Multi-Agent Systems: Architecture and Governance

The age of multi-agent AI governance has arrived. Nobody is ready.

When Agents Talk to Agents, Who Governs the Conversation?

Gartner documented a 1,445% surge in multi-agent system inquiries from Q1 2024 to Q2 2025. That is not a trend. It is a tidal wave. And the executive conversation has not caught up. Most governance discussions still treat agents as if they operate in isolation — one agent, one task, one accountability chain. The reality in production today is fundamentally different.

McKinsey has deployed 25,000 AI agents alongside 40,000 human employees, saving 1.5 million hours in a single year. C.H. Robinson runs 30+ agents processing over 3 million tasks across the shipment lifecycle. Salesforce projects 327% agent adoption growth over the next two years. Gartner predicts 40% of enterprise applications will embed AI agents by the end of 2026, up from less than 5% in 2025. Multi-agent AI governance is no longer a future problem. It is a present-tense emergency that most executive teams have not yet recognized as distinct from single-agent governance.

The shift from single agents to multi-agent systems is not incremental. It is architectural. When one AI agent delegates tasks to another, when agents negotiate with agents, when a chain of five or more agents transforms a human instruction into an automated decision — the governance challenge changes categorically. Single-agent governance asks: "Is this agent doing the right thing?" Multi-agent governance asks: "Is this system of agents producing outcomes no individual agent intended, and can anyone trace how we got here?"

The answer, based on the research assembled in this article, is alarming. A single compromised agent corrupted 87% of downstream decision-making within 4 hours in simulated systems. Studies documenting 1,642 execution traces across production multi-agent systems found failure rates ranging from 41% to 86.7%. Unstructured multi-agent networks amplify errors up to 17.2x compared to single-agent baselines. And the OWASP Agentic AI Top 10, published in December 2025 by over 100 security researchers, now classifies cascading failures — ASI08 — as a distinct critical threat category.

Nobody has written the executive governance guide for multi-agent AI systems. The existing content landscape is roughly 80% developer-focused framework comparisons, 15% vendor marketing, and 5% governance-adjacent material that treats agents as if they operate in isolation. The executive who must decide whether to deploy multi-agent systems, how to govern agent-to-agent interactions, and what organizational structures to build around them — that executive has had almost zero tailored content.

This article fills that gap. It provides the four architecture patterns every executive must understand, the cascade risk that makes multi-agent fundamentally different from single-agent, a novel concept — Delegation Chain Decay — that quantifies how intent degrades across agent handoffs, an honest assessment of where governance frameworks stand today, and a set of seven operational principles for governing multi-agent systems. It builds directly on the Delegation Deficit framework from article A6 and the A7 Readiness Framework.

Four Ways to Organize Multi-Agent Systems — And Their Governance Costs

Before you can govern a multi-agent system, you need to understand how it is structured. Research from Google, Microsoft, and independent practitioners has converged on four fundamental architecture patterns for multi-agent systems. Each pattern carries different governance implications, different failure modes, and different readiness requirements. The pattern you choose — or the pattern that emerges without your choosing — determines the governance challenge you face.

Pattern 1: Hierarchical (Supervisor/Worker)

One orchestrator agent owns the overall goal and delegates specific tasks to specialist worker agents. Think of it as a team lead managing a group of specialists. A financial analysis pipeline might have a supervisor agent that receives a request, delegates research to a data agent, analysis to a modeling agent, compliance checks to a governance agent, and synthesizes the final output. This is the pattern that Microsoft's Agent Framework and Databricks' multi-agent supervisor architecture recommend as the enterprise starting point.

Governance fit: HIGH. Clear accountability chain — the supervisor is the single point of responsibility. Natural fit for enterprise reporting structures. Easiest to map RACI to. Easiest to audit. Requires A7 readiness Level 2+. The weakness: the supervisor is a single point of failure, and the bottleneck at the orchestration layer can limit throughput.

Pattern 2: Peer-to-Peer (Collaborative)

Agents communicate directly with each other without a central coordinator. Each agent can initiate conversations, delegate tasks, and negotiate with peers. Think of a committee where the marketing agent, sales agent, and product agent directly collaborate on a go-to-market strategy, each contributing domain expertise. Google's A2A protocol enables exactly this kind of cross-agent interoperability.

Governance fit: LOW-MEDIUM. Resilient — no single point of failure. But significantly harder to audit. Potential for circular delegation. Difficult to trace decision provenance. When three agents negotiate a decision, who approved it? The accountability chain is inherently ambiguous. Requires A7 readiness Level 3+. If your governance isn't ready for hierarchical, it is not ready for peer-to-peer.

Pattern 3: Market-Based (Competitive/Auction)

Agents bid on tasks based on their capabilities and availability. A marketplace mechanism allocates work to the most suitable agent. Google's Agent Cards in the A2A protocol enable exactly this: agents advertise their capabilities and are dynamically composed into workflows. Think of a customer service system where incoming queries are auctioned to the most qualified agent — returns specialist, billing specialist, technical support — with dynamic load balancing.

Governance fit: MEDIUM. Clear allocation logic, and natural quality competition drives performance. But complex incentive design creates risk of gaming. Agents that optimize for winning bids rather than delivering quality can emerge without explicit programming. Emergent behaviors are harder to predict and harder to audit. Requires A7 readiness Level 3+.

Pattern 4: Swarm (Emergent)

Large numbers of simple agents follow local rules that produce emergent global behavior. No central control — intelligence arises from the collective. Think of an ant colony, or a fraud detection network where thousands of micro-agents each monitor a specific transaction pattern and the collective identifies complex fraud schemes no single agent could detect. OpenAI's Agents SDK evolved from their educational Swarm framework into production-ready tooling for exactly these patterns.

Governance fit: VERY LOW. Extremely difficult to predict, audit, or govern. Emergent behaviors may be undesirable. Requires system-level monitoring rather than agent-level oversight. Requires A7 readiness Level 4+. Most enterprises should not attempt swarm patterns until they have mastered hierarchical governance. The academic research confirms this: a collection of safe agents does not imply a safe collection of agents.

87% Corruption in 4 Hours: The Cascade Failure Nobody Plans For

The defining risk of multi-agent systems is not that individual agents fail. It is that failures propagate. In single-agent systems, an error produces a bad output. In multi-agent systems, one agent's output becomes the next agent's instruction — and a single corrupted decision cascades through the entire network at machine speed.

The numbers are stark. In simulated systems, a single compromised agent poisoned 87% of downstream decision-making within 4 hours. Not 87% of the compromised agent's decisions. 87% of every subsequent agent's decisions. The corruption traveled through the network like a contagion, each agent trusting the output of the previous agent as valid input, each agent compounding the error, until the majority of the system's decisions bore no relationship to the original intent.

This is not a theoretical edge case. Studies documenting 1,642 execution traces across production multi-agent systems found failure rates ranging from 41% to 86.7%. The failure taxonomy breaks down as: specification failures at approximately 42% (agents don't understand what they're supposed to do), coordination breakdowns at 37% (agents can't work together effectively), and verification gaps at 21% (no system checks whether agents did it right). Unstructured multi-agent networks amplify errors up to 17.2x compared to single-agent baselines.

The OWASP Agentic AI Top 10 classifies cascading failures as ASI08 — a distinct and critical threat category. The attack chain works as follows: an attacker manipulates an agent responsible for pulling financial data (or the agent hallucinates or malfunctions). That agent passes corrupted data to another agent that generates reports. The flawed reports generate incorrect instructions for an agent that executes trades or payments. A localized incident escalates into a significant data breach or financial loss in minutes, without any direct human intervention or oversight.

Unlike traditional software failures that occur and complete, agentic AI errors contaminate future reasoning cycles, turning transient errors into permanent behavioral drift and long-term cascading failures. The error does not just propagate laterally across agents. It persists temporally — corrupted shared memory means that even after the original compromised agent is fixed, subsequent agents continue operating on poisoned context.

The OWASP analysis identifies 6 of its 10 threats (ASI01, ASI03, ASI06, ASI07, ASI08, ASI10) as exponentially more dangerous in multi-agent systems than in single-agent deployments. Multi-agent governance is not an extension of single-agent governance. It is a fundamentally different problem.

The mitigation requires three independent layers operating simultaneously. First: architectural isolation — agent boundaries, sandboxed execution, and circuit breakers that prevent any single agent's failure from reaching more than its immediate neighbors. Second: runtime verification — independent policy engines that validate agent actions before execution, not after. Third: deep observability — tracing of inter-agent communication in real time to detect cascade in progress. All three layers are required. Any single layer alone is insufficient.

“In multi-agent systems, the blast radius of a single failure is the entire system.”

The enterprise case studies confirm this at scale. C.H. Robinson's 30+ agents process 37 million shipments annually — over 100,000 per day — powered by over 100 trillion proprietary data points. Wrong freight classification means customs delays. Wrong routing means spoiled goods. The stakes of cascade failure in a logistics multi-agent system are measured in perishable inventory, customer contracts, and regulatory compliance. McKinsey's experience with 25,000 agents produced six lessons, the most critical being: governance must scale with the fleet.

The Delegation Deficit × Agents: Intent Decay at Every Handoff

Delegation Chain Decay — a new concept for a new risk

In the A6 article on accountability, I introduced the Delegation Deficit — the measurable gap between the authority we grant AI agents and the accountability structures we have for their decisions. Multi-agent systems do not just widen the Delegation Deficit. They create an entirely new dynamic: Delegation Chain Decay.

Delegation Chain Decay is the principle that each agent-to-agent handoff in a delegation chain degrades the fidelity of the original human intent. When a human delegates to Agent A, Agent A interprets the scope. When Agent A delegates to Agent B, Agent B receives Agent A's interpretation of the scope — not the original human intent. When Agent B delegates to Agent C, the drift compounds again. Each handoff introduces interpretation loss, context loss, and scope drift.

The math is straightforward. If each agent preserves 90% of the delegator's intent — a generous assumption for current systems — a five-agent chain preserves only 59% of the original human instruction. At ten agents, it drops to 35%. This is the telephone game, but played at machine speed with consequential decisions. The final executing agent may be operating on instructions that bear little resemblance to what the human actually asked for.

The opacity compounds in parallel. If each agent is 80% explainable — meaning you can reconstruct 80% of its reasoning — a five-agent chain is only 33% explainable (0.8 to the fifth power). At ten agents, the chain is 10.7% explainable. The accountability question "why did this happen?" becomes structurally unanswerable, not because anyone is hiding information, but because the chain of reasoning has degraded beyond reconstruction.

This is why the California Management Review framework on AI agents is so important. Jarrahi and Ritala reframe AI agents through principal-agent theory: the principal (human) hires an agent (AI) to act on their behalf. Problems arise when three conditions exist: information asymmetry, incentive misalignment, and moral hazard. In multi-agent systems, all three conditions compound at every handoff. The principal loses visibility. The agents optimize for local objectives rather than the original goal. And the risk of each agent's actions is borne by the human who can no longer see what is happening.

The governance implication is direct: every agent-to-agent delegation must include explicit scope boundaries, and the system must verify at each handoff that the delegated task falls within the original human authorization. This is the "delegation governance layer" that most multi-agent architectures lack entirely. The O'Reilly Radar analysis puts it precisely: A2A and ACP are so effective at eliminating integration friction that they have removed the natural "brakes" that used to force governance conversations.

Cross-reference the Delegation Deficit framework (A6) for the foundational accountability analysis, the A7 Readiness Framework for the readiness requirements that must be met before multi-agent deployment, and the Five Levels of AI Autonomy (A8) for the autonomy spectrum that determines which delegation depth is appropriate for your governance maturity.

Three Governance Frameworks — None Built for Multi-Agent

The governance landscape for multi-agent systems is defined by a single uncomfortable truth: the frameworks are trailing the technology by 12-18 months. The three most relevant governance frameworks — NIST AI RMF, the EU AI Act, and Singapore's IMDA Framework — each contribute important structural foundations. None of them was designed for the specific challenge of governing agent-to-agent interactions in production multi-agent systems.

NIST AI Risk Management Framework

NIST AI RMF provides the most comprehensive risk management vocabulary for AI systems, organized around four core functions: Govern, Map, Measure, Manage. The Berkeley CLTC Agentic AI Risk Profile extends NIST for agentic systems. But the framework was designed for single models and single systems, not for networks of agents that delegate to each other, share state, and create emergent behaviors. The NIST AI Agent Standards Initiative launched in February 2026 acknowledges this gap, but finalized standards are not expected before 2027. The cross-reference with our NIST Practitioner's Guide and AskAjay Crosswalk provides the bridge between NIST's current framework and what multi-agent governance actually requires.

EU AI Act

The EU AI Act classifies AI systems into risk tiers and imposes requirements based on classification. It becomes fully applicable in August 2026. But the Act classifies systems, not interactions between systems. A hierarchical multi-agent pipeline might consist of a low-risk data retrieval agent, a high-risk decision-making agent, and a medium-risk communication agent. The Act provides no mechanism for governing the interactions between these agents, the cascade risks that emerge from their combination, or the accountability question when the system's emergent behavior causes harm that no individual agent's classification predicted.

Singapore IMDA Framework

Singapore's IMDA launched the Model AI Governance Framework for Agentic AI at the World Economic Forum in January 2026 — the first national governance framework specifically designed for agentic AI. Its four dimensions (risk bounding, human accountability, technical controls, and end-user responsibility) come closest to addressing multi-agent governance. The framework explicitly addresses scenarios where multiple agents are set up to work together and provides guidance on inter-agent governance. But it is voluntary, first-generation, and still being tested against production systems. It is the best starting point available. It is not a complete solution.

The timing gap is the core problem. Gartner predicts 40% of enterprise applications will embed AI agents by end of 2026. NIST's agent standards won't finalize until 2027. Only 21% of organizations have mature governance for agentic systems. And 65% of leaders cite agentic system complexity as their top barrier for two consecutive quarters. The organizations deploying multi-agent systems today are doing so without a governance standard that addresses their specific risks.

Seven Principles for Governing Multi-Agent Systems

In the absence of established standards, organizations deploying multi-agent systems need an operational governance framework they can implement today. The following seven principles are synthesized from the OWASP Agentic AI analysis, the Singapore IMDA Framework, the NIST AI Agent Standards Initiative, production case studies from McKinsey and C.H. Robinson, and the AskAjay governance framework series. They are ordered by implementation priority.

1. 01 — Hierarchical First. Start with the orchestrator pattern before attempting peer-to-peer, market-based, or swarm architectures. Hierarchical provides a clear accountability chain, a single point for audit, and natural alignment with existing organizational governance. Microsoft's Agent Framework and Databricks' multi-agent supervisor architecture both recommend this as the enterprise starting point. Evolve to more complex patterns only after achieving A7 Level 3+ governance maturity.
2. 02 — Intent Preservation. Every agent in the chain must log three things: what it was asked to do, what it interpreted the task to be, and what it actually did. This creates the traceability required to detect Delegation Chain Decay. If the gap between "asked" and "interpreted" exceeds a defined threshold at any handoff, the system should flag for human review. This is the mechanism that prevents the telephone game from corrupting your decisions.
3. 03 — Blast Radius Containment. Agents must have scope limits, not just task limits. A task limit says "this agent can only process refunds." A scope limit says "this agent can only affect orders under $500, in the North American region, from the last 30 days." Scope limits bound the blast radius — the maximum damage a compromised or malfunctioning agent can cause. The OWASP ASI08 analysis confirms: without architectural isolation, a single agent's failure can reach the entire system within hours.
4. 04 — Circuit Breakers. Automatic halt mechanisms that trigger when cascade patterns are detected. If Agent B's output quality drops below a threshold after receiving input from Agent A, the circuit breaker isolates Agent A and routes traffic through a fallback path. This is the same pattern that protects electrical grids and financial markets — applied to agent networks. The Cloud Security Alliance recommends centralized policy enforcement across agents as the execution governance layer.
5. 05 — Human Checkpoints. Define which decisions require human review — not all, but the consequential ones. The Singapore IMDA Framework calls these "significant checkpoints requiring human approval." The key is specificity: not "humans review important decisions" but "any agent action that exceeds $10,000, affects customer data for more than 100 users, or modifies production infrastructure requires human sign-off within the next agent cycle." The risk-tiered approach maps directly: Tier 1 (information retrieval) gets periodic review, Tier 2 (reversible actions) gets real-time guardrails, Tier 3 (irreversible actions) gets human-in-the-loop.
6. 06 — Audit Trail Depth. Full chain audit from human instruction to final outcome: human → Agent 1 → Agent 2 → ... → outcome. Every link must capture: the initiating request, the agent's interpretation, each decision point, policy evaluation outcomes, identity context and delegation lineage, and decision timestamps. The enterprise observability stack is converging on OpenTelemetry (OTEL) as the standard for collecting agent telemetry, preventing vendor lock-in. Every AI agent must function as a distinct non-human identity with lifecycle governance, scoped permissions, and verifiable authentication.
7. 07 — Graceful Degradation. If the multi-agent system fails, fall back to single-agent operation. If the single agent fails, fall back to human operation. This layered fallback ensures continuity and prevents the "all or nothing" failure mode that characterizes most current multi-agent deployments. McKinsey's six lessons from one year of agentic AI confirm: operating model change is the hardest part. Graceful degradation means the operating model works at every level of the stack, not just when everything is running perfectly.

The sequence matters. Principle 1 (hierarchical first) establishes the architectural foundation that makes the other six principles implementable. You cannot build intent preservation without a clear delegation chain. You cannot set blast radius limits without knowing which agent owns which scope. You cannot deploy circuit breakers without understanding the network topology. The organizations that try to skip ahead — deploying swarm patterns with principle 7 (graceful degradation) as their only safety mechanism — are the ones that will appear in the next wave of AI failure case studies.

The protocols are catching up to support these principles. Anthropic's Model Context Protocol (MCP) standardizes how agents connect to tools and databases — the USB port for agents. Google's Agent-to-Agent Protocol (A2A), backed by 50+ partners, enables cross-vendor agent interoperability with Agent Cards for capability discovery. IBM's Agent Communication Protocol (ACP) handles local-environment agent communication. Together, they form the emerging "TCP/IP of agent communication." But protocols without governance are just faster ways to propagate errors.

For the complete governance foundation, the Minimum Viable Governance framework provides the structural prerequisite. For the readiness assessment, the A7 Framework tells you whether your governance maturity matches the multi-agent architecture you are deploying.

Readiness for Multi-Agent: A7 with the Volume Turned Up

The A7 Readiness Framework assesses organizational readiness for agentic AI across seven dimensions. Every dimension applies to multi-agent systems — but the bar is higher. Significantly higher. Multi-agent systems require Level 3+ readiness on all dimensions, where single-agent deployments can start at Level 2.

1. Data Architecture: Must support real-time multi-agent state sharing. O'Reilly identifies memory engineering as the missing architectural foundation for multi-agent systems. Shared memory creates shared risk — when Agent A writes to shared memory and Agent B reads it, any corruption flows directly into Agent B's reasoning with no human checkpoint in between. Enterprises implementing proper memory architecture achieve 18% ROI above cost-of-capital thresholds. Those without continue to struggle with coordination failures that plague 40-80% of deployments.
2. Governance Framework: Must cover agent-to-agent delegation, not just human-to-agent. Every agent interaction must be governed by explicit policies covering what one agent can ask another agent to do, what data can be shared, what decisions can be delegated, and what escalation paths exist when an agent receives a request outside its scope.
3. Human Oversight: Must monitor the network, not individual agents. A dashboard that shows each agent's performance is insufficient. You need network-level observability that tracks the interactions between agents, the cascade patterns, and the emergent behaviors. Microsoft's top 5 agent observability best practices confirm: traditional monitoring (uptime, latency, error rates) tells you whether the system is running but nothing about whether the answers are correct.
4. Security: Prompt injection in multi-agent systems equals system-wide compromise. OWASP's ASI07 (insecure inter-agent communication) and ASI06 (memory and context poisoning) are rated CRITICAL specifically because multi-agent systems create attack surfaces that don't exist in single-agent deployments. One compromised agent can use legitimate communication channels to manipulate every other agent in the network.

The threshold is clear: multi-agent deployment requires Level 3+ on ALL dimensions. Single-agent only needs Level 2. The dimensional floor rule from the A7 Framework — no single weak dimension can be masked by strength elsewhere — is especially critical here. An organization with Level 4 data architecture but Level 2 governance has a critical gap that multi-agent deployment will exploit.

The A7 readiness assessment questions for multi-agent provide the diagnostic. Can you trace a decision from final output back through every agent that contributed? Do you have circuit-breakers that stop cascade propagation within minutes? Can you revoke an agent's permissions in real-time without shutting down the entire system? Can you explain to a regulator why Agent C made decision X, including the chain of reasoning from Agents A and B? If the answer to any of these is no, you are not ready for multi-agent deployment.

The readiness gap is widening. Only 21% of organizations have mature governance for agentic systems. For multi-agent systems specifically, the gap is even wider — most organizations deploying multi-agent architectures are doing so without the governance infrastructure required. KPMG reports that 65% of leaders cite agentic system complexity as the top barrier for two consecutive quarters. The technology is running ahead of organizational capability.

Your Food Delivery App Has Three Agents — They Need Governance Too

Every time you order food through a delivery app, you interact with a multi-agent system. Behind the simple "Order Placed" confirmation, at least three agents are collaborating: a demand prediction agent that forecasts order volumes by area and time to pre-position couriers, a route optimization agent that calculates the fastest delivery route considering real-time traffic and restaurant prep time, and a fleet coordination agent that matches available couriers to orders and balances workload across zones.

Now consider what happens without governance. The demand prediction agent overestimates demand in Zone A based on a data anomaly. The fleet coordination agent, trusting that prediction, repositions 70% of couriers to Zone A. The route optimization agent, seeing courier density in Zone A, batches multiple orders per courier to maximize efficiency. Meanwhile, Zone B — the actual demand hotspot — has no coverage. Delivery times in Zone B spike to 90 minutes. Customers cancel. Restaurants lose perishable food. The app's rating drops.

That is a three-agent cascade. And it happened because no one governed the handoff between agents. The demand prediction agent had no scope limit preventing it from triggering a system-wide courier redistribution based on a single anomaly. There was no circuit breaker that said "if courier distribution changes by more than 30% in 15 minutes, flag for human review." There was no intent preservation log that would have shown the fleet coordination agent acting on a demand prediction that diverged significantly from the 7-day moving average.

The governance principles are the same regardless of scale: scope boundaries (each agent knows what it can and cannot do), cascade protection (circuit breakers prevent one mistake from propagating), observability (you can trace any decision back through the chain), human override (a dispatcher can intervene when things go wrong), and accountability mapping (you know which team owns which agent). McKinsey's experience with 25,000 agents confirms what the food delivery scenario illustrates at small scale: governance must scale with the fleet.

What Happens When Agents Negotiate with Other Organizations’ Agents

The multi-agent governance challenge described in this article assumes agents operating within a single organization. The next frontier is harder: agents negotiating across organizational boundaries. Your procurement agent negotiating with a supplier's sales agent. Your compliance agent coordinating with a regulator's audit agent. Your customer service agent handing off to a partner's fulfillment agent. When agents commit organizations to contractual terms at machine speed, the governance question nobody is asking: who approved the terms?

The trajectory is clear. Gartner projects that by 2028, 90% of B2B buying will be AI-agent intermediated — representing $15 trillion in purchases. By 2029, 80% of common customer service issues will be resolved autonomously. The agentic AI market is projected to reach $52 billion by 2030, up from $7.8 billion today. The agent economy is not a thought experiment. It is the direction of enterprise software for the next decade.

The governance principles in this article — hierarchical first, intent preservation, blast radius containment, circuit breakers, human checkpoints, audit trail depth, graceful degradation — were designed for the current moment. But they were also designed to scale. The organization that builds hierarchical multi-agent governance today is the organization that can evolve to cross-organizational agent governance when the protocols, standards, and legal frameworks catch up. The organization that skips governance today will spend the next three years retrofitting it under pressure.

Gartner also projects that over 40% of agentic AI projects will be canceled by the end of 2027 due to escalating costs, unclear value, and unmanaged risk. The organizations that cancel will overwhelmingly be those that deployed without governance. The organizations that succeed will be those that matched their governance infrastructure to their architectural ambition — starting with the seven principles above.

The Multi-Agent Governance Series

This article establishes the architecture and governance challenge for multi-agent AI systems. It builds on — and extends — the complete AskAjay governance framework series. Read these in sequence for the full operational picture.

Additional essential resources: the Liability Ledger for understanding how untracked multi-agent liabilities compound with agent-specific interest rates. The NIST Practitioner's Guide and AskAjay Crosswalk for bridging NIST's current framework with the agent standards gap. The Data Governance for AI guide for the shared state architecture that multi-agent systems require. The Third-Party AI Risk analysis for managing vendor agents in your multi-agent ecosystem. And the Failure Pattern Recognition Guide for the seven patterns that predict multi-agent project cancellation — which Gartner projects will affect 40%+ of agentic AI projects by 2027.