Why governing agentic AI is the next mission for federal agencies

As the federal government transitions from individual AI models to dynamic, multi-agent systems, the mission focus is shifting toward governing autonomous entities in high-stakes environments. During his recent AITalks session, Dr. Paul Rodrigues, Chief AI Officer for Microsoft Federal’s National Security Group, outlined the critical evolution required to manage what he calls the “agentic agency.”

While the federal government has been a pioneer in AI for decades, the nature of the technology has fundamentally shifted. Previous iterations focused on “narrow AI systems” that executed specific tasks in a serial manner, Rodrigues said. Today’s AI landscape is empowered by “complex systems with agents that interact with each other,” similar to how people interact in the workplace, to meet broader mission requirements.

Navigating the mission-critical reality

Unlike the commercial sector, the federal government operates under a distinct set of structural and legal constraints that materially increase the complexity of AI deployment. Rodrigues highlighted several core challenges:

• Legacy integration: AI systems must be integrated into “a ton of legacy systems” that hold essential data and host existing tools.
• Mixed environments: Human operators often bridge gaps between disparate systems, such as moving between classified and unclassified computers to synthesize information.
• High-Stakes accountability: Federal systems affect human lives “immediately and impactfully,” requiring “legally accountable decision systems” and safety-critical workflows.

“When we’re talking about agentic AI, we’re not just talking about a system that can increase the efficiency of government,” Rodrigues explained. “We need these systems to increase efficiency in a traceable manner, adhering to policy and ensuring that there’s human oversight and authorities.”

The orchestration and governance challenge

The leap toward agentic autonomy introduces a vital problem: orchestration. Managing teams of AI agents requires the same rigor as managing human teams, including scheduling, monitoring and governance.

Rodrigues noted that agents must be assigned specific authorities and limitations, with built-in “escalation triggers” to involve humans when an agent reaches the edge of its capability. To solve this, a new category of technology is emerging: a “control plane” for an organization’s agents.

One such framework, Microsoft’s Agent 365, is designed to serve as this centralized layer. Unlike common AI setups where rules are buried in a text prompt, these governance controls are “built into the agent’s identity” and can be managed across an organization.

Bridging legacy data and autonomous agency

A primary benefit of this orchestration layer is the ability to manage AI directly within a “work substrate” — the mission databases and document repositories where the actual work happens. This avoids the need to copy data between environments, which Rodrigues warned can lead to “semantic drift” or even security vulnerabilities.

“This allows you to operate directly within this work substrate,” he said. “You don’t need to copy the data and worry about the security of that copy of the data.”

By unifying these enforcement layers, agencies can maintain a single policy framework that governs data, agents and human users simultaneously. This approach not only reduces the compliance burden but also enables agencies to leverage the growing capabilities of AI agents. At the same time, these agents remain firmly within the provided authority guardrails.

Learn how Microsoft helps agencies achieve more for their programs and missions.