Who gets the blame?
The only question that separates governance theater from governance architecture. And why most enterprises are running the first.
TL;DR
The article makes five claims that matter.
Claim 1: 48% of organisations deployed AI without redesigning a single workflow or role.
Claim 2: Enterprise research measures adoption and maturity, not who gets the blame when something fails.
Claim 3: A federal court already ruled that AI agent liability lands on the deployer, alone.
Claim 4: Colorado enforces now. EU AI Act transparency obligations land 2 August 2026. The regulator wants a name, not a framework.
Claim 5: The fix can be as simple as one column - a named person, tied to a decision class, with a logged sign-off - missing from every framework currently on the market.
A friend of mine is deploying AI agents in production. Real agents, running in product design workflows, delivering 5 to 7 times faster cycle times on specific process steps. His DPO and CAIO drew hard lines: HR data, customer data, commercial decisions - none of it touched by AI. Quality architecture in place: self-checking frameworks, output perimeters, reliability tests. By every standard measure, they are doing this right.
I asked one question.
Who gets the blame when it fails?
The answer I got was a very detailed description of the quality architecture. And why it won’t fail.
I still don’t have an answer to that question. And I’m not alone. Deloitte just surveyed 3,700 leaders and neither do they.
48% of organisations introduced AI without redesigning workflows or roles.
Only 12% report redesign at scale with a new operating model behind it.
69% sit at the most conservative end of AI autonomy - none, or limited to low-risk reversible actions only.
All three findings come from the same report, published 2 June 2026.
The production layer that wasn’t built
Three months ago, I described the structural condition. The gap between "AI deployed" and "AI embedded in the operating model" has not closed.
Deloitte's January 2026 State of AI surveyed 3,235 leaders. It showed that education, not role redesign, was the primary organisational response to the AI skills gap. Six months later, the June pulse check shows the gap has not moved.
Most organisations have cleared the question of whether to use AI. Few have rebuilt anything around it.
That is the reality of today. Everything that follows is built on top of it.
The wrong friction keeps getting removed
There are three types of friction in any AI-driven decision process.
Cognitive friction is the mental drag before a decision. The pause, the review, the moment where a human thinks carefully before acting. Slow. Expensive. Often where bad decisions get caught.
Operational friction is the circuit-breaker architecture. Checklists, output perimeters, reliability tests, quality gates. My friend’s company has this. It is what their self-checking framework produces. When it works, errors do not escape into proposed decisions.
Accountability friction is different. It is the logging, the named sign-off, the documented role that makes a consequential decision traceable when it fails downstream. It answers the question that operational friction cannot:
Who authorized this agent’s scope, and who accepted this output as the basis for a decision that follows?
Consulting firms and system integrators spent thirty years removing the first two types. AI is now accelerating the removal of all three. Their response to the governance gap — "three gaps every leader should close," transformation playbooks, vendor governance features. All of it targets cognitive and operational friction almost exclusively. Every piece of it makes AI faster to deploy, easier to justify and simpler to measure on efficiency metrics.
Accountability friction requires naming who authorized the agent's scope and who signed off on its output. That question, a consulting firm will not ask in a pitch. And no vendor ships a feature that makes their customer's leadership team personally traceable to a failed downstream decision.
Enterprise research is designed to track adoption, autonomy and value realization. That is what boards ask for and what reports are built to show. A question like “which named role is accountable when this agent fails?” sits outside that design. It produces no maturity score, no benchmark quartile, no year-on-year progress metric. So it goes unmeasured across every major report in this space, Deloitte’s or any other.
Every major report in this space measures whether you are moving fast. None of them measure whether anyone can answer for where you actually land.
My friend's company would be considered as "highly prepared" on any of those reports. They have operational friction. Their CAIO drew hard lines. Agents are in production with real results. They still cannot answer who gets the blame.
Generation two, deployed on generation one’s unsolved problem
Autonomous agents are already in production in the companies paying attention. They execute across functional boundaries, touch external systems, and move at machine speed. Only 12% of organisations have reached the most mature state of AI autonomy , where AI runs end to end and humans audit outcomes rather than approve each step.
Only 1 in 5 had mature governance for autonomous agents as of January.
Six months later, 69% are still operating at the most conservative autonomy level with agents on a short leash, low-risk actions only.
The leap from there to full autonomy is a different class of problem entirely.
Generation-one governance was built for output quality.
Does the agent hallucinate?
Does it stay in scope?
Does a human review before it sends?
That architecture works when a human is still in the loop on every consequential step.
Generation-two agents skip that loop.
They act.
They access systems, trigger downstream processes, sometimes across organisations they were never formally authorized to enter.
The question is no longer “did the output look right?” It is “who said this agent could do that, in that system, under whose name?”
Most organisations have an answer to the first question. Almost none have an answer to the second.
Amazon v. Perplexity is what happens when that gap meets a court. Perplexity's Comet agent accessed Amazon accounts, scraped data, placed purchases. The users had consented. The Amazon platform had not. A federal court ruled that Perplexity's continued access after Amazon's revocation notice breached the Computer Fraud and Abuse Act. Perplexity built it, deployed it, and took the liability. A May 2026 Jones Day analysis confirmed the precedent now extends to any enterprise agent fleet operating the same way.
Colorado's AI Act entered enforcement this month. EU AI Act transparency obligations land 2 August 2026. The regulator has no stake in the transformation narrative sold by consulting firms. They ask the same question I asked my friend. And unlike my friend, they require a documented answer.
Three gaps in my previous articles
The last mile is where enterprise AI actually dies diagnosed that Production Layer is missing.
How to build a missing AI Production Layer gave the framework: control plane, decision inventory, friction classification, redeployment pillar.
The Friction Factories explained why consulting archetypes remove the wrong friction.
Three things remain unsaid across all of it.
The accountability column .
The Production Layer framework names processes and committees.
It stops one column short of what a regulator will ask for: which person authorized this agent to act, and which person signed off before that action became a decision.
I did not add that column earlier. Neither did any vendor governance feature or consulting deliverable I have seen. Here’s what it should look like:
The generational skip.
The governance conversation is still treating autonomous agents as faster copilots.
A copilot drafts. An agent acts in systems, across boundaries, under someone's name.
The accountability question that never mattered for a copilot becomes the only question that matters for an agent. Most companies deploying generation-two agents are doing it with generation-one thinking and generation-zero answerability.
The measurement blind spot.
Enterprise research tracks adoption, maturity and value realization. Those are the right questions for a board update.
They are the wrong questions for a regulator. Progress gets measured. Blame does not. That gap is not in any single report, yet it is in what the whole area of research was built to find.
What can be done
The organisation carries the liability. Colorado, the EU AI Act, and the Comet ruling all say the same thing:
When an agent makes a consequential decision and something goes wrong, the question lands on the company that deployed it.
The question is whether anyone inside that company can actually answer it.
If you have the Production Layer decision inventory, open it. Add one column: Accountable role.
A person - named, communicated, listed somewhere a regulator can find.
Most companies already have sign-off processes for big strategic choices. This is different. Those processes cover human decisions. This column covers decisions an agent contributed to - what it was authorized to do, in which systems, and who formally accepted its output before it became action. That acceptance needs to be logged. Meaning anyone in the workflow can find it without a compliance treasure hunt.
Three things make that role real rather than decorative:
Tied to the decision, not the agent.
The agent will change. The model will be swapped, the vendor replaced, the workflow redesigned. The accountable role stays fixed to the decision class - hiring, pricing, compliance freeze, shift allocation. Govern the decision and every agent that touches it falls inside the same boundary automatically.
Signed, not simply watched.
Oversight that reviews but never formally accepts is useful for audits. It answers nothing when a regulator asks who authorized this. Sign-off means one named person formally accepted the agent’s output as the basis for a consequential action. So that moment is in the log.
Known, not filed.
Everyone whose work feeds into or depends on that decision knows who holds sign-off. A “Decision Register buried in a compliance document” and a “Decision Register everyone can name” need identical paperwork. But they produce entirely different outcomes the moment something goes wrong.
My friend’s quality architecture will catch the AI agent’s next error. The Decision Register will answer for it. If they build one.
What to watch
By 2 August 2026 EU AI Act transparency deadline
Pick three companies in your network that claim strong AI governance.
Ask each one:
For your most consequential deployed agent, name the person accountable for a downstream error and show me the log entry.
If none of the three can answer within two business days without pointing at a committee or a framework document - the architecture is missing, regardless of their maturity score.
By Q3 2026 - the Comet extension:
The Amazon v. Perplexity ruling gets cited in at least one case against an enterprise deployer for accessing a third-party system without authorisation.
If it does, every general counsel in the market starts asking the accountability question before the year is out.
By end of Q3 2026 - the redeployment signal:
Challenger, Gray & Christmas data shows whether AI governance and oversight roles are growing alongside the AI-attributed layoffs announced weekly.
If governance headcount grows with the reallocation, the architecture is being built.
If it stays flat, it is being defunded at the exact moment enforcement starts.
The quality architecture will catch the errors. The accountability architecture will answer for them.
My final ask
These Signals come from conversations I have with executives every week. Just written down.
If this one named something you have been circling without landing on — forward it to the person in your organisation who is closest to a one-way agent deployment decision. They need to read it before they make it.
And if you want to support the work directly:
The accountability column is the right instinct, but it assumes organisations understand what they're actually accountable for. Most don't — yet.
The liability question isn't theoretical. Every output an AI system produces, every action an agent takes, every decision a model influences — the deploying organisation owns the consequence. Right now, most are pointing down the supply chain. The model provider. The integrator. The vendor whose API sits underneath it. But that chain doesn't distribute liability; it obscures it. The deployer is still the deployer.
Legislation will force this into focus, and the precedent is already set in an adjacent space. The UK Automated Vehicles Act places full responsibility on the motor insurer and the manufacturer when an automated vehicle causes harm — not the road, not the sensor supplier, not the algorithm. The same logic will travel. Once legislators and courts start applying it to AI agents and decision systems, the organisations currently pointing downward will find the accountability column they didn't build has been built for them, and the name in it is theirs.
The column you're proposing is governance architecture. It works when the named person had genuine input at the design stage. In most deployments, governance is retrofitted after launch — which means the accountability is real but the authority wasn't. That gap is where the next wave of liability cases will be made.
The problem I see, is: Nobody can take this responsibility, because it is like a black box what all the agents did. No human can really understand what happened between A and B. My philosophy is, to not let agents be fully autonomous in their decisions, but bound them very tight into a closed-world vocabulary with very limited choices of actions and where they can only read, write, research.