Ethics and risk management

- While AI technology has advanced rapidly, the implementation of AI agents represents a new frontier of risks. Unlike traditional AI systems that operate under constant human supervision, AI agents can act independently, making decisions and taking actions with limited oversight. This autonomy creates unprecedented challenges for ethics and risk management. Consider what happened to Air Canada in 2024. Their customer service chatbots began providing information about bereavement fares that were far more generous than Air Canada's actual policy. When customers tried to claim these fares, Air Canada attempted to deny them, arguing that the chatbot statements were not binding. They lost their argument in court, with the tribunal ruling that the company was responsible for their AI agent promises. So what makes agentic AI different from traditional AI? Three characteristics elevate the risk profile. First, modern AI agent interpret and act on high level, often vague goals. Second, they can interact with the world in unprecedented ways, accessing databases, sending emails, and controlling physical systems. Third, this agent operate indefinitely without direct supervision, continuing to execute their programmed objectives long after conditions have changed. To build effective safeguards, you need to develop a comprehensive approach across multiple dimensions. Transaction management safeguards includes implementing clear limits on what agents can commit to, establishing multiple approval layers for significant transactions, creating realtime monitoring systems to detect unusual patterns and maintaining audit trails for all agent actions. Ethical guidelines and compliance involves embedding ethical constraints directly into agent decision-making processes, conducting regular ethical audit of agent behavior, creating mechanisms for stakeholders to challenge agent decisions and ensuring transparency in agent decision-making. Safety controls are critical, especially for agents controlling physical systems. These includes emergency shutdown down procedures, regular safety checks, redundant monitoring systems, and clear chains of responsibility for oversight. Privacy protection has become increasingly important as agents handle sensitive data. Essential protections include strict data access control, regular privacy impact assessment, clear data retention policies and mechanisms for handling personal data requests. Who bears responsibility when an agent causes harm? The legal consensus is emerging that organizations deploying AI agents bear ultimate responsibility for their actions. This makes it imperative to implement strong governance frameworks where human oversight remains at critical decision points. For leaders, this means developing new capabilities, understanding technical safeguards, creating ethical frameworks specific for your organization, and building governance structures that balance innovation with control. Remember, the goal is not to eliminate all the risks. That is not possible. Instead, aim to create systems that can fail safely and learn from their mistakes, just as we do. In the agentic AI era, your competitive advantage will not come from just what your AI agents can do, but from how responsibly you deploy them.