Only 14% of leaders in Singapore report having a mature model for agentic AI governance, yet 72% of companies plan to deploy agentic AI across several operational areas within two years (Deloitte SEA, 2026). The budgets have been approved. The deployments are coming. The accountability structures, in most boardrooms, don’t exist yet.
This isn’t primarily a technology problem. It’s a sequencing problem. Boards that govern AI tools wait for a human to review the output before action is taken. Boards that govern AI agents are working with a fundamentally different model: the agent acts first. The oversight comes after, if it comes at all.
Agentic AI governance is the set of policies, accountability structures, and technical controls that determine who authorises what an AI agent can do, who is responsible when it acts incorrectly, and how the organisation responds. Unlike governing AI tools that produce outputs for human review, governing AI agents means pre-defining the scope of autonomous action before deployment begins.
Singapore’s IMDA launched the world’s first governance framework specifically designed for agentic AI in January 2026. Its core message is clear: humans are ultimately accountable. This article uses that framework, alongside PDPA obligations and MAS guidance, to map what board-level accountability actually requires in practice.
TL;DR: Singapore launched the world’s first governance framework for agentic AI in January 2026, and its central message is explicit: humans are ultimately accountable. Only 14% of Singapore business leaders report a mature agentic AI governance model (Deloitte SEA, 2026), yet 72% plan broad deployment within two years. This article maps what “accountable” means at board level, using Singapore’s four-dimension framework and PDPA obligations as the structure.
- Only 14% of Singapore leaders have mature agentic AI governance, vs. 72% planning broad deployment within two years
- Singapore’s MGF is the world’s first framework designed specifically for agentic AI (IMDA, January 2026)
- Three in four boards have approved major AI investments but fewer than half have set governance expectations (Grant Thornton 2026)
- Organisations with fully integrated AI governance are nearly four times more likely to report revenue growth than those still piloting (Grant Thornton 2026)
- Governance built now is absorbed as operating cost; governance retrofitted after a public failure is absorbed as crisis cost
For more on AI governance frameworks, see the Leadership and Governance topic hub.
Why Do AI Agents Require a Different Governance Model?
Forty percent of enterprise apps will feature task-specific AI agents by 2026, up from fewer than 5% in 2025 (Gartner, Aug 2025). Across six ASEAN markets, nearly 90% of companies plan to experiment with agentic AI (McKinsey, EDB Singapore, Tech in Asia, 2026). Most existing governance frameworks weren’t built for this speed or this operating model.
The distinction that matters for boards isn’t technical. It’s about the consequence sequence.
With an AI tool, the sequence is: prompt, output, human review, then action. A human sits between the output and any real-world consequence. If the tool hallucinates, a competent reviewer catches it before a customer, supplier, or regulator is affected.
With an AI agent, the sequence is different: instruction, action, then maybe a log entry somewhere. When an agent processes a supplier renegotiation based on stale inventory data, the communication has already been sent. When an agent adjusts pricing in response to a competitor signal that was misread, the price is already live. A human reviewing a log after the fact isn’t governance. It’s documentation.
Consider an agency building an ad recommendation engine for a client. The first governance question isn’t whether it works. It’s: who is responsible if it serves the wrong ad to the wrong person, and how will you know? That question isn’t in any vendor contract. It doesn’t appear in implementation timelines. It lives in governance, and if you don’t decide it before deployment, the agent decides it for you by acting.
This is why existing AI governance frameworks, written for a world of outputs and approvals, aren’t adequate for agents. The oversight sequence has been inverted. Boards that don’t adjust their governance model accordingly are approving deployments they won’t be able to supervise.
For a practical overview of deploying AI agents in business operations, see the 2026 guide.
What Does Singapore’s Agentic AI Governance Framework Actually Require?
In January 2026, Singapore’s IMDA announced what international coverage described as “the world’s first governance framework specifically designed for agentic AI,” launched at the World Economic Forum in Davos by Minister Josephine Teo (IMDA, January 22, 2026). Its central message carries a board-level implication most announcements glossed over: “Humans are ultimately accountable.” The framework doesn’t assign liability to the agent. It assigns it to the organisation deploying the agent, and by implication, to the board that approved the deployment.
The framework is organized around four dimensions. For a board, the useful thing is to read them as connected obligations rather than a checklist.
1. Assess and bound risks upfront
What the agent can and cannot do is a governance decision, not an implementation detail. Defining the scope of permissible actions before deployment, and documenting it, is where board accountability starts.
2. Human accountability across the full chain
The framework requires accountability to be defined across developers, deployers, operators, and end-users. For a board, this means a named accountable person must exist at each consequence tier, not just at the vendor level or the engineering team level.
3. Technical controls throughout the lifecycle
Baseline testing before deployment, whitelisted APIs, staged rollouts, and real-time monitoring after launch. The board’s role here isn’t to configure the monitoring stack. It’s to demand evidence that these controls exist and are being reviewed.
4. End-user responsibility
Transparency that agents are involved, and training to prevent over-trust. Employees and customers interacting with agents need to know they’re interacting with agents.
For MAS-regulated financial institutions, the November 2025 AI Risk and Governance (AIRG) guidelines add a layer that is already de facto mandatory. Boards of regulated entities must set AI risk appetite, formally approve the AI governance framework, and integrate AI risk into the three-lines-of-defense model. The MGF is currently voluntary for non-financial institutions, but PDPA creates binding obligations that sit underneath it regardless.
Citation capsule
Singapore’s IMDA launched the world’s first governance framework specifically designed for agentic AI on January 22, 2026, at the World Economic Forum in Davos. The framework’s central message: “Humans are ultimately accountable.” It assigns responsibility not to the agent but to the organisation deploying it, across four dimensions: upfront risk bounding, human accountability chains, technical lifecycle controls, and end-user transparency. (IMDA, 2026)
The Leadership and Governance topic hub has further reading on the full Singapore regulatory stack.
The Accountability Chain: Who Is “Ultimately Accountable”?
Three in four boards have approved major AI investments, but fewer than half have set governance expectations, and fewer than half have made AI risk a standing agenda item (Grant Thornton 2026 AI Impact Survey). That statistic captures the governance gap precisely: the money is flowing, but the accountability chain hasn’t been built.
Singapore’s framework says humans are accountable. What it doesn’t do is name which humans. That gap is where most governance fails in practice.
What IMDA’s framework doesn’t give you is a practical traceability tool: something a board can point to after an incident and ask who authorised this action, at what tier, and who was the named accountable person. The template below fills that gap. It’s not drawn from the MGF; it’s a classification structure I developed to operationalise IMDA’s accountability principles into something boards can actually adopt.
The idea is simple: map every type of action your agents can take to a consequence level, define the required oversight at that level, and assign a named owner. The board approves the framework. Everyone else works within it.
Here’s an example built for a digital agency running AI agents across client campaigns:
| Agent action type | Agency example | Human oversight required | Who holds accountability? |
|---|---|---|---|
| Read-only analysis | Pull client campaign performance data | Passive audit log | Account manager |
| Soft recommendation | Suggest revised media budget allocation | Account manager reviews before sharing | Account manager |
| Reversible action | Publish a social post on client's behalf | Human-in-the-loop approval or post-action audit | Account director |
| Semi-reversible action | Send a client-facing email, update CRM records | Pre-authorised within defined parameters | Client services head |
| Irreversible/high-stakes action | Commit ad spend above agreed threshold, submit a contract | Human approval required before execution | Managing director and client sign-off |
The board’s role is not to approve every agent action. Most agent actions are routine and low-consequence. The board’s role is narrower and more specific: approve the classification framework itself, confirm a named accountable person exists at each tier, and receive reports on any incidents that occur at the semi-reversible or high-stakes tiers.
The governance failure most boards are currently making isn’t ignorance. It’s lag. Boards are approving AI deployments without having set the classification framework first. The result is agents taking semi-reversible and high-stakes actions with no defined approval threshold and no named accountable person. When something goes wrong, there’s no clear answer to who authorised the scope of action.
The governance gap isn’t primarily about knowledge. It’s about lag time and structural mismatch. Boards understand AI agents in the abstract; most can articulate what an agent does. The problem is that governance structures were written for a world where outputs come before consequences. Agents invert that: the consequence arrives first, and the oversight, if any exists, arrives second. Singapore’s MGF is solving this structural problem explicitly, but the solution requires boards to act before deployment, not after it.
Citation capsule
Three in four boards have approved major AI investments, but fewer than half have set governance expectations for those investments, and fewer than half have made AI risk a standing agenda item. Only 20% of organisations have a tested AI incident response plan, and 78% of business executives lack strong confidence they could pass an independent AI governance audit within 90 days. (Grant Thornton 2026 AI Impact Survey)
Can Boards Outsource Accountability Under Singapore’s PDPA?
Just 14% of CEOs believe their AI systems operate in adherence to regulations, compared to 29% of other C-suite peers (EY Responsible AI Pulse Survey, March-April 2025, 975 C-suite leaders across 21 countries). That gap is a visibility problem, not a knowledge problem. Domain C-suite leaders — CTOs, CDOs, CISOs — feel confident about the AI systems within their lane. CEOs see the full picture but depend on what gets reported up to them. A 14% confidence rate at CEO level suggests most chief executives don’t have sufficient visibility across their organisation’s AI footprint to say with any certainty that it’s compliant. If the CEO, who is closest to day-to-day operations, is that uncertain, boards have their work cut out gaining confidence that AI is being deployed responsibly.
Many boards assume accountability for AI outcomes can be transferred to the vendor. Under Singapore’s PDPA, it can’t. The organisation deploying the agent is accountable for how personal data is used, regardless of whether a third-party AI vendor processes it.
The PDPC’s advisory guidelines make this concrete: if your agent uses personal data to make recommendations or decisions affecting individuals, PDPA obligations apply. This covers consent for training data, explainability on request, purpose limitation, and accountability. It applies whether the agent is built in-house or assembled from third-party APIs.
Practical translation: if your agentic workflow uses Claude, OpenAI, or any other vendor’s model, and that workflow processes customer or employee personal data, your organisation is the accountable party. Signing a vendor data processing agreement shifts some operational risk. It does not shift PDPA accountability.
Running 2Stallions across Singapore, Malaysia, Indonesia, and India means client data flows through AI tools under multiple data protection regimes simultaneously. Accountability isn’t a principle we discuss in theory. It’s a client contract question, a staff training question, and a board-level governance question at the same time. One client conversation about how their campaign data was being processed through our AI tools led to a two-hour review of our vendor contracts. That’s the PDPA reality for any agency or service provider using agentic tools at scale.
Three things every board should be able to confirm exist in their organisation: first, an AI use register documenting every deployed agent, its purpose, and what data it touches. Second, vendor contracts with explicit data handling terms, not just the standard DPA. When I built out MCP integrations for ad platform reporting, we held off on extending the setup to any client account until we’d reviewed each platform’s API Terms of Service and updated our own client-facing Terms of Service to disclose AI tool usage — the technical build took two weeks, the legal review took just as long. That sequencing is the right order of operations, and most organisations skip it (the MCP ad platform build walkthrough has the detail). Third, a defined process for handling PDPA access requests related to AI decisions, because regulators and affected individuals can and do ask.
Citation capsule
Just 14% of CEOs believe their AI systems operate in adherence to regulations, compared to 29% of other C-suite peers. Under Singapore’s PDPA, organisations deploying agentic AI cannot transfer accountability to the vendor. If an agent processes personal data through a third-party API, the deploying organisation remains responsible for consent, explainability, purpose limitation, and accountability. (EY Responsible AI Pulse Survey, Aug 2025)
For the underlying board AI fluency foundation that makes governance conversations productive, that article covers what directors need to understand before they can govern effectively.
What Boards That Get This Right Are Doing Differently
Organisations with comprehensive AI policies are nearly twice as likely to be early agentic AI adopters, with 46% qualifying as early adopters compared to 25% for those with only partial guidelines (CSA and Google Cloud, Dec 2025). Governance maturity, not technical readiness, is the strongest predictor of successful AI adoption. That finding inverts the common assumption that governance is friction slowing down deployment.
The audit challenge is real: 84% of organisations doubt their current ability to properly audit AI agents (KPMG Singapore and IIA Singapore, “The Agentic Opportunity”, May 2026). The revenue case for fixing this is equally clear. Organisations with fully integrated AI are nearly four times more likely to report revenue growth than those still piloting, at 58% versus 15% (Grant Thornton 2026 AI Impact Survey). The boards getting this right aren’t treating governance as a compliance cost. They’re treating it as the infrastructure that enables confident scaling.
Three concrete differences separate boards that have done this from those that haven’t.
1. A named Chief AI Risk Officer or equivalent
Someone whose explicit job is bringing AI risk directly to the board, not filtering it through layers of management first. Most boards don’t have this role defined, which means they receive AI risk information that has been sanitized before they see it.
2. Tested AI incident response drills
Only 20% of organisations have a tested AI incident response plan (Grant Thornton 2026). Getting to 20% is the first practical move, not a stretch goal. An untested plan isn’t a plan. It’s a document.
3. AI risk as a standing board agenda item
With a named owner presenting at each meeting — not buried in operational updates, not surfaced only when a problem occurs.
Two practical tools worth knowing about. Singapore’s AI Verify toolkit from IMDA is free and open-source. Using it for material agent deployments creates a verifiable record that governance was applied. MAS Project MindForge’s publicly available Executive Handbook and Operationalisation Handbook give any board a practical starting structure, even if your organisation isn’t MAS-regulated.
For the business case context, the AI agents for business hub covers deployment patterns, ROI models, and use cases across industries.
How Long Does Singapore’s Voluntary AI Governance Window Remain Open?
By 2030, 15% of A1000 organisations will have faced lawsuits, substantial fines, and CIO dismissals because of high-profile disruptions stemming from inadequate controls and governance of AI agents (IDC Asia/Pacific CIO Agenda 2026). Singapore’s agentic AI framework is voluntary for non-financial institutions right now. That window has a clock on it, and the clock is already running.
MAS AIRG is already de facto mandatory for financial institutions, with formal finalisation expected mid-2026 and a 12-month transition period. Boards of regulated entities cannot treat this as optional reading. The governance framework must be board-approved, AI risk appetite must be formally set, and integration into the three-lines-of-defense model must be documented.
Vietnam’s binding AI law (No. 134/2025) took effect March 2026 and is the first binding AI legislation in Southeast Asia (Pertama Partners). For any organisation with regional operations spanning ASEAN, this signals where the regulatory environment is heading. Singapore’s voluntary framework is the vanguard, not the outlier.
How should a board think about timing? Consider this: 78% of business executives lack strong confidence they could pass an independent AI governance audit within 90 days (Grant Thornton 2026). The voluntary period is the window to close that gap. Governance built now is absorbed as operating cost. Governance retrofitted after a public failure, a regulatory enforcement action, or a client contract dispute is absorbed as crisis cost, and the crisis cost includes the reputational dimension that doesn’t appear on a balance sheet.
Governance isn’t friction. It’s the infrastructure that lets you deploy agents at scale without stopping to manually review every action. Organisations building it now move faster and with more confidence. Organisations that skip it are borrowing time.
Citation capsule
IDC projects that by 2030, 15% of A1000 organisations will face lawsuits, substantial fines, and CIO dismissals from inadequate AI agent governance. Vietnam’s binding AI law (No. 134/2025), the first in Southeast Asia, took effect March 2026. Singapore’s agentic AI MGF remains voluntary for non-financial institutions, but MAS AIRG for regulated financial institutions is already de facto mandatory. (IDC Asia/Pacific CIO Agenda 2026; Pertama Partners)
Thinking through how this applies to your organisation? I’m happy to have a conversation. Get in touch via the contact form.
What Should Your Board Ask Before the Next AI Agent Deployment?
If your governance framework is working, these six questions should have documented answers before any agentic AI deployment goes live.
- What actions can this agent take without human approval? This maps directly to the classification table above. If you can’t answer it precisely, the agent’s scope hasn’t been defined.
- Who is the named accountable person at each action tier? A tier without a named person is an unowned tier.
- What personal data does this agent access, and has PDPA compliance been confirmed in writing? Not assumed. Confirmed.
- What is the incident response plan if the agent acts incorrectly — and has it been tested? An untested plan isn’t a plan. It’s a document.
- How will the agent be monitored after deployment, and who receives those reports? Monitoring that no one reads isn’t monitoring.
- What is the shutdown procedure, and who has the authority to trigger it? How quickly can the agent be taken offline if something goes wrong?
If your board can’t answer all six before a deployment proceeds, that isn’t a technology gap. It’s a governance gap. Every one of these questions can be resolved with policy decisions, not engineering work.
I write about AI governance and agentic AI strategy for operators and board members across Southeast Asia. If this was useful, subscribe for the next piece.
Frequently Asked Questions
Is Singapore's agentic AI governance framework legally binding?
The Model AI Governance Framework for Agentic AI (January 2026) is currently voluntary for non-financial institutions. The PDPA, however, is binding and creates accountability obligations that sit underneath the MGF regardless of whether an organisation formally adopts it. For MAS-regulated entities, the AI Risk and Governance (AIRG) guidelines from November 2025 are treated as de facto mandatory and will be formalised in 2026 with a 12-month compliance window.
Who is liable for AI decisions made by an AI agent?
Under Singapore’s PDPA and the IMDA MGF, liability sits with the organisation that deployed the agent, not the AI system itself. AI cannot be held legally accountable. The named accountable person in your governance framework is liable for actions within their assigned tier. At board level, directors carry governance accountability for approving deployment without adequate oversight structures — the same standard applied to any other material operational risk.
What is the difference between governing AI tools and governing AI agents?
AI tools produce outputs that humans review before taking action. AI agents take actions as their primary function: they send emails, update records, process payments, and execute decisions without a human in the loop at each step. Governing tools means reviewing outputs after generation. Governing agents means pre-authorising the scope of permissible actions, assigning named accountability for outcomes at each consequence tier, and monitoring behaviour in real time after deployment.
What should a board ask before approving an agentic AI deployment?
Six questions: (1) What actions can this agent take without human approval? (2) Who is the named accountable person for each action tier? (3) What data does it access, and is PDPA compliance confirmed in writing? (4) What is the incident response plan if the agent acts incorrectly, and has it been tested? (5) How will it be monitored after deployment, and who receives those reports? (6) What is the shutdown procedure and who has authority to trigger it?
Who is responsible for AI governance in an organisation?
Singapore’s IMDA MGF assigns responsibility across developers, deployers, operators, and end-users. At board level, directors are responsible for approving the AI governance framework and setting AI risk appetite. The primary responsibility for day-to-day AI governance sits with a designated role, ideally a Chief AI Risk Officer or equivalent, whose job is bringing AI risk directly to the board without filtering. For MAS-regulated entities, this structure must be formally documented and integrated into the three-lines-of-defense model.
Does PDPA apply to AI agents that use third-party APIs?
Yes. If your AI agent processes personal data through a third-party API, whether Claude, ChatGPT, or any other vendor’s model, your organisation remains the accountable party under PDPA. You cannot transfer this accountability to the vendor through a data processing agreement. The organisation deploying the agent is responsible for consent, explainability on request, purpose limitation, and accountability. Vendor contracts should include explicit data handling terms, but those terms do not transfer PDPA accountability.
The Governance Shift That Actually Matters
The companies that move well with agentic AI won’t be the fastest to deploy. They’ll be the ones that built pre-authorisation structures before deployment instead of reviewing consequences after the fact.
Singapore’s MGF gives you the governance structure. PDPA gives it legal force. MAS AIRG shows you where mandatory requirements are heading, even if your organisation isn’t currently regulated. The agent action classification framework in this article gives you a practical place to start the board conversation.
Agents invert the oversight sequence. Boards that don’t adjust their governance model will find themselves overseeing consequences they can’t reverse, from a position that wasn’t designed for this operating model.
The organisations building governance now are moving faster, not slower. They’re deploying agents with defined scope, named accountability, and monitored behaviour, which means they’re deploying with confidence. That’s not a compliance advantage. It’s a competitive one.
For more on building board-ready AI governance frameworks, the Leadership and Governance hub has further resources.
