Regulators, auditors, and counterparties are converging on the same question. The organizations that can answer it are in a structurally different position than those that cannot.
Two or more individually authorized AI agent actions combine to produce an outcome the governing organization has not authorized. No governance mechanism evaluates the combination as a unit before any consequential action executes.
This is not a failure of individual action controls. It is a structural condition that exists in every sequential AI system that evaluates individual action permissions without evaluating the combination as a unit. Existing runtime monitoring, IAM, and guardrail systems address individual actions. None evaluate the sequence.
The Composition Gap predates AI. AI accelerates it. The regulatory disclosure requirements, the securities litigation, and the national security guidance on agentic AI are all responses to the same structural condition at different layers.
No existing control evaluated the combination before Action A executed.
Logs enabling reconstruction of the circumstances leading to any output. The record must enable a regulator to understand what happened without the controller's cooperation.
Transparency about the data and knowledge the system was acting on at the time of the decision. The knowledge state must be recorded, not reconstructed from memory.
Large frontier model developers with $500M+ revenue and models trained at 10²⁶+ FLOPs. Safety protocols, incident reporting within 72 hours, and pre-deployment safety testing.
Deployer-side governance — what organizations must demonstrate about how frontier models were authorized to act in their specific workflows — is outside the RAISE Act scope. That gap is not addressed by any existing regulation.
What was the AI deployed to do? Requires a record of the intended AI function at the time of the decision — not a policy statement about AI use in general.
How did the AI operate in this specific instance? Requires a record of actual execution behavior — not a description of model capabilities.
All federally regulated financial institutions must maintain model inventory, document model lifecycle governance, and demonstrate board-level oversight of AI systems. AI and ML systems are explicitly included.
Was lifecycle governance applied before the model acted — or assembled after the fact? The pre-execution authorization record is the evidence that governance was operational, not retrospective.
CISA, NSA, and allied cybersecurity agencies from Australia, Canada, New Zealand, and the United Kingdom issued coordinated guidance on agentic AI systems in May 2026. The guidance identifies the same structural condition Kuriom addresses.
"Agentic systems obscure what caused a particular action, making accountability hard to trace." — CISA/NSA Five Eyes Guidance, May 2026
"Multiple interconnected components that plan, reason, and act across sequential steps introduces new systemic risks including cascading failures." — CISA/NSA Five Eyes Guidance, May 2026
The organizations that can answer the regulatory evidence question with a pre-execution governance record — not a vendor attestation, not a methodology document, but an independently verifiable record that existed before the AI acted — are in a fundamentally different liability position than those that cannot.