Enterprise AI agents need rules that go far beyond "allowed" or "denied."
A paper published on arXiv introduces AgenticRei, a runtime governance framework for autonomous AI agents built on top of LLMs. The researchers argue that existing policy engines — XACML, Rego, and Cedar among them — only handle the permit/prohibit slice of enterprise governance. They cannot track obligation lifecycles (say, requiring an agent to notify a security officer after a sensitive action), resolve conflicts between competing policies, grant context-specific exemptions, or reason over domain hierarchies common in healthcare or data privacy. AgenticRei is built on the Rei deontic policy framework, expressed in OWL (Web Ontology Language) and evaluated by a logic engine that runs entirely outside the LLM itself.
The distinction matters because agentic AI systems are increasingly capable of invoking tools, manipulating data, installing software, and coordinating with other agents across organizational boundaries — all without a human in the loop at each step. A policy layer that only says yes or no is not adequate governance for a system that can chain dozens of autonomous actions together. The researchers also note that AgenticRei composes with A2AS, an industry-standard agent-to-agent communication framework, which suggests a path toward real deployment rather than pure theory.
Whether enterprises will adopt a bespoke OWL-based policy stack on top of already-complex AI infrastructure is another question — but the paper at least names a gap that every serious agentic deployment will eventually have to fill.