The advent of agentic artificial intelligence signals a revolutionary shift in the AI governance landscape. Generative AI is about AI’s ability to process information and generate the appropriate text and audiovisual responses. Agentic AI, however, is about the capability of such systems to act autonomously, in tandem with each other, in order to achieve set goals. This means that an AI system powered by AI agents could orchestrate an entire cyberattack campaign (from detecting vulnerabilities to coding malicious code packages to ensuring that the desired outcome is attained) without the need for skilled operators.
For policymakers, there is a qualitative difference between governing generative and agentic AI. Agentic AI is akin to deploying thousands of self-driving vehicles on roads with no shared traffic rules, with each vehicle optimised for different goals (such as speed, safety, efficiency or cargo integrity). The risk posed is much less of individual system failure (that is, any single vehicle is faulty) but much more of the systemic instability that emerges from the interaction of such systems at scale (in other words, the uncoordinated and unpredictable character of interaction that increases the risks of vehicle accidents).
The relevance of agentic AI is further amplified by the fact that it is increasingly discussed as a potential engineering pathway towards artificial general intelligence, insofar as it introduces capabilities such as goal decomposition, tool use, iterative self-correction and multi-
step execution. While this does not yet amount to a proven route to artificial general intelligence, it nonetheless reinforces the strategic significance of agentic systems. If managed well, however, the same properties that make agentic AI systems potentially destabilising could become sources of great collective benefit. A well-governed ecosystem of AI agents that operate under shared governance protocols, with clear accountability chains and interoperable safety standards, could deliver upon AI’s development potential. The question for G7 governments is whether they can agree upon the urgently needed rules of the road.
From national frameworks to transnational risks
Although G7 leaders collectively reaffirmed the Hiroshima AI Process commitments via its AI Adoption Roadmap at their Kananaskis Summit in 2025, individual G7 governments have moved faster. The United States published its AI Action Plan, the UK advanced its AI Security Institute’s evaluation work, and the European Union’s AI Act began imposing binding obligations on providers of general-purpose AI models. Yet rules formulated at the national level, however robust and well intentioned, cannot sufficiently match a technology whose most consequential deployments are by nature transnational. A multi-agent system, whether coordinating a disinformation campaign or managing financial portfolios, does not pause at the border of national jurisdictions.
Seizing the window for
coordinated governance
With regard to agentic AI, two challenges remain critically urgent yet unresolved. First, there are no agreed-upon international standards for evaluating the pre-deployment safety of agentic systems, particularly for high-risk sectors such as critical infrastructure, defence and health care. Second, liability frameworks have not kept pace, as the question of who bears legal responsibility when an autonomous agent causes harm – whether it is the developer, deployer or operator – remains deeply contested.
At the Évian Summit, G7 leaders should make progress on providing the architecture needed for collectively governing agentic AI. Two deliverables would constitute decisive progress. The first is a commitment to accept each other’s pre-deployment assessments for high-risk agentic AI applications, particularly in areas such as autonomous cyber defence or military decision-
support systems. Such mutual recog-
nition regarding agentic AI safety evaluations would be a good first step towards mitigating the critical dangers of regulatory fragmentation in the absence of full harmonisation, dangers such as failures in infrastructure management or unintended security escalations. The second deliverable is a shared reporting mechanism, specifically regarding agentic AI incidents in critical sectors. This would serve as the foundation for a joint G7 early warning system that could provide much-needed situational awareness.
The window for meaningful cooperation is closing. As proprietary dependencies harden, the eventual imposition of common standards will likely be more disruptive and thus more fiercely resisted. Given that subsequent regulation will only become more challenging, the Évian Summit offers G7 leaders the chance to show that democratic governments can match the pace of the technology they are trying to govern. This matters not only for AI safety but also for the credibility of the G7 itself as a group capable of managing the defining technological challenges of the times ahead.
