI development designed to help organizations build, manage, and evolve governed agentic systems for the enterprise .

Steps to Prepare Your Organization for Agentic AI Governance

Organizations that want to move from experimentation to controlled production deployment should take these practical steps:

• Audit Your Current AI Stack: Map which agents your organization is running, whether they're custom-built or pre-built, and identify which external systems and data sources they access. Document which teams are responsible for each agent and what governance policies, if any, are currently in place.
• Implement Input Validation and Permission Controls: If your engineering team uses AI coding assistants or MCP-connected tools, implement strict input validation on all MCP server configurations, restrict command execution permissions, and audit which MCP servers your team is running to prevent unauthorized access.
• Build AI Literacy and Upskilling Programs: EY's deployment of AI agents to 130,000 auditors shows that large-scale rollouts require workforce preparation. Start mapping roles with repetitive analytical tasks that agents could handle and develop training plans now rather than after competitors have already deployed.
• Establish Centralized Governance: Move beyond fragmented, team-by-team approaches by implementing a unified governance platform that provides visibility across all agents, models, and external tool connections, with consistent policies enforced across the organization.
• Monitor Costs and Usage Continuously: Set up detailed observability infrastructure that tracks LLM and MCP calls, attributes costs across models and teams, and logs every request with identity, timestamp, and connection details for audit purposes.

The data shows that agentic AI is no longer optional infrastructure for enterprises. Adoption maturity varies by region, with India reporting some of the highest levels of advanced and expert agentic AI capability, while Australia and Japan reflect growing bases of organizations at intermediate stages . Financial services and technology organizations report the highest levels of production deployment .

The transition from AI experimentation to measurable business outcomes is already underway. As Woodson Martin, CEO at OutSystems, stated, "The transition from AI experimentation to measurable business outcomes is no longer a future state, it is our current reality. The findings in the State of AI Development Report reveal a fundamental shift where building software and building AI systems have become one and the same" .

Woodson Martin, CEO at OutSystems

"Our approach to working with OutSystems for an agentic solution was to start with a small, well-defined project that we felt like we could get into production, and that would actually have an impact on the business," said Scott Finkle, VP of Technology at McConkey Auction Group.

Scott Finkle, VP of Technology, McConkey Auction Group

The challenge for enterprises now is not whether to adopt AI agents, but how to deploy them safely and at scale. Organizations that establish centralized governance, implement proper observability, and build workforce readiness will have significant advantages over those that continue to let agent sprawl grow unchecked .