The Risk Wheelhouse

S7E4: Your Company Just Hired 10,000 Invisible Interns

Wheelhouse Advisors LLC Season 7 Episode 4

Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.

0:00 | 22:46

10,000 invisible autonomous AI agents working inside a single enterprise sounds like a productivity dream until you realize no one can explain who chartered them, what data they touch, or what decisions they are quietly making. We take on the popular “AI agent sprawl” narrative head-on and argue for a sharper label: a governance failure in progress that can undermine integrated risk management from the inside out.

We unpack the mechanics behind the explosion, from orchestration tools that connect large language models to enterprise APIs to the new reality that non-technical employees can spin up autonomous workflows in natural language. That shift turns isolated experimentation into an unmanaged AI population, spreading across departments without leadership intent, compliance testing, or monitoring. Then we get into the operational danger: conflicting agent outputs are not harmless second opinions when they write directly into systems of record. They become signal failures that corrupt dashboards, distort vendor risk, and feed executives a false picture of the organization’s true risk posture.

Using our IRM Navigator lens, we explain how agents fuse systems of record, systems of engagement, and systems of action into one opaque loop, bypassing the human checkpoints that normally enforce authorization and accountability. We also challenge the mainstream focus on compute costs and cybersecurity as the “main problem.” Those matter, but they are symptoms. The deeper issue is silent governance debt that builds until an audit, regulator request, or cascading failure forces an expensive reckoning.

If you lead risk, compliance, security, or enterprise architecture, this is your prompt to stop waiting for an IT patch and start designing agent governance as a first-class architectural requirement. Subscribe, share this with a colleague who is rolling out agentic workflows, and leave a review with your answer: if you froze your systems right now, could you tell your board how many AI agents are deciding on your company’s behalf?



Visit www.therisktechjournal.com and www.rtj-bridge.com to learn more about the topics discussed in today's episode. 

Subscribe at Apple Podcasts, Spotify, or Amazon Music. Contact us directly at info@wheelhouseadvisors.com or visit us at LinkedIn or X.com

Our YouTube channel also delivers fast, executive-ready insights on Integrated Risk Management. Explore short explainers, IRM Navigator research highlights, RiskTech Journal analysis, and conversations from The Risk Wheelhouse Podcast. We cover the issues that matter most to modern risk leaders. Every video is designed to sharpen decision making and strengthen resilience in a digital-first world. Subscribe at youtube.com/@WheelhouseAdv.


10,000 Invisible Agents And The Risk

Sam Jones

10,000. I mean, that is the number of uh invisible autonomous AI agents that are currently operating inside Davida right now.

Ori Wellington

Yeah. And then you look over at FICO, which is a company with, what, just thirty, five hundred employees?

Sam Jones

Right. It's not a massive workforce.

Ori Wellington

Exactly. And those workers are currently spinning up dozens of new AI agents every single day.

Sam Jones

Every single day. It's just staggering. Well, welcome to this deep dive on the risk wheelhouse.

Ori Wellington

Glad to be here.

Sam Jones

As advisors here at Wheelhouse Advisors, we basically spend our time analyzing the uh that constantly shifting edge where enterprise technology meets risk management.

Ori Wellington

Aaron Powell Right. And it is definitely shifting fast right now.

Sam Jones

Oh, for sure. And if you're a professional trying to navigate this chaos, you've probably heard the media and the broader tech industry calling this phenomenon AI agent sprawl.

Ori Wellington

Trevor Burrus Yeah, that's the buzzword.

Sam Jones

Right. And the narrative they're pushing is that this is merely a byproduct of rapid growth. Like it's messy, maybe a little inconvenient for the IT department, but ultimately it's just a sign of a really innovative workforce.

Ori Wellington

Aaron Powell I mean, that framing of this as mere sprawl is just a really dangerous mischaracterization.

Sam Jones

Aaron Powell Which is exactly what we are getting into today. Because in the article you published this week in the Risk Tech Journal, you make the case that we need to call this what it actually is.

Ori Wellington

Aaron Powell Right. It is a governance failure in progress. Full stop.

Sam Jones

A governance failure in progress.

Ori Wellington

Aaron Powell Yeah. When you have thousands of autonomous processes executing decisions across your enterprise without centralized oversight, you're not dealing with an IT headache anymore. Right. You are dealing with a massive, completely silent threat to your organization's

Why Agent Sprawl Signals Failure

Ori Wellington

integrated risk management architecture.

Sam Jones

Aaron Powell Okay, so let's unpack this because that is a, I mean, that's a fundamental pivot in how we need to categorize this problem for the listener.

Ori Wellington

Aaron Powell It really is.

Sam Jones

Our mission for this deep dive is to figure out why the proliferation of these AI agents poses such a huge structural threat. Yeah. And I think to do that, we need to start with the mechanics, right? Like the sheer velocity of this adoption is what catches the eye first.

Ori Wellington

Aaron Powell Oh, absolutely.

Sam Jones

How do we go from zero to 10,000 AI agents so incredibly fast?

Ori Wellington

Aaron Powell Well, the answer really lies in how the underlying technology has shifted recently.

Sam Jones

Aaron Powell Right, because we aren't talking about old school automation here.

Ori Wellington

Aaron Powell Exactly. We are no longer talking about traditional robotic process automation or RPA.

Sam Jones

Aaron Powell Right, where a developer has to sit there and rigidly script every single deterministic action.

Ori Wellington

Aaron Powell Yeah. You don't need a team of engineers writing Python or structuring SQL queries anymore. Platforms like Claude

How Orchestration Tools Create Agents

Ori Wellington

Cowork, along with this huge ecosystem of open source orchestration tools, have completely removed all of that technical friction.

Sam Jones

Aaron Powell So how does it actually work in practice, like for a regular employee?

Ori Wellington

Aaron Powell The mechanism itself is deceptively simple. These orchestration tools, they basically act as a bridge between a large language model's reasoning capabilities and the enterprise's functional APIs.

Sam Jones

Okay.

Ori Wellington

So a non-technical employee simply provides natural language instructions.

Sam Jones

They just talk to it.

Ori Wellington

Literally. They can tell the platform uh monitor this specific data feed, cross-reference incoming vendor names with our internal policy documents, and if you spot a discrepancy, draft a summary email and pause the invoice processing.

Sam Jones

Wow. And it just does it.

Ori Wellington

Yeah. The orchestration tool takes that prompt, chains together the necessary API calls, and suddenly, boom, you have an autonomous agent executing that workflow.

Sam Jones

That is, I mean it's like waking up to find your company just hired 10,000 invisible interns overnight to write briefs and manage data.

Ori Wellington

Aaron Powell That is exactly what it's like.

Sam Jones

But human resources has literally no record of them. Nobody knows who they report to.

Ori Wellington

Right. They just exist in the system now.

Sam Jones

Aaron Ross Powell So at what point does empowering employees cross the line into just completely losing control? Because vendors are selling this extreme accessibility as the ultimate feature, right? Right. Total employee empowerment. Trevor Burrus, Jr.

Ori Wellington

They are, but features do not inherently come with governance structures attached to them. Yeah. We are handing employees the ability to synthesize data and take action, but the enterprise lacks the infrastructure to actually track those actions.

Sam Jones

Aaron Powell Which brings up that core distinction you made in the article. There is a massive delta between an AI strategy and an AI population.

Ori Wellington

Exactly. A strategy implies intent and centralized control. Sure. An AI strategy is chartered by leadership, it's budgeted, it's rigorously tested against compliance frameworks, and actively monitored.

Sam Jones

But that's not what's happening.

Ori Wellington

Not at all. What we are seeing in the wild right now is the organic growth of an AI population. It is growing horizontally across every single tier of the organization.

Sam Jones

Just spreading everywhere.

Ori Wellington

Yeah, employees are customizing these agents for highly specific daily tasks, and they are doing so in total isolation.

Sam Jones

Aaron Powell, which means this population just evolves without any top-down direction. Trevor Burrus, Jr.

Ori Wellington

Right. And the agents interact with enterprise systems in entirely unpredictable ways.

Sam Jones

Aaron Powell Okay, so that brings us to the operational reality of what happens

AI Strategy Versus AI Population

Sam Jones

when this population goes to work.

Ori Wellington

It gets messy.

Sam Jones

It really does. The Wall Street Journal report highlighted a really specific warning from FICO's CIO regarding the outputs of these agents. He noted that multiple agents performing similar tasks can, and often do, produce conflicting results. You categorize this in your research as the integration trap at the agent layer.

Ori Wellington

Yeah, the integration trap. If we connect this to the bigger picture of enterprise architecture, this is a pattern that risk professionals have battled for decades.

Sam Jones

Oh yeah. Data silos.

Ori Wellington

Exactly. Think back to the era of disconnected software point solutions, where marketing, finance, and compliance all used siloed systems that just didn't communicate.

Sam Jones

Right. And the result was deeply conflicting data sources that degraded the integrity of the whole risk program.

Ori Wellington

Exactly. Agent Sprawl replicates that exact pattern, but it does so at an unimaginable speed and scale.

Sam Jones

Because it's automated.

Ori Wellington

Right. The conflicting sources are no longer static spreadsheets sitting on a shared drive. Yeah. They are dynamic, autonomous processes that are continuously generating data.

Sam Jones

Okay, but let me play devil's advocate here for a second and push back on the severity of this. Because if I am a department head and I ask two different human analysts to evaluate a complex vendor risk profile, I fully expect that I might get conflicting results, right?

Ori Wellington

Yeah, of course.

Sam Jones

Like one analyst might prioritize historical financial trends while the other might weigh current market indicators more heavily. In a human context, we view that as a benefit. We're getting a second opinion or a more nuanced view. Right. So why is conflicting agent output being elevated to the level of a corporate crisis rather than just, you know, a minor productivity hiccup?

Ori Wellington

Aaron Ross Powell It's a great question. And honestly, that is the most common

Conflicting Outputs Become Signal Failures

Ori Wellington

defense of agent autonomy that you hear.

Sam Jones

Yeah.

Ori Wellington

But it totally ignores the context of how data actually moves through an enterprise pipeline. What do you mean? Well, when you ask two humans for an opinion, you are inherently aware that you are receiving subjective analysis. Aaron Powell Right.

Sam Jones

I know I'm getting an opinion.

Ori Wellington

Exactly. You weigh their input accordingly, and there is a human review step before that opinion becomes official policy. AI agents, however, are frequently plugged directly into automated workflows where their outputs are treated as objective, actionable data.

Sam Jones

Oh, I see.

Ori Wellington

Yeah. When an agent writes directly to a compliance record or an operational database, those conflicting outputs are not a second opinion. They are signal failures.

Sam Jones

So because these agents are probabilistic, meaning they're making educated guesses based on language patterns rather than following rigid rules, they are fundamentally altering the facts on the ground without anyone verifying the logic.

Ori Wellington

Aaron Powell Exactly. They are changing the baseline data.

Sam Jones

Aaron Ross Powell To use an analogy, it's like uh letting every single employee wire their own personal untested generator directly into the corporate power grid.

Ori Wellington

Aaron Powell That's a great way to look at it.

Sam Jones

Aaron Powell Right. Like the primary problem isn't just that an employee might blow a fuse in their own office. The real danger is that unpredictable surges travel upstream and fry the central server that the entire company relies on.

Ori Wellington

Aaron Powell The upstream surge is precisely where the systemic risk lies. I mean, imagine one agent flags a supplier as high risk based on an automated web scrape of negative news articles. And at the exact same time, a different agent of the procurement department, operating on an outdated internal database, automatically approves that same supplier's quarterly invoice.

Sam Jones

Oh, wow.

Ori Wellington

Yeah. Those conflicting signals propagate silently, they get aggregated into departmental risk dashboards, which then roll up into executive summaries.

Sam Jones

So the data is corrupted before the leadership even sees it?

Ori Wellington

Yes. The result is that senior leadership ends up making strategic decisions based on entirely false risk positions.

Sam Jones

That's terrifying. Executives are steering the ship while the navigational instruments are being quietly recalibrated by thousands of unchartered processes.

Ori Wellington

Exactly.

Sam Jones

And this leads us directly to the structural flaw. In the piece, you leverage Wheelhouse Advisor's IRM navigator model to explain why our legacy enterprise structures are just totally failing to contain these agents. Let's walk the listener through that framework. The IRM navigator model basically divides effective risk management into three highly coordinated systems, right? Systems of record, systems of engagement, and systems of action.

IRM Navigator And Bypassed Controls

Sam Jones

Okay, break those down for us.

Ori Wellington

So the system of record is your authoritative data. It's the absolute immutable source of truth, like a master vendor database. Right. The system of engagement is the interface that surfaces that data, which allows human decision makers to interact with it.

Sam Jones

Like a dashboard or an application.

Ori Wellington

Exactly. And finally, the system of action is the mechanism that executes a process based on that human decision, such as generating a contract or triggering a payment.

Sam Jones

So it's record engagement action. It's a logical sequential flow that enforces authorization at every step.

Ori Wellington

Right. But AI agents do not recognize those boundaries.

Sam Jones

Because they aren't human.

Ori Wellington

Exactly. An agent doesn't sit at a keyboard and read a user interface, it utilizes APIs to bypass the system of engagement entirely.

Sam Jones

Wow. Okay.

Ori Wellington

It can pull from the system of record, apply its own probabilistic reasoning to the data, and trigger a system of action in one continuous, completely opaque loop.

Sam Jones

So if a compliance analyst builds an agent to summarize regulations, that agent might pull from a random source that completely contradicts the official system of record. Yes. And simultaneously, someone in finance has an agent monitoring vendor contracts that disagrees with what procurement put in the system.

Ori Wellington

Right.

Sam Jones

It's literally like the librarian suddenly rewriting the encyclopedias.

Ori Wellington

Exactly. They fuse the three systems together. The core issue is that these agents are being granted system-level access without human-level accountability.

Sam Jones

Right, because they just adopt the permissions of whoever spun them up.

Ori Wellington

Yeah. They operate with the permissions of the employee who created them, but they execute tasks at machine speed.

Sam Jones

Aaron Powell, which is how you get to 10,000 agents so fast.

Ori Wellington

Organizations are basically building massive layers of automation on top of complete ambiguity.

Sam Jones

Yeah.

Ori Wellington

If you don't have a coherent architecture that maps every single urgent to a defined, restricted role within that three systems structure, your entire risk architecture just becomes completely brittle.

Sam Jones

Aaron Powell So if the foundation is fracturing that quickly, we really have to ask why the alarms aren't blaring louder in the C-suite.

Ori Wellington

Well, the reality is that the alarms are ringing, but executives are currently focusing on the wrong dashboard. Trevor Burrus, Jr.

Sam Jones

Right. The mainstream distraction.

Ori Wellington

Yeah. There is a hyper focus right now on immediate cost and cybersecurity threats, and they're largely ignoring the deeper governance rot.

Sam Jones

Aaron Powell Like in that Wall Street Journal article, they specifically highlighted skyrocketing

Cost And Security Hide The Disease

Sam Jones

compute bills, which makes total sense.

Ori Wellington

Oh, absolutely.

Sam Jones

Because if you have 10,000 agents running continuous loops of API calls to a large language model every few seconds, especially if they get caught in some sort of error loop, the operational costs become astronomical overnight.

Ori Wellington

Yeah, the compute costs and the associated cybersecurity vulnerabilities like uh prompt injection attacks or data exfiltration, they are very real immediate problems. Sure. And they demand attention. However, security and cost overruns are ultimately symptoms. The governance vacuum is the underlying disease.

Sam Jones

Okay, expand on that.

Ori Wellington

Well, if you only solve for the cost by capping API usage, or you only solve for security by adding firewalls, you still have a population of unchartered agents making unauthorized decisions inside your perimeter. Right.

Sam Jones

But there is a profound hesitation to actually cure that underlying disease, and it really stems from the fear of missing out on the AI revolution.

Ori Wellington

Oh, big time.

Sam Jones

Let me bring in a perspective from the sources here. GitLab's CIO noted that their existing guardrails are, quote, holding the line. Right. But they also explicitly acknowledge that a certain level of agent sprawl is being tolerated in the short term. And the justification given is because of the opportunity that AI presents.

Ori Wellington

Yeah, that's the classic FOMO.

Sam Jones

Right. This is the tension every innovation leader faces. If you clamp down too hard, don't you lose the AI race? How do you balance that tension for the listener who is just trying to innovate?

Ori Wellington

Look, it raises an important question about the true cost of innovation. The opportunity AI presents is undeniable.

Sam Jones

Right.

Ori Wellington

And no technology leader wants to be responsible for killing the next massive leap in operational efficiency.

Sam Jones

Nobody wants to be that guy.

Ori Wellington

Exactly. But the hard reality of risk management is that short-term tolerance easily becomes long-term exposure.

Sam Jones

Yeah.

Ori Wellington

When you allow uncharted agents to embed themselves into your daily workflows just for the sake of speed, you lose the ability to answer fundamental questions about your own operations.

Sam Jones

Aaron Powell You are basically describing a scenario where an enterprise loses visibility into its own decision-making apparatus. Completely. If an auditor walks in or a regulator demands documentation, and the organization cannot definitively answer who chartered specific agent or what data sets it was authorized to synthesize, and what downstream systems relied on its output, that organization does not possess an AI risk management strategy.

Ori Wellington

No, they don't. They simply have raw AI exposure. And I call this accumulating silent governance debt.

Sam Jones

Aaron Ross Powell Silent governance debt. That is such a powerful way to frame it.

Ori Wellington

It is perhaps the most dangerous form of technical debt. Because it doesn't show up on a balance sheet or a traditional IT monitoring tool.

Sam Jones

It's invisible.

Ori Wellington

Right. It accumulates invisibly as more and more critical workflows become dependent on unverified agent outputs.

Sam Jones

Trevor Burrus And you don't realize how deep in the hole you are until something breaks.

Silent Governance Debt And Audit Risk

Ori Wellington

Trevor Burrus Exactly. Until a cascading failure occurs, until a regulatory violation is triggered by an automated process that nobody in the compliance department even knew existed.

Sam Jones

Wow.

Ori Wellington

Hoping that debt doesn't come due is just not a sustainable risk posture.

Sam Jones

Aaron Powell Which brings us to the core mandate for the professionals listening to this deep dive right now.

Ori Wellington

Yeah.

Sam Jones

Because the CIOs, quoted in the coverage, describe their current efforts as trying to tamp down on the problem.

Ori Wellington

Right, tamping down.

Sam Jones

But tamping down implies that agent sprawl is a temporary leak, right? Like it's a minor configuration issue that the IT department will eventually patch with a software update or some new firewall rules.

Ori Wellington

And it is definitely not that.

Sam Jones

Right. So if you're listening to this and waiting for your IT department to clean up this agent population, you're looking in the wrong direction.

Ori Wellington

Aaron Powell 100%. Agent governance cannot be relegated to the IT help desk. It is inherently a risk design problem. Aaron Powell Okay.

Sam Jones

How so?

Ori Wellington

Well, the IT department can manage the infrastructure, they can monitor the API calls, and they can secure the network perimeter. Sure. But IT cannot determine whether an autonomous agent has the appropriate business context to approve a vendor or summarize

Treat Agents Like Non Human Workers

Ori Wellington

a regulatory change or alter a compliance record.

Sam Jones

Right. They don't have the context.

Ori Wellington

That requires deep domain expertise. This means the integrated risk management function, the IRM function, has a clear, undeniable mandate to step out of a purely advisory role and really take the reins on architecture design. Trevor Burrus, Jr.

Sam Jones

Right. Designing an autonomous risk architecture requires the exact same rigor and scrutiny that an organization would apply to any manual process that touches regulatory obligations or major financial decisions. Absolutely. I mean you would never allow a new human employee to walk into the office on their first day, bypass all training, access the master database, and unilaterally make compliance decisions without a clear reporting structure. Trevor Burrus, Jr.

Ori Wellington

No, you'd be fired instantly.

Sam Jones

Trevor Burrus Exactly. And without an audit trail. But yet, that is exactly the level of access we are currently granting to lines of code generated by non-technical staff.

Ori Wellington

Aaron Powell It's crazy when you put it like that. We must treat AI agents as non-human workers.

Sam Jones

Right.

Ori Wellington

They require formal onboarding, strict, role-based access controls that are mapped to those systems of record, engagement, and action that we talked about. Yeah. And you need continuous monitoring of their decision logic. It has to be treated as a rigorous design problem from the absolute start rather than a messy cleanup exercise after the fact.

Sam Jones

Aaron Powell We have covered some incredibly dense and essential ground today.

Ori Wellington

We really have.

Sam Jones

We started by examining the mechanics of how low-friction orchestration tools like Claude Cowork have allowed these isolated experiments to quietly spiral into unsupervised AI populations. Right. We explored the mechanics of the integration track, demonstrating how probabilistic agents bypass systems of engagement to directly alter authoritative data, which ultimately scrambles the risk signals that leadership relies on.

Ori Wellington

Yeah, those signal failures.

Sam Jones

And finally, we laid out the urgent mandate for integrated risk management leaders to stop waiting for an IT patch and start treating agent governance as a fundamental architectural requirement.

Ori Wellington

It requires a massive shift in perspective, moving away from the distraction of compute costs and focusing squarely on data integrity.

Sam Jones

Exactly.

Ori Wellington

The organizations that treat this as a structural design problem today are the ones that will successfully build a resilient foundation for the agentic era.

Sam Jones

Well said. And as a reminder to you listening, this entire technical discussion is based on the phenomenal research my colleague published this week in the Risk Tech Journal.

Ori Wellington

Thank you.

Sam Jones

If you are tasked with navigating these silent threats and building resilient enterprise architecture, you need to be reading it. You can subscribe to our free weekly publication by going to wheelhouseadvisors.com forward slash risk tech journal.

Ori Wellington

And for those leaders who need to take the next

Where To Read The Research

Ori Wellington

step into practical application, you know, those who require deeper analysis on how to explicitly design that agentic IRM architecture and implement the governance principles that prevent a system of action from turning into a rogue AI population, we have built out our premium research platform, the RTJ Bridge.

Sam Jones

Yes, the RTJ Bridge is where we connect this breaking topical coverage directly with the deep structural analysis found in our IRM Navigator Report series.

Ori Wellington

It's really comprehensive.

Sam Jones

It is essential reading for risk professionals tasked with actually building these frameworks, and it is available exclusively at wheelhouseadvisors.com forward south RTJ-bridge. Remember, all of our content, including our written research and these deep dives on the risk wheelhouse, can be found at wheelhouseadvisors.com.

Ori Wellington

Before we wrap up, I want to leave you with one final thought to consider as you review your own organization's architecture tomorrow morning.

Sam Jones

Okay, let's hear it.

Ori Wellington

You know exactly how many human employees you have on the payroll. You know their roles, their managers, and their access levels. Sure. But if you had to freeze your enterprise systems right now, this very second, could you confidently tell your board of directors exactly how many autonomous AI agents are making decisions on your company's behalf today? And more importantly, whose side are they

The Board Level Question

Ori Wellington

on?