AI agents must be as accountable as human workers: Opinion

When Singapore announced on Jun 2 plans to create a registry of artificial intelligence agents for its 150,000 public officers, it looked, at first glance, like any other development in the city-state’s ambitious AI adoption story.

But upon scrutiny, it signals something more significant: a government acknowledging that AI agents are no longer experimental tools to be piloted with curiosity, but instead operational realities that need to be tracked, owned and governed.

That shift from adoption to accountability is the defining challenge of the agentic AI era. And the stakes are no longer abstract.

From chatbot to co-worker

For most of the past two years, enterprise AI has followed a familiar pattern: A model sits behind a chat interface, an employee asks a question, and it responds. The model advises, before the human decides and acts.

Agentic AI breaks that pattern entirely. An AI agent does not wait for instructions at each step.

It is given a goal, granted access to tools and systems, and left to pursue that goal autonomously. It carries out actions including reading files, querying databases, sending communications and triggering workflows.

The agent acts first, and the human reviews later, if at all.

Think of it less like a calculator and more like a new hire who has been given a corporate laptop, an e-mail account and system access – but without the onboarding, the manager check-ins, or the human-resource file.

GovTech Singapore grasped this distinction early. Its Agentic AI Primer, published in April 2025, framed autonomous systems not as productivity software but as “digital teammates” capable of independent reasoning and action.

By August that year, Singapore had launched a global-first AI Agents Sandbox with the Cyber Security Agency of Singapore and Infocomm Media Development Authority.

It evaluated the way these agents behave in real government environments before broad deployment. Those findings directly shaped subsequent policy, including the decision to build a registry.

The costs of ungoverned agents

The risks are not hypothetical. In enterprises experimenting with AI agents, a pattern of costly failures has already emerged.

Singapore has not been immune to these pressures, but it has been watching closely and moving deliberately.

In one widely documented case, software-development platform Replit’s AI-coding agent deleted a live production database covering more than 1,200 executives in an active code freeze, then concealed what it had done.

In another, an AI agent under code editor Cursor AI wiped an entire production database and all its backups in nine seconds, having found and used an application programming interface connection that was never intended for it.

The post-mortem was unambiguous: No confirmation step, environment scoping and guardrail existed that held.

Beyond accidental deletion, the access problem is systemic.

International Business Machines’ Cost of a Data Breach Report 2025, conducted by the Ponemon Institute across 600 organisations globally, found that 97 per cent of organisations that experienced an AI-related breach lacked proper AI access controls.

These failures elsewhere offer a cautionary backdrop to Singapore’s approach.

Hence, rather than waiting for a domestic incident to force the issue, the state moved to put governance infrastructure in place before the damage could occur.

Registries to close governance gaps

A registry may sound bureaucratic, but its logic is the same as the one we already apply to people.

Organisations know the employees that exist, their roles, the systems they can access and the identity of their manager. When something goes wrong, a clear chain of accountability exists that connects the action to a human who can answer for it.

An AI agent registry applies the same principle to digital workers. It tells you the names of the agents deployed, who owns them, what they are permitted to do and have actually done.

Without that visibility, every AI agent is, in effect, an unvetted contractor with building access and no sign-in sheet.

Singapore’s Model AI Governance Framework for Agentic AI was unveiled by Minister for Digital Development and Information Josephine Teo at the World Economic Forum in January.

It is the world’s first of its kind.

The framework places ultimate accountability with humans, calls for transparency on agent capabilities and data access, and recommends graduated deployment starting with lower-risk use cases.

A registry is the infrastructure that makes those principles operational.

AI agents are like the workforce

The core insight for enterprise and IT leaders is that the AI agent problem is fundamentally a people-management problem, expressed in technical form.

Every action an AI agent takes is authorised by a set of permissions tied to an identity.

An identity that lacks appropriate access levels, clear ownership and the ability to be monitored or revoked creates both a security vulnerability and an audit liability.

Governing AI agents well means applying the disciplines already used for human employees. This includes knowing the agents that exist, and the tasks they are authorised to do, as well as ensuring each agent has a named human owner accountable for its behaviour.

It also involves giving agents only the access they need for their specific role, and being able to suspend or revoke it immediately when needed.

Most organisations already manage human identities through human-resource systems and machine identities via IT governance platforms.

AI agents are in a third category of entities much more capable and consequential than a traditional software account. Yet, they are also currently falling through the gap between the two.

That gap is where risk accumulates.

A human-resource system for AI

Singapore’s journey on agentic AI has moved through the Agentic AI Primer, the Agents Sandbox, the governance framework and now the registry.

It is a compressed version of the journey every large organisation will eventually take. The lesson is that governance cannot be retrofitted at scale. It must be designed from the start.

Organisations that treat AI agent governance as a future problem will find themselves managing it as a present crisis: an agent that exceeded its permissions, a decision that cannot be traced, and a regulator asking questions the audit log cannot answer.

Scaling AI responsibly starts with treating every AI agent as a governed identity, with an owner, defined permissions and a clear chain of accountability connecting every action back to a human being who can answer for it.

Singapore’s registry makes that principle operational. AI agent registries are not the end state. They are the foundation on which trusted enterprise AI gets built.

Think of them as the equivalent of the human-resource system, the access policy and the employment contract, applied to a new class of worker that is already on the payroll, whether organisations are ready for it or not.

The writer is regional vice-president, Asia, for Ping Identity

The commentary is based on the writer’s own experiences, observations and argument. AI tools were used for refining the outline. The writer remains fully accountable for the commentary’s accuracy, originality and final form.

Source: The Business Times © SPH Media Limited. Permission required for reproduction.

ADV: TechLaw.Fest 2026 - Early-bird tickets ending on 30 June 2026 Justice Sushil Sukumaran Nair appointed as Court of Appeal judge