TL;DR: KYC and KYE verify customers and employees at entry, but autonomous AI agents act at execution time, which leaves a governance gap, according to 1Kosmos. The key problem is not registration, but proving human accountability at the moment an agent takes a consequential action.
NHIMG editorial — based on content published by 1Kosmos: From customers to employees to agents, the path to KYA
By the numbers:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%).
Questions worth separating out
Q: How should security teams govern autonomous agents that can act without human approval?
A: Security teams should govern autonomous agents with runtime authorisation, not just onboarding checks.
Q: Why do KYC and KYE controls fall short for AI agents?
A: KYC and KYE verify identity at entry, but AI agents create risk at execution time.
Q: What breaks when organisations reuse workforce identity processes for AI agents?
A: Workforce identity processes assume a human employee whose authority can be tied to hiring, employment and access review cycles.
Practitioner guidance
- Map consequential agent actions to runtime approval thresholds Separate routine actions from actions that can change data, systems or funds, and require real-time human approval before those actions reach the tool layer.
- Treat agent identity as its own lifecycle object Assign ownership, scope, review cadence and revocation rules to each agent, including what happens when the developer leaves, the use case changes, or the agent is retired.
- Bind agent actions to verifiable human authority Ensure every high-risk tool call can be traced back to a named human approver and a current policy decision, not just a valid registration record.
What's in the full article
1Kosmos's full article covers the operational detail this post intentionally leaves for the source:
- The full KYC, KYE and KYA framework comparison with the identity verification questions each one answers.
- The runtime authorisation model for distinguishing routine agent actions from consequential ones.
- The practical examples of how policy thresholds change when agents act at machine speed.
- The article's view of where human approval should sit in the execution chain.
👉 Read 1Kosmos's analysis of KYC, KYE and KYA for AI agent governance →
KYC to KYA: why agent identity needs execution-time governance?
Explore further
KYC and KYE were designed for actors whose trust could be established before execution. That assumption fails when the actor is autonomous because the consequential decision is made at runtime, not at registration. The implication is that identity governance must stop treating earlier verification as durable proof of authority. The article correctly shows that autonomous software changes the timing of control, not just the identity subject. That is why runtime accountability becomes the real governance boundary for agentic systems. Practitioners should stop assuming that pre-approved credentials fully answer the authorisation question.
A few things that frame the scale:
- 92% agree governing AI agents is critical to enterprise security, yet only 44% have implemented any policies to do so, according to AI Agents: The New Attack Surface report.
- Only 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, sharing sensitive data and revealing credentials, according to AI Agents: The New Attack Surface report.
A question worth separating out:
Q: Who should be accountable when an AI agent takes a high-risk action?
A: Accountability should rest with the verified human authoriser and the organisation operating the agent, not with the agent itself as a standalone trust object. The control goal is to ensure every consequential action can be traced to a current policy decision and a named approver before execution completes.
👉 Read our full editorial: KYC to KYA shows why agent identity needs runtime checks