The Risk Wheelhouse
The Risk Wheelhouse is designed to explore how RiskTech is transforming the way companies approach risk management today and into the future. The podcast aims to provide listeners with valuable insights into integrated risk management (IRM) practices and emerging technologies. Each episode will feature a "Deep Dive" into specific topics or research reports developed by Wheelhouse Advisors, helping listeners navigate the complexities of the modern risk landscape.
The Risk Wheelhouse
S7E4: Your Company Just Hired 10,000 Invisible Interns
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
10,000 invisible autonomous AI agents working inside a single enterprise sounds like a productivity dream until you realize no one can explain who chartered them, what data they touch, or what decisions they are quietly making. We take on the popular “AI agent sprawl” narrative head-on and argue for a sharper label: a governance failure in progress that can undermine integrated risk management from the inside out.
We unpack the mechanics behind the explosion, from orchestration tools that connect large language models to enterprise APIs to the new reality that non-technical employees can spin up autonomous workflows in natural language. That shift turns isolated experimentation into an unmanaged AI population, spreading across departments without leadership intent, compliance testing, or monitoring. Then we get into the operational danger: conflicting agent outputs are not harmless second opinions when they write directly into systems of record. They become signal failures that corrupt dashboards, distort vendor risk, and feed executives a false picture of the organization’s true risk posture.
Using our IRM Navigator lens, we explain how agents fuse systems of record, systems of engagement, and systems of action into one opaque loop, bypassing the human checkpoints that normally enforce authorization and accountability. We also challenge the mainstream focus on compute costs and cybersecurity as the “main problem.” Those matter, but they are symptoms. The deeper issue is silent governance debt that builds until an audit, regulator request, or cascading failure forces an expensive reckoning.
If you lead risk, compliance, security, or enterprise architecture, this is your prompt to stop waiting for an IT patch and start designing agent governance as a first-class architectural requirement. Subscribe, share this with a colleague who is rolling out agentic workflows, and leave a review with your answer: if you froze your systems right now, could you tell your board how many AI agents are deciding on your company’s behalf?
Visit www.therisktechjournal.com and www.rtj-bridge.com to learn more about the topics discussed in today's episode.
Subscribe at Apple Podcasts, Spotify, or Amazon Music. Contact us directly at info@wheelhouseadvisors.com or visit us at LinkedIn or X.com.
Our YouTube channel also delivers fast, executive-ready insights on Integrated Risk Management. Explore short explainers, IRM Navigator research highlights, RiskTech Journal analysis, and conversations from The Risk Wheelhouse Podcast. We cover the issues that matter most to modern risk leaders. Every video is designed to sharpen decision making and strengthen resilience in a digital-first world. Subscribe at youtube.com/@WheelhouseAdv.
10,000 Invisible Agents And The Risk
Sam Jones10,000. I mean, that is the number of uh invisible autonomous AI agents that are currently operating inside Davida right now.
Ori WellingtonYeah. And then you look over at FICO, which is a company with, what, just thirty, five hundred employees?
Sam JonesRight. It's not a massive workforce.
Ori WellingtonExactly. And those workers are currently spinning up dozens of new AI agents every single day.
Sam JonesEvery single day. It's just staggering. Well, welcome to this deep dive on the risk wheelhouse.
Ori WellingtonGlad to be here.
Sam JonesAs advisors here at Wheelhouse Advisors, we basically spend our time analyzing the uh that constantly shifting edge where enterprise technology meets risk management.
Ori WellingtonAaron Powell Right. And it is definitely shifting fast right now.
Sam JonesOh, for sure. And if you're a professional trying to navigate this chaos, you've probably heard the media and the broader tech industry calling this phenomenon AI agent sprawl.
Ori WellingtonTrevor Burrus Yeah, that's the buzzword.
Sam JonesRight. And the narrative they're pushing is that this is merely a byproduct of rapid growth. Like it's messy, maybe a little inconvenient for the IT department, but ultimately it's just a sign of a really innovative workforce.
Ori WellingtonAaron Powell I mean, that framing of this as mere sprawl is just a really dangerous mischaracterization.
Sam JonesAaron Powell Which is exactly what we are getting into today. Because in the article you published this week in the Risk Tech Journal, you make the case that we need to call this what it actually is.
Ori WellingtonAaron Powell Right. It is a governance failure in progress. Full stop.
Sam JonesA governance failure in progress.
Ori WellingtonAaron Powell Yeah. When you have thousands of autonomous processes executing decisions across your enterprise without centralized oversight, you're not dealing with an IT headache anymore. Right. You are dealing with a massive, completely silent threat to your organization's
Why Agent Sprawl Signals Failure
Ori Wellingtonintegrated risk management architecture.
Sam JonesAaron Powell Okay, so let's unpack this because that is a, I mean, that's a fundamental pivot in how we need to categorize this problem for the listener.
Ori WellingtonAaron Powell It really is.
Sam JonesOur mission for this deep dive is to figure out why the proliferation of these AI agents poses such a huge structural threat. Yeah. And I think to do that, we need to start with the mechanics, right? Like the sheer velocity of this adoption is what catches the eye first.
Ori WellingtonAaron Powell Oh, absolutely.
Sam JonesHow do we go from zero to 10,000 AI agents so incredibly fast?
Ori WellingtonAaron Powell Well, the answer really lies in how the underlying technology has shifted recently.
Sam JonesAaron Powell Right, because we aren't talking about old school automation here.
Ori WellingtonAaron Powell Exactly. We are no longer talking about traditional robotic process automation or RPA.
Sam JonesAaron Powell Right, where a developer has to sit there and rigidly script every single deterministic action.
Ori WellingtonAaron Powell Yeah. You don't need a team of engineers writing Python or structuring SQL queries anymore. Platforms like Claude
How Orchestration Tools Create Agents
Ori WellingtonCowork, along with this huge ecosystem of open source orchestration tools, have completely removed all of that technical friction.
Sam JonesAaron Powell So how does it actually work in practice, like for a regular employee?
Ori WellingtonAaron Powell The mechanism itself is deceptively simple. These orchestration tools, they basically act as a bridge between a large language model's reasoning capabilities and the enterprise's functional APIs.
Sam JonesOkay.
Ori WellingtonSo a non-technical employee simply provides natural language instructions.
Sam JonesThey just talk to it.
Ori WellingtonLiterally. They can tell the platform uh monitor this specific data feed, cross-reference incoming vendor names with our internal policy documents, and if you spot a discrepancy, draft a summary email and pause the invoice processing.
Sam JonesWow. And it just does it.
Ori WellingtonYeah. The orchestration tool takes that prompt, chains together the necessary API calls, and suddenly, boom, you have an autonomous agent executing that workflow.
Sam JonesThat is, I mean it's like waking up to find your company just hired 10,000 invisible interns overnight to write briefs and manage data.
Ori WellingtonAaron Powell That is exactly what it's like.
Sam JonesBut human resources has literally no record of them. Nobody knows who they report to.
Ori WellingtonRight. They just exist in the system now.
Sam JonesAaron Ross Powell So at what point does empowering employees cross the line into just completely losing control? Because vendors are selling this extreme accessibility as the ultimate feature, right? Right. Total employee empowerment. Trevor Burrus, Jr.
Ori WellingtonThey are, but features do not inherently come with governance structures attached to them. Yeah. We are handing employees the ability to synthesize data and take action, but the enterprise lacks the infrastructure to actually track those actions.
Sam JonesAaron Powell Which brings up that core distinction you made in the article. There is a massive delta between an AI strategy and an AI population.
Ori WellingtonExactly. A strategy implies intent and centralized control. Sure. An AI strategy is chartered by leadership, it's budgeted, it's rigorously tested against compliance frameworks, and actively monitored.
Sam JonesBut that's not what's happening.
Ori WellingtonNot at all. What we are seeing in the wild right now is the organic growth of an AI population. It is growing horizontally across every single tier of the organization.
Sam JonesJust spreading everywhere.
Ori WellingtonYeah, employees are customizing these agents for highly specific daily tasks, and they are doing so in total isolation.
Sam JonesAaron Powell, which means this population just evolves without any top-down direction. Trevor Burrus, Jr.
Ori WellingtonRight. And the agents interact with enterprise systems in entirely unpredictable ways.
Sam JonesAaron Powell Okay, so that brings us to the operational reality of what happens
AI Strategy Versus AI Population
Sam Joneswhen this population goes to work.
Ori WellingtonIt gets messy.
Sam JonesIt really does. The Wall Street Journal report highlighted a really specific warning from FICO's CIO regarding the outputs of these agents. He noted that multiple agents performing similar tasks can, and often do, produce conflicting results. You categorize this in your research as the integration trap at the agent layer.
Ori WellingtonYeah, the integration trap. If we connect this to the bigger picture of enterprise architecture, this is a pattern that risk professionals have battled for decades.
Sam JonesOh yeah. Data silos.
Ori WellingtonExactly. Think back to the era of disconnected software point solutions, where marketing, finance, and compliance all used siloed systems that just didn't communicate.
Sam JonesRight. And the result was deeply conflicting data sources that degraded the integrity of the whole risk program.
Ori WellingtonExactly. Agent Sprawl replicates that exact pattern, but it does so at an unimaginable speed and scale.
Sam JonesBecause it's automated.
Ori WellingtonRight. The conflicting sources are no longer static spreadsheets sitting on a shared drive. Yeah. They are dynamic, autonomous processes that are continuously generating data.
Sam JonesOkay, but let me play devil's advocate here for a second and push back on the severity of this. Because if I am a department head and I ask two different human analysts to evaluate a complex vendor risk profile, I fully expect that I might get conflicting results, right?
Ori WellingtonYeah, of course.
Sam JonesLike one analyst might prioritize historical financial trends while the other might weigh current market indicators more heavily. In a human context, we view that as a benefit. We're getting a second opinion or a more nuanced view. Right. So why is conflicting agent output being elevated to the level of a corporate crisis rather than just, you know, a minor productivity hiccup?
Ori WellingtonAaron Ross Powell It's a great question. And honestly, that is the most common
Conflicting Outputs Become Signal Failures
Ori Wellingtondefense of agent autonomy that you hear.
Sam JonesYeah.
Ori WellingtonBut it totally ignores the context of how data actually moves through an enterprise pipeline. What do you mean? Well, when you ask two humans for an opinion, you are inherently aware that you are receiving subjective analysis. Aaron Powell Right.
Sam JonesI know I'm getting an opinion.
Ori WellingtonExactly. You weigh their input accordingly, and there is a human review step before that opinion becomes official policy. AI agents, however, are frequently plugged directly into automated workflows where their outputs are treated as objective, actionable data.
Sam JonesOh, I see.
Ori WellingtonYeah. When an agent writes directly to a compliance record or an operational database, those conflicting outputs are not a second opinion. They are signal failures.
Sam JonesSo because these agents are probabilistic, meaning they're making educated guesses based on language patterns rather than following rigid rules, they are fundamentally altering the facts on the ground without anyone verifying the logic.
Ori WellingtonAaron Powell Exactly. They are changing the baseline data.
Sam JonesAaron Ross Powell To use an analogy, it's like uh letting every single employee wire their own personal untested generator directly into the corporate power grid.
Ori WellingtonAaron Powell That's a great way to look at it.
Sam JonesAaron Powell Right. Like the primary problem isn't just that an employee might blow a fuse in their own office. The real danger is that unpredictable surges travel upstream and fry the central server that the entire company relies on.
Ori WellingtonAaron Powell The upstream surge is precisely where the systemic risk lies. I mean, imagine one agent flags a supplier as high risk based on an automated web scrape of negative news articles. And at the exact same time, a different agent of the procurement department, operating on an outdated internal database, automatically approves that same supplier's quarterly invoice.
Sam JonesOh, wow.
Ori WellingtonYeah. Those conflicting signals propagate silently, they get aggregated into departmental risk dashboards, which then roll up into executive summaries.
Sam JonesSo the data is corrupted before the leadership even sees it?
Ori WellingtonYes. The result is that senior leadership ends up making strategic decisions based on entirely false risk positions.
Sam JonesThat's terrifying. Executives are steering the ship while the navigational instruments are being quietly recalibrated by thousands of unchartered processes.
Ori WellingtonExactly.
Sam JonesAnd this leads us directly to the structural flaw. In the piece, you leverage Wheelhouse Advisor's IRM navigator model to explain why our legacy enterprise structures are just totally failing to contain these agents. Let's walk the listener through that framework. The IRM navigator model basically divides effective risk management into three highly coordinated systems, right? Systems of record, systems of engagement, and systems of action.
IRM Navigator And Bypassed Controls
Sam JonesOkay, break those down for us.
Ori WellingtonSo the system of record is your authoritative data. It's the absolute immutable source of truth, like a master vendor database. Right. The system of engagement is the interface that surfaces that data, which allows human decision makers to interact with it.
Sam JonesLike a dashboard or an application.
Ori WellingtonExactly. And finally, the system of action is the mechanism that executes a process based on that human decision, such as generating a contract or triggering a payment.
Sam JonesSo it's record engagement action. It's a logical sequential flow that enforces authorization at every step.
Ori WellingtonRight. But AI agents do not recognize those boundaries.
Sam JonesBecause they aren't human.
Ori WellingtonExactly. An agent doesn't sit at a keyboard and read a user interface, it utilizes APIs to bypass the system of engagement entirely.
Sam JonesWow. Okay.
Ori WellingtonIt can pull from the system of record, apply its own probabilistic reasoning to the data, and trigger a system of action in one continuous, completely opaque loop.
Sam JonesSo if a compliance analyst builds an agent to summarize regulations, that agent might pull from a random source that completely contradicts the official system of record. Yes. And simultaneously, someone in finance has an agent monitoring vendor contracts that disagrees with what procurement put in the system.
Ori WellingtonRight.
Sam JonesIt's literally like the librarian suddenly rewriting the encyclopedias.
Ori WellingtonExactly. They fuse the three systems together. The core issue is that these agents are being granted system-level access without human-level accountability.
Sam JonesRight, because they just adopt the permissions of whoever spun them up.
Ori WellingtonYeah. They operate with the permissions of the employee who created them, but they execute tasks at machine speed.
Sam JonesAaron Powell, which is how you get to 10,000 agents so fast.
Ori WellingtonOrganizations are basically building massive layers of automation on top of complete ambiguity.
Sam JonesYeah.
Ori WellingtonIf you don't have a coherent architecture that maps every single urgent to a defined, restricted role within that three systems structure, your entire risk architecture just becomes completely brittle.
Sam JonesAaron Powell So if the foundation is fracturing that quickly, we really have to ask why the alarms aren't blaring louder in the C-suite.
Ori WellingtonWell, the reality is that the alarms are ringing, but executives are currently focusing on the wrong dashboard. Trevor Burrus, Jr.
Sam JonesRight. The mainstream distraction.
Ori WellingtonYeah. There is a hyper focus right now on immediate cost and cybersecurity threats, and they're largely ignoring the deeper governance rot.
Sam JonesAaron Powell Like in that Wall Street Journal article, they specifically highlighted skyrocketing
Cost And Security Hide The Disease
Sam Jonescompute bills, which makes total sense.
Ori WellingtonOh, absolutely.
Sam JonesBecause if you have 10,000 agents running continuous loops of API calls to a large language model every few seconds, especially if they get caught in some sort of error loop, the operational costs become astronomical overnight.
Ori WellingtonYeah, the compute costs and the associated cybersecurity vulnerabilities like uh prompt injection attacks or data exfiltration, they are very real immediate problems. Sure. And they demand attention. However, security and cost overruns are ultimately symptoms. The governance vacuum is the underlying disease.
Sam JonesOkay, expand on that.
Ori WellingtonWell, if you only solve for the cost by capping API usage, or you only solve for security by adding firewalls, you still have a population of unchartered agents making unauthorized decisions inside your perimeter. Right.
Sam JonesBut there is a profound hesitation to actually cure that underlying disease, and it really stems from the fear of missing out on the AI revolution.
Ori WellingtonOh, big time.
Sam JonesLet me bring in a perspective from the sources here. GitLab's CIO noted that their existing guardrails are, quote, holding the line. Right. But they also explicitly acknowledge that a certain level of agent sprawl is being tolerated in the short term. And the justification given is because of the opportunity that AI presents.
Ori WellingtonYeah, that's the classic FOMO.
Sam JonesRight. This is the tension every innovation leader faces. If you clamp down too hard, don't you lose the AI race? How do you balance that tension for the listener who is just trying to innovate?
Ori WellingtonLook, it raises an important question about the true cost of innovation. The opportunity AI presents is undeniable.
Sam JonesRight.
Ori WellingtonAnd no technology leader wants to be responsible for killing the next massive leap in operational efficiency.
Sam JonesNobody wants to be that guy.
Ori WellingtonExactly. But the hard reality of risk management is that short-term tolerance easily becomes long-term exposure.
Sam JonesYeah.
Ori WellingtonWhen you allow uncharted agents to embed themselves into your daily workflows just for the sake of speed, you lose the ability to answer fundamental questions about your own operations.
Sam JonesAaron Powell You are basically describing a scenario where an enterprise loses visibility into its own decision-making apparatus. Completely. If an auditor walks in or a regulator demands documentation, and the organization cannot definitively answer who chartered specific agent or what data sets it was authorized to synthesize, and what downstream systems relied on its output, that organization does not possess an AI risk management strategy.
Ori WellingtonNo, they don't. They simply have raw AI exposure. And I call this accumulating silent governance debt.
Sam JonesAaron Ross Powell Silent governance debt. That is such a powerful way to frame it.
Ori WellingtonIt is perhaps the most dangerous form of technical debt. Because it doesn't show up on a balance sheet or a traditional IT monitoring tool.
Sam JonesIt's invisible.
Ori WellingtonRight. It accumulates invisibly as more and more critical workflows become dependent on unverified agent outputs.
Sam JonesTrevor Burrus And you don't realize how deep in the hole you are until something breaks.
Silent Governance Debt And Audit Risk
Ori WellingtonTrevor Burrus Exactly. Until a cascading failure occurs, until a regulatory violation is triggered by an automated process that nobody in the compliance department even knew existed.
Sam JonesWow.
Ori WellingtonHoping that debt doesn't come due is just not a sustainable risk posture.
Sam JonesAaron Powell Which brings us to the core mandate for the professionals listening to this deep dive right now.
Ori WellingtonYeah.
Sam JonesBecause the CIOs, quoted in the coverage, describe their current efforts as trying to tamp down on the problem.
Ori WellingtonRight, tamping down.
Sam JonesBut tamping down implies that agent sprawl is a temporary leak, right? Like it's a minor configuration issue that the IT department will eventually patch with a software update or some new firewall rules.
Ori WellingtonAnd it is definitely not that.
Sam JonesRight. So if you're listening to this and waiting for your IT department to clean up this agent population, you're looking in the wrong direction.
Ori WellingtonAaron Powell 100%. Agent governance cannot be relegated to the IT help desk. It is inherently a risk design problem. Aaron Powell Okay.
Sam JonesHow so?
Ori WellingtonWell, the IT department can manage the infrastructure, they can monitor the API calls, and they can secure the network perimeter. Sure. But IT cannot determine whether an autonomous agent has the appropriate business context to approve a vendor or summarize
Treat Agents Like Non Human Workers
Ori Wellingtona regulatory change or alter a compliance record.
Sam JonesRight. They don't have the context.
Ori WellingtonThat requires deep domain expertise. This means the integrated risk management function, the IRM function, has a clear, undeniable mandate to step out of a purely advisory role and really take the reins on architecture design. Trevor Burrus, Jr.
Sam JonesRight. Designing an autonomous risk architecture requires the exact same rigor and scrutiny that an organization would apply to any manual process that touches regulatory obligations or major financial decisions. Absolutely. I mean you would never allow a new human employee to walk into the office on their first day, bypass all training, access the master database, and unilaterally make compliance decisions without a clear reporting structure. Trevor Burrus, Jr.
Ori WellingtonNo, you'd be fired instantly.
Sam JonesTrevor Burrus Exactly. And without an audit trail. But yet, that is exactly the level of access we are currently granting to lines of code generated by non-technical staff.
Ori WellingtonAaron Powell It's crazy when you put it like that. We must treat AI agents as non-human workers.
Sam JonesRight.
Ori WellingtonThey require formal onboarding, strict, role-based access controls that are mapped to those systems of record, engagement, and action that we talked about. Yeah. And you need continuous monitoring of their decision logic. It has to be treated as a rigorous design problem from the absolute start rather than a messy cleanup exercise after the fact.
Sam JonesAaron Powell We have covered some incredibly dense and essential ground today.
Ori WellingtonWe really have.
Sam JonesWe started by examining the mechanics of how low-friction orchestration tools like Claude Cowork have allowed these isolated experiments to quietly spiral into unsupervised AI populations. Right. We explored the mechanics of the integration track, demonstrating how probabilistic agents bypass systems of engagement to directly alter authoritative data, which ultimately scrambles the risk signals that leadership relies on.
Ori WellingtonYeah, those signal failures.
Sam JonesAnd finally, we laid out the urgent mandate for integrated risk management leaders to stop waiting for an IT patch and start treating agent governance as a fundamental architectural requirement.
Ori WellingtonIt requires a massive shift in perspective, moving away from the distraction of compute costs and focusing squarely on data integrity.
Sam JonesExactly.
Ori WellingtonThe organizations that treat this as a structural design problem today are the ones that will successfully build a resilient foundation for the agentic era.
Sam JonesWell said. And as a reminder to you listening, this entire technical discussion is based on the phenomenal research my colleague published this week in the Risk Tech Journal.
Ori WellingtonThank you.
Sam JonesIf you are tasked with navigating these silent threats and building resilient enterprise architecture, you need to be reading it. You can subscribe to our free weekly publication by going to wheelhouseadvisors.com forward slash risk tech journal.
Ori WellingtonAnd for those leaders who need to take the next
Where To Read The Research
Ori Wellingtonstep into practical application, you know, those who require deeper analysis on how to explicitly design that agentic IRM architecture and implement the governance principles that prevent a system of action from turning into a rogue AI population, we have built out our premium research platform, the RTJ Bridge.
Sam JonesYes, the RTJ Bridge is where we connect this breaking topical coverage directly with the deep structural analysis found in our IRM Navigator Report series.
Ori WellingtonIt's really comprehensive.
Sam JonesIt is essential reading for risk professionals tasked with actually building these frameworks, and it is available exclusively at wheelhouseadvisors.com forward south RTJ-bridge. Remember, all of our content, including our written research and these deep dives on the risk wheelhouse, can be found at wheelhouseadvisors.com.
Ori WellingtonBefore we wrap up, I want to leave you with one final thought to consider as you review your own organization's architecture tomorrow morning.
Sam JonesOkay, let's hear it.
Ori WellingtonYou know exactly how many human employees you have on the payroll. You know their roles, their managers, and their access levels. Sure. But if you had to freeze your enterprise systems right now, this very second, could you confidently tell your board of directors exactly how many autonomous AI agents are making decisions on your company's behalf today? And more importantly, whose side are they
The Board Level Question
Ori Wellingtonon?