By Divya Rakesh, Thought Leader in Data & Artificial Intelligence, 21 May 2026
On the governance gap arriving in enterprise AI deployments — faster than most organisations are ready for.
The reconciliation meeting was supposed to take an hour.
Both sides came with their logs. The retailer’s commercial team had records showing the markdown agreement reached with the supplier during Black Friday week: revised trade terms on three hero SKUs, within the authorised pricing band, executed cleanly. The supplier’s team had their own records. Same transaction window but different terms.
Not dramatically different. About 2.3% on blended margin across the three SKUs. On the volumes moved during Black Friday week, that 2.3% was not a rounding error.
Four hours later, nobody had resolved it. Both sets of logs were accurate. Both agents had acted within their configured parameters. The problem was that the two agents had been operating against subtly different versions of a shared pricing metric, and by the time anyone looked, there was no way to reconstruct exactly what each agent understood at the moment the agreement was reached.
Legal got involved the following week. Not because anyone had acted in bad faith. Because nobody could prove what had actually been agreed.
This scenario will be familiar to anyone who has spent time in commercial operations. Disputed trade terms between retailers and suppliers are not new. What is new is how this one happened, and what it reveals about where enterprise AI is headed.
The retailer had deployed an AI pricing agent to manage promotional markdown decisions during high-velocity sales periods. Thousands of SKUs, continuous price adjustments, competitive signal processing in real time. The agent was authorised to operate within a defined band and to negotiate revised trade terms with supplier systems up to a certain threshold. Standard configuration for this kind of deployment.
The supplier had an equivalent agent on their side, managing trade spend and promotional commitments across their retail partners.
During Black Friday week, the two agents negotiated directly. No human was in the loop for the specific transaction. Both agents completed the interaction within their authorised parameters. A commercially binding agreement was recorded in both systems.
Four days before that interaction, the supplier had updated their agent. A routine update, properly version-controlled on their side, communicated through a changelog that the retailer’s integration team had not been monitoring. The updated agent interpreted a shared gross margin metric slightly differently, a change that traced back to how the new version handled a specific category of promotional allowances.
Neither team knew the other’s agent had changed. Neither agent had any mechanism to verify the version or behavioural profile of the system it was negotiating with. The retailer’s agent connected to the supplier’s endpoint, received a response, and trusted it completely because it came from the right place.
Two legitimate systems, both functioning correctly, operating against different assumptions — with no shared mechanism to detect the divergence before it produced a binding outcome.
FOUR GOVERNANCE FAILURES
The dispute surfaced four distinct governance failures, each worth naming separately.
The first is identity.
When the retailer’s agent initiated the negotiation, it had no way to verify which version of the supplier’s agent it was dealing with, what behavioural changes that version carried, or whether the agent’s operating parameters had been recertified since the update. It authenticated to the endpoint. That was the entirety of the trust check.
The second is authorisation chain.
The supplier’s agent was empowered to agree to revised trade terms on the supplier’s behalf. But when the agent was updated, nobody revalidated that authorisation. The new version inherited the commercial authority of the previous version without any governance checkpoint.
The third is the approval gate.
The transaction value crossed a threshold that, under the retailer’s own internal policy, required commercial sign-off before execution. The agent processed it autonomously because the policy lived in a document, not in the workflow. No gate existed in the system to pause, route for approval, and resume.
The fourth is the audit trail.
When both sides sat down to reconcile, neither could produce a record showing what data each agent was operating on at the moment of agreement, which version of each agent was active, or what the exact sequence of the negotiation had been.
WHAT THIS MEANS FOR YOUR ORGANISATION
Agent-to-agent commerce is not on the horizon. It is running in production across retail, financial services, logistics, and procurement right now. The interactions are real. The outcomes are commercially binding. The governance frameworks are not there yet.
Three questions worth taking back to your technology governance team.
When your agent interacts with a counterparty’s agent, how do you verify who you are actually dealing with and does that verification produce a record?
When a counterparty updates their agent, how do you know, and does that trigger a review of the trust relationship?
When your agent is about to execute a transaction above a material threshold, what stops it from proceeding without human sign-off?
The reconciliation meeting that took four hours and ended with lawyers on both sides is still uncommon but it will not stay uncommon for long.
The companies that close this gap early will not just be better protected. They will be the partners that others choose to transact with, because trust in an automated ecosystem has to be built deliberately or it becomes a liability.