CISO
CIO
Enterprise Architect
Compliance Officer
Industry relevance
Financial Services
Healthcare
Government
MARCH 24, 2026
Agent 365 GA governs agents acting on behalf of humans only — autonomous agents with their own identities remain in preview. Most governance plans don't account for this distinction.
The May 1 GA version of Agent 365 governs agents operating on behalf of licensed human users. Agents with their own mailboxes, OneDrives, and independent identities map to the Agent Identity Authentication flow, which stays in Frontier preview. Frontier trial licenses were extended through December 2026, signaling that autonomous identity capability is still in development.
GOVERNANCE IMPLICATION
The distinction between on-behalf-of agents and autonomous agents with independent identities is not a product nuance — it is a governance boundary. Organizations purchasing Agent 365 to govern their full agent estate should verify which class of agents in their environment will actually be covered on May 1. Any agent with an independent identity, its own mailbox, or autonomous action capability outside a licensed human user's session falls outside the GA governance model. That class of agent is the one most likely to require regulatory treatment as an autonomous decision-making system.
SCENARIO
A wealth management firm deploys Agent 365 on May 1 to govern its Copilot Studio agents. The CISO reports to the board that all agents are now governed. Three months later, an internal audit identifies four agents operating autonomously on the Frontier preview license — each with its own mailbox and identity, processing client communication workflows overnight. Those agents are not registered in Agent 365's GA governance model. They are in Frontier preview with trial access extended through December 2026.
THE GOVERNANCE QUESTION
Your organization is purchasing Agent 365 to govern agents. The GA version does not yet govern the most autonomous class of agent your teams are most interested in building. What is the interim governance framework you are applying to those agents right now — between today and the date Microsoft ships what you actually need — and who signed off on the risk of that gap?
CONTROL GAP
Agent inventories at most organizations do not distinguish between on-behalf-of agents covered by Agent 365 GA and autonomous agents with independent identities remaining in Frontier preview. The governance coverage gap is invisible without that distinction documented in the agent registry.
REGULATORY RELEVANCE
OCC
FINRA
FFIEC
NIST Ai RMF
SEC Cyber
CONTINUE READING
MAY 24, 2026
AccountabilityOn April 30, 2026, six national cyber agencies published joint guidance on adopting agentic AI. It names accountability as one of five core risks and is candid about why tracing agent action is hard: opaque decisions, attribution that fragments across separate logs, reasoning chains that resist reconstruction. Then it prescribes the remedy almost entirely as logging. Comprehensive artefact logs by default, unified inter-agent audit trails, interpretability tooling. Logging answers a question that comes second. It assumes the system of record underneath can already attribute a write to an agent, express authorization at the level of a business operation, and reconstruct the business state at the moment of action. Many enterprise systems cannot. An audit log that records modified by integration user has captured the event perfectly and identified no one. The accountability the guidance asks for has to be supported by the substrate before any log can establish it.
MAY 21, 2026
AccountabilityOn May 21, 2026, Microsoft Digital published its primary internal agent-governance guide on the Inside Track Blog, authored by Alex Fleck, the third in a connected series following the Frontier Firm guide (April 16, 2026) and the Copilot governance guide (May 7, 2026). The guide describes six governance principles, a matrixed review model spanning SharePoint Agent Builder through Microsoft Foundry, agent lifecycles tied to user identity or to attestation and accountability confirmations for team-owned agents, and Microsoft Agent 365 as the observability and tracking layer. Its closing principles state that effective governance must be human-led, because accountability and judgment remain essential.
MAY 7, 2026
AccountabilityMicrosoft Digital's internal Copilot governance guide, published May 7, 2026 and updated June 8, 2026 by Alex Fleck on the Inside Track Blog, requires every full-time employee with a shared SharePoint container to re-attest its compliance every six months. Attestation confirms the container is correctly labeled, that the owner still wants it to exist, and that its access roster remains accurate. Containers without attestation are treated as orphaned and scheduled for deletion. The guide also cites Microsoft Entra's inactive-group expiration policy as a parallel renewal mechanism.