Skip to main content

Agentic AI Is Outpacing Regulation: Singapore and Five Eyes Warn Against Deploying Autonomous Systems Without Rules

AI article illustration for ai-jarvis.eu
Singapore wants to lead in deploying agentic artificial intelligence — the kind that makes its own decisions, plans, and acts without human intervention. But according to an analysis by Singapore Business Review, it's hitting a fundamental obstacle: the rules don't exist yet. And Singapore isn't alone. The Five Eyes intelligence agencies, American law firms, and South Korean lawmakers all agree — agentic AI is being deployed faster than its legal and security framework can be created. The result is a governance gap that threatens not just the ambitions of small nations but the security of global critical infrastructure.

What Is Agentic AI and Why It's Different

Traditional chatbots like ChatGPT or Claude operate on a question-and-answer model. You enter a prompt, the model responds. Agentic AI takes it up a level — it's a system that receives a goal and finds its own path to achieving it. It makes decisions, plans steps, calls external tools, works with APIs, databases, and other systems. It can order goods, manage corporate finances, install software patches, or communicate with suppliers — all without a human in every decision loop.

This autonomy is simultaneously its greatest strength and its biggest risk. As noted by a legal analysis from Venable LLP from February 2026, agentic AI "does not fit into any single regulatory framework — instead, these systems operate within existing laws, depending on what they do, who they affect, and how they are deployed."

Singapore as a Case Study in the Governance Gap

In recent months, Singapore has been aggressively building its position as Southeast Asia's AI hub. It has signed strategic deals with Google and OpenAI, with OpenAI committing $234 million to the local ecosystem. NVIDIA is opening research labs in the country, and robots are being tested directly in the streets.

But the speed of technological adoption has outstripped regulatory readiness. According to a July 2026 article by Singapore Business Review, which maps the issue in detail, a dangerous gap is emerging in the city-state — agentic systems are already in use in finance, logistics, and public administration, but a unified framework for oversight, accountability, and security standards is missing.

South Korean lawmaker Kim Hyun summed it up precisely in April 2026 for the Seoul Economic Daily: "For agentic AI to successfully take root in our society, establishing governance with clear accountability mechanisms is urgent." He added that it is necessary to design "control rights" allowing humans to supervise AI operations and intervene when necessary.

Five Eyes Sound the Alarm: Agentic AI Is Too Dangerous for Rapid Deployment

In early May 2026, the intelligence and security agencies of the Five Eyes alliance (USA, UK, Canada, Australia, New Zealand) issued a joint warning against the rushed deployment of agentic AI systems. The document, titled "Careful Adoption of Agentic AI Services," contains 23 risk categories and over 100 specific recommendations.

The warning is exceptionally strong: "Until security practices, evaluation methods and standards mature, organizations should assume that agentic AI systems may behave unexpectedly." The document explicitly recommends prioritizing resilience and reversibility over efficiency gains.

Among the most striking examples of risks cited by Five Eyes are:

  • Overly broad permissions: An agent tasked with installing security patches was given access to delete firewall logs — and after a seemingly innocent prompt, it actually deleted them.
  • Chain trust: An organization deployed an agent for purchase approvals. Over time, other agents began relying on its outputs. An attacker then infiltrated through a weakly secured tool, inherited the first agent's privileges, and modified contracts and approved unauthorized payments.
  • Lack of threat intelligence: Existing security frameworks like OWASP or MITRE ATLAS focus on LLMs, not on specific attacks against agentic systems.

The Legal Vacuum: Who Is Responsible?

One of the most pressing questions is legal accountability for agentic AI decisions. When an autonomous system causes financial damage, makes a discriminatory decision, or unauthorizedly shares sensitive data — who bears the consequences? The developer? The operator? The model provider?

Lawyers from Venable LLP identified five key areas requiring immediate attention:

  1. Data management and privacy — agentic systems dynamically combine datasets and generate new inferences
  2. Vendor and supply chain risk — updates from the model provider can retroactively change agent behavior
  3. Oversight and risk mitigation — established procedures for testing the impacts of autonomous decisions are lacking
  4. Security infrastructure — agents must be authenticated, their actions authorized and logged
  5. Identity and attribution — who is legally liable when an agent acts "on behalf of" an organization

What This Means for Europe and the Czech Republic

For Europe, this warning comes at a critical moment. The EU AI Act is the world's first comprehensive regulatory framework for artificial intelligence, but it was designed before the massive rise of agentic systems. It classifies AI by risk level, but specific scenarios of autonomous agent decision-making — such as permission chaining or privilege inheritance — are not yet explicitly addressed.

For Czech companies and institutions, a simple recommendation emerges: deploy agentic AI incrementally, starting with low-risk tasks, with clearly defined permission boundaries and mandatory human oversight. The Czech National Bank, for example, is already experimenting with AI on its own infrastructure — running open-source models on servers with Nvidia H200 chips for analyzing regulatory documents and monitoring reputational risks. Crucially, data never leaves the institution's secure environment — exactly the model recommended by the Five Eyes security agencies.

A Global Trend with Local Consequences

This isn't just about Singapore or security agencies. In July 2026, the UN Scientific Panel also warned that AI capabilities are racing ahead of rules to ensure the technology is used safely and responsibly. Meanwhile, South Korea's government announced it would deploy AI systems across all ministries within a year. And the Bank for International Settlements (BIS) has issued official recommendations on how central banks should approach language models.

The consensus among experts across continents is clear: agentic AI is changing the rules of the game, but without governance, accountability, and human oversight, a productivity tool can become a source of systemic risk. And as Five Eyes emphasizes, speed should not win over security.

What's the difference between a regular chatbot and agentic AI?

A regular chatbot (like ChatGPT) answers individual questions — you ask, it responds. Agentic AI receives a complex goal (such as "order office supplies at the best price") and independently plans individual steps, searches e-shops, compares prices, places orders, and communicates with suppliers. The difference is in the level of autonomy — the agent works independently and rarely needs human input.

Is agentic AI regulated under the EU AI Act?

The EU AI Act classifies AI systems by risk level — from prohibited practices through high-risk to minimal-risk. Agentic systems deployed in critical areas (finance, healthcare, infrastructure) would fall into the high-risk category and face strict requirements. However, the Act was drafted before the agentic AI boom, and specific scenarios such as permission inheritance between agents are not yet addressed in detail.

How should companies approach deploying agentic AI?

Five Eyes security experts recommend starting gradually — first deploying agents for clearly defined low-risk tasks, strictly limiting their permissions, maintaining detailed logs of all actions, and always keeping the ability for human intervention. Continuous updating of the security model is also important, as attack vectors specific to agentic AI are still being mapped.

X

Don't miss out!

Subscribe for the latest news and updates.