I’ve been in enough conversations with in-house teams lately to know this is no longer abstract. AI agents are moving out of demos and into real workflows. They are drafting, deciding, and triggering actions across systems. And at some point, one of those actions will matter. Legally. Financially. Reputationally.
When that happens, the first instinct is to reach for the contract. Indemnities. Warranties. Disclaimers.
But here’s the problem.
Most of those provisions were written for a different world.
When Software Starts Acting, Contracts Fall Behind
For years, software behaved predictably. It executed predefined workflows. If something went wrong, we asked two familiar questions: was it misused, or did it malfunction?
That framing shows up everywhere in contracts.
Then AI agents arrived.
They don’t simply execute instructions. They interpret goals. They choose paths. They chain actions across systems. They evolve as models update and guardrails shift.
That’s not a small change. It’s a structural one.
And yet, I still see language like: “Customer is solely responsible for all outputs.”
All outputs.
That clause assumes something important. It assumes the customer can control and observe what the system is doing.
In agentic environments, that assumption breaks quickly.
A Different Way To Think About Responsibility
Over time, working through real agreements and real deployments, I’ve found that most of the confusion clears up when you anchor on one principle:
Responsibility = Control + Visibility
It’s simple. Almost deceptively simple.
But it forces a different conversation.
If a party does not control how a system behaves, it should not carry full responsibility for that behavior. If a party cannot see what the system is doing, it cannot responsibly own the outcome.
Responsibility has to follow both.
If either is missing, the allocation starts to drift away from reality.
Start With Control
In-house counsel often step into negotiations after the business has already decided to deploy an AI system. By that point, the conversation tends to focus on legal language rather than system structure.
That’s backward.
The first question is not “what does the clause say?” It’s “who controls what?”
Control in agentic systems is layered.
The provider typically controls the model architecture, training data, guardrails, and update cycles. These define how the system interprets goals and what actions it is capable of taking.
The customer controls the deployment context. Which systems does the agent connect to? What instructions does it receive? How it fits into business workflows?
These are not interchangeable.
When an agent produces an unexpected result, the cause often sits across both domains. A prompt interacts with a model. A configuration interacts with a guardrail.
If your contract assigns responsibility without mapping those control layers, it’s not allocating risk. It’s guessing.
For in-house teams, this means one practical shift: before reviewing any AI clause, sit down with product, engineering, or whoever owns the deployment and map the control surface. You don’t need perfection. You need clarity on who actually influences system behavior.
Then Demand Visibility
Control is only half of the equation.
The other half is visibility.
This is where many agreements fall short in a quieter way.
They promise “logs upon request” or “commercially reasonable monitoring.” It sounds fine until something goes wrong, and you realize you cannot reconstruct what happened.
Meaningful visibility is more concrete than that.
At a minimum, you should be able to answer a few basic questions after any agent action. What action was taken? What triggered it? Which system did it touch? When did it happen? Was there any human validation?
If you cannot answer those questions, you do not have oversight. You have a blind spot.
And in a world where agents can trigger downstream consequences across systems, that blind spot matters.
I often tell teams: if you are being asked to take responsibility for system behavior, make sure you can actually see that behavior. Otherwise, you are accepting exposure without the ability to manage it.
Where Contracts Go Wrong
Most drafting issues I see come down to a mismatch.
Responsibility is assigned broadly. Control is fragmented. Visibility is undefined.
The result is a contract that looks complete on paper but does not hold up when the system acts.
Take the “all outputs” example. In a traditional setting, output might mean a document someone reviews before sending. In an agentic system, output can include actions. Modifying a record. Sending a communication. Triggering a workflow.
If those actions occur without human review, can the customer realistically own them entirely? Not unless the customer also controls the system’s behavior and can see what it is doing.
Or take “commercially reasonable efforts.” Applied uniformly, it treats a low-risk internal summary the same as an action that could create legal obligations. That’s not how risk works in practice.
The common thread is the same: the contract does not reflect how the system actually operates.
How In-House Counsel Can Use This Framework
The point of the “Control + Visibility” model is not to add another layer of theory. It’s to give you a practical way to approach AI contracts.
Before negotiating responsibility, map the system. Who controls the model? Who controls deployment? Where do those boundaries interact?
Then test visibility. What can you actually see? Are logs defined? Is monitoring real-time or retrospective? Are high-impact actions treated differently?
Once you have those answers, look at the responsibility clause again. Does it align with what you just mapped? Or is it assigning responsibility in places where control or visibility is missing?
That gap is where you focus your negotiation.
Sometimes the answer is to narrow the responsibility. Sometimes it’s to increase visibility. Sometimes it’s to clarify control boundaries. Often, it’s a combination of all three.
But the sequence matters. You cannot fix the clause until you understand the system.
From Legal Language To Operational Governance
What’s happening here is a broader shift.
AI contracting is moving away from abstract risk allocation and toward operational governance. The strongest agreements I see are not the ones with the most disclaimers. They define how the system is allowed to act, how those actions are monitored, and what happens when something crosses a boundary.
Governance is no longer something you layer on top of the system. It is something you embed into how the system operates.
That requires legal teams to engage a bit earlier and a bit differently. Not only as drafters of language, but as translators between system design and accountability.
A Simple Model, Used Consistently
If there’s one takeaway, it’s this.
When systems act, responsibility must follow control. And control must be visible.
That principle is simple enough to explain in a sentence. But it is strong enough to reshape how you approach AI agreements.
If you want a visual version of the model and how it applies in practice, I’ve put together a short deck.
Use it as a starting point. Not a conclusion.
Because the real work isn’t memorizing the framework. It’s applying it to the systems your business is actually deploying.
And that’s where in-house counsel have the most leverage right now.
Olga V. Mack is the CEO of TermScout, where she builds legal systems that make contracts faster to understand, easier to operate, and more trustworthy in real business conditions. Her work focuses on how legal rules allocate power, manage risk, and shape decisions under uncertainty. A serial CEO and former General Counsel, Olga previously led a legal technology company through acquisition by LexisNexis. She teaches at Berkeley Law and is a Fellow at CodeX, the Stanford Center for Legal Informatics. She has authored several books on legal innovation and technology, delivered six TEDx talks, and her insights regularly appear in Forbes, Bloomberg Law, VentureBeat, TechCrunch, and Above the Law. Her work treats law as essential infrastructure, designed for how organizations actually operate.
The post If Your AI Agent Sends An Email To A Regulator Tomorrow, Who Is Responsible? appeared first on Above the Law.