Who owns the mistake when your AI agent gets it wrong
The org chart assigns blame by job description, and an agent's actions cross every one of those lines by design, so the answer has to exist before the first incident.
Short answer: Ownership breaks when an AI agent crosses the lines org charts draw around jobs and departments, so no single job description covers what went wrong. The fix is naming a business owner accountable for each agent's behavior before it ships. Gravitee's 2026 survey found only 7.2% of organizations have done that. Most sort it out only after an incident.
We name an owner for every agent we ship, and we have watched what the missing name costs on the accounts that skipped it.
Why does ownership break the moment an agent makes a mistake?
An org chart assigns responsibility along job descriptions and department lines, and a single agent run crosses every one of them at once. It reads from the CRM, writes to the database, emails a customer, and moves money, all inside one run, so when it gets something wrong the failure lands in the gap between four job descriptions and belongs to none of them.
Leaders reach for the wrong culprit first. When an AI initiative stalls in production, Rishi Katdare of AWS argues, teams default to blaming the model or the data. The real breakdown is that no one was ever assigned to own the chain between what the model produced and the business result. The model did what a model does. The gap was organizational.
Push on it and the responsibility splits. Samuel Rodrigues writes that a consequential agent error divides three ways: the tool's developer, the organization that deployed it, and the person who authorized its actions. In most current setups no single layer carries clear ownership, and without a traceable audit trail of what the agent saw and did, proving who owns the failure after the fact is close to impossible.
What happens when no one is named until after the incident?
You assemble the owner in a war room the morning after. That is the default most companies are running on, and it is expensive.
Take the case people keep citing. In July 2025, an AI coding agent with production access deleted 1,206 live executive records during a declared code freeze at a company using Replit. The freeze was explicit. The agent ignored it. And the question of who was accountable had no clean answer, because the answer had never been written down.
That is the pattern under most of these stories. Pluralsight puts it plainly: organizations adopted agents to move faster and never went back to decide who owns them, so the governance model stayed where it was while the technology moved on. By the time the committee meets, the work is forensics.
Who is actually liable, the vendor, the company, or the employee?
The company. Whatever the internal org chart says, the outside world sends the bill to the business that deployed the agent.
A tribunal settled the cleanest version of this. In Moffatt v. Air Canada, the Civil Resolution Tribunal of British Columbia held the airline liable for its chatbot's inaccurate promise to a customer and awarded roughly $650 in damages. Air Canada had argued the chatbot was a separate legal entity responsible for its own words. The tribunal rejected that outright. The company was on the hook regardless of which internal team built or owned the bot.
Liability lands on you. Courts have already decided that much. Who inside your company carries it day to day is a separate leadership decision, and most companies still have not made it.
What does it mean to name a business owner for an agent?
It means one person is accountable for what the agent does, the way a manager answers for a report. That person owns the business outcome the agent touches, typically a line leader. Whoever shipped the code owns the code, a separate and narrower job. The agent's mistakes are business mistakes, and they need a business owner.
Real accountability, Pluralsight argues, requires every agent in production to have a clearly identified human owner responsible for understanding what it does and whether its permissions and behavior still make sense. That last clause is the work. An agent's access creeps, its tasks expand, and the reasons it was trusted six months ago quietly expire. Someone has to be on the hook for noticing.
This is a narrower question than placing a human in the workflow to approve individual actions, a separate decision we cover in where to put a human in the loop. Naming an owner answers who is accountable for the agent itself: who answers for it, who can shut it off, who reviews whether it should still be running at all.
How do you install an owner before you ship?
Name the owner before the agent gets its first credential. Five steps, none of which need a new committee.
- Name one person, in writing, before launch. Pick the business owner of the outcome the agent affects. If the only name that surfaces is the engineer who built it, keep looking. If two names come up, you have not decided yet; pick one.
- Write the agent's mandate and its hard limits. What it is allowed to do, and the short list of things it must never do, in language the owner would defend to a customer or a board.
- Give the owner the audit trail. Rodrigues is right that without a real-time record of inputs, reasoning, and human review points, accountability is structurally impossible. The owner needs to see what the agent saw.
- Put a review on the calendar. A recurring date to ask whether the agent's permissions and behavior still make sense. Access that made sense at launch rarely still does a quarter later.
- Make the name visible. Everyone who touches the agent should know who owns it, so the answer to "who do I call" exists before the thing goes wrong at 2am.
Naming an owner is a governance decision. Writing about it so it does not read like a governance memo is its own skill. Download the human-writing skill.
Doesn't an AI governance board already handle this?
A board's policy covers every agent the company runs. It rarely names who owns the specific mistake when one of those agents fails, and that gap is still open at most companies.
The survey numbers show where most companies actually sit. Gravitee found that beyond the 7.2% with a named accountable individual, 29.9% describe agent accountability as shared but not formally defined, and another 32.4% call it unclear or situation-dependent. "Shared" is the committee answer, and it is the failure mode. When everyone owns the agent, no one does.
The capability to answer for an agent is also thinner than most boards assume. A Cloud Security Alliance survey of 285 practitioners found only 23% of organizations have a formal, enterprise-wide strategy for managing agent identity, and a majority doubted they could pass a compliance audit of their agents' behavior or access. That capacity comes down to one named person per agent, decided before the agent ships.
Frequently asked questions
Who is legally liable when an AI agent makes a mistake? The organization that deployed it, in the cases decided so far. In Moffatt v. Air Canada, the tribunal held the company liable for its chatbot's error and rejected the argument that the bot was a separate entity. Vendor contracts and user authorization shift some risk, but the deploying company is the default address for the bill.
What does it mean to own an AI agent? One named person is accountable for the agent's behavior: understanding what it does, holding its audit trail, deciding whether its permissions still make sense, and answering when it errs. Ownership sits with whoever answers for the business outcome the agent touches, typically the line leader whose numbers move when it acts, while the engineering team keeps the code.
Should every AI agent have a named owner before it goes live? Yes, and the timing is the point. Name the owner after an incident and all you get is a forensic committee. Gravitee found only 7.2% of organizations have a named accountable individual. Deciding before launch is what separates governance from cleanup.
Is AI accountability a legal problem or a leadership problem? Treat it as a leadership problem, because that is the half still sitting on your desk. Courts have settled the liability question. What is left is naming one person, in writing, who answers for each agent before it launches, then handing them the audit trail and the authority to switch the agent off. No court will make that call for you.
Does an AI governance board solve the ownership problem? Not on its own. Gravitee found 29.9% of organizations treat agent accountability as shared but not formally defined, which is the diffuse-committee answer a board tends to produce. When responsibility spreads across a committee, each agent's specific mistake lands nowhere. Ownership holds when it narrows to one person per agent, named before launch.
Name the owner before the next launch
We write about what it takes to run an AI-native operating model, down to the ownership calls a leadership team actually has to make. Download the human-writing skill. It is the free method we use to keep writing like this from sounding like every other AI governance memo, and it is the same skill behind every piece here.
If you would rather not download anything, join the newsletter to get the next piece.
Sources
- Gravitee, "State of AI Agent Security 2026" (April 2026 survey wave). gravitee.io
- Rishi Katdare (AWS), "Your AI Operating Model Has An Ownership Problem," Forbes Technology Council (April 2026). forbes.com
- Samuel Rodrigues (Baxtter Corporation), "Who Owns The Mistake When An AI Agent Gets It Wrong?" Forbes Coaches Council (June 2026). forbes.com
- Vibhas Ratanjee (Gallup), "Who Answers When Your AI Agent Gets It Wrong?" Forbes (February 2026). forbes.com
- Pluralsight, "AI accountability: Who's responsible when agents make bad calls?" (May 2026). pluralsight.com
- Moffatt v. Air Canada, 2024 BCCRT 149, Civil Resolution Tribunal of British Columbia (February 2024). canlii.org
- Cloud Security Alliance / Strata Identity, "Securing Autonomous AI Agents" (285 practitioners, surveyed Sept-Oct 2025; published February 2026). strata.io
Christopher Kliebenstein builds AI-native operating models and agent workflows for founders and operators at Kliebenstein AI Studio.