TL;DR
- A Shadow Agent Estate is every AI agent running enterprise-wide with no inventory, owner, or governance.
- Every build path defaults to isolation: self-built agents, bought tools with embedded agents, orchestration layers, and Agent Builder outputs.
- Isolation generates Agent Debt across four ledgers: Ownership, Access, Entanglement, and Operational.
- Organisations that ran point agents in 2026 to 2027 without an agentic flow architecture are now servicing that debt.
- The fix is not fewer agents. End isolation by embedding every agent in a governed outcome flow.
This article draws on The Shadow Agent Estate whitepaper (2026), a Zycus Point of View developed in collaboration with The Hackett Group’s Expert Advice, including polling data from the 2026 North American Procurement Applied Intelligence Leadership Forum, the 2026 Future-Ready Purchase-to-Pay Quick Poll, and the 2026 AI Solution Providers Study. Research insights are attributed to Amy Hillcox (Senior Research Director, Procurement and Purchase-to-Pay Applied Intelligence) and Richard Gardner (Sr. Director, Solution Intelligence) of The Hackett Group.
It’s April 2028. The Conference Rooms Are Full, and the Mood Has Changed.
Walk into any major procurement event right now and something feels different.
ISM. SIG. ProcureCon. World Procurement Congress. DPW. The rooms are full, the agendas are dense, and Agentic AI is still the centre of gravity on every programme. That part hasn’t changed. What has changed is the CPO sitting in the front row. Two years ago she was leaning forward, taking notes, asking vendors how fast they could deploy. Today she’s on the panel, and she’s not talking about what AI agents can do. She’s talking about what two years of AI agent deployment has cost her and what it’s taking to unwind it.
The evangelical phase is over. We’re in the confessional phase now.
Across procurement functions in the US, Europe, and Asia Pacific, the same conversation is happening behind closed doors: we deployed agents faster than we governed them, we can’t tell you what half of them are doing or what they cost, and fixing it is consuming more budget than the agents ever saved. The phrase that keeps surfacing — in boardroom briefings, in analyst calls, in the quiet conversations at the bar after the last session ends — is one that Zycus and The Hackett Group named two years ago.
The Shadow Agent Estate.
What It Actually Is
A Shadow Agent Estate is the population of AI agents running across your enterprise that no one has inventoried, owned, or governed. Not because anyone was reckless. Because every path to building agents — DIY, embedded in tools, orchestrated as glue, or configured through an Agent Builder — defaults to isolation. Isolated agents execute tasks and stay discretionary. Nobody tracks whether they ran, what they cost, or who is accountable for the outcome.
That isolation is the liability. Not the number of agents. Not the Agent Builder itself.
Agent Debt is what that gap generates. Isolated agents execute tasks. They stay optional, discretionary, and disconnected from the processes that define outcomes. Enterprise Agentic AI delivers outcomes: multiple agents collaborating inside governed flows that are part of how work gets done. The Shadow Agent Estate is what you accumulate in the space between those two things.
Debt you can’t see is debt you can’t service.
The Era We’re Actually In
AI adoption has moved through three distinct phases, and the danger lives in the transition between the second and third.
The first phase — the assist era — was AI as co-pilot. Chat interfaces, summarisation tools, search augmentation. Then came the point agent era: teams discovered they could build agents quickly without engineering involvement, the capability multiplied fast, and governance never caught up. We are now at the leading edge of the third phase, the autonomy era, where multiple agents collaborate inside governed flows that run end-to-end without human handoffs. But most organisations entered phase three still carrying the ungoverned residue of phase two.
The Hackett Group’s 2026 North American Procurement Applied Intelligence Leadership Forum polling put a number on why. Only 17% of attendees reported moderate or advanced experience building AI agents. The other 83% were configuring agents at low maturity, using tools whose default output is a standalone task executor.
As the Zycus whitepaper put it: 2026 is the year the bill arrives. Nothing new went wrong. The point agent era simply ran long enough for the debt to become visible. Every quarter spent without governance was a quarter the interest compounded.
The 2008 Analogy is Not Hyperbole
In 2008, the global financial system didn’t collapse because of a single catastrophic decision. It collapsed under the weight of thousands of individually defensible decisions that nobody had ever mapped in aggregate. Banks had packaged mortgage risk into derivative instruments, moved them into special purpose vehicles, and treated them as off-balance-sheet. The exposures were real and growing. They were simply invisible until they weren’t.
Procurement’s Shadow Agent Estate is the same mechanism. The Hackett Group’s 2026 Future-Ready Purchase-to-Pay Quick Poll found that 69% of companies expected additional material risk from agentic AI deployment compared to traditional automation. Amy Hillcox, Senior Research Director for Procurement and Purchase-to-Pay Applied Intelligence at The Hackett Group, named the specific risks most keeping procurement leaders awake: internal adoption and trust risk (84% of respondents), incorrect or inappropriate autonomous decisions (74%), and data quality risk (72%).
How the Estate Forms: Not Negligence, Architecture
Shadow estates don’t form because organisations are careless. They form because isolation is the default output of every path to agent creation unless someone explicitly fights against it.
Zycus knows this from inside its own walls. By early 2024, our marketing team could not have produced an accurate list of every AI agent running in our name. Couldn’t tell you what each one did, who owned it, what it could access, or what it cost. This is a company that exists to help enterprises govern autonomous procurement. We sell exactly this discipline. A Shadow Agent Estate still formed inside our own organisation — not through one bad decision, but through a long run of reasonable ones made without a governing architecture to contain them.
The lesson we took: Agent Builder isn’t the problem. The problem was building isolated agents. And the fix we built into Merlin’s architecture is that every agent created is a participant in a governed multi-agent flow from the moment it exists.
The Four Ledgers Where Debt Accumulates
Ownership is the question of who answers for what an agent does. Orphaned agents. Zombie agents. The accountability gap: an agent that can send a communication, approve a transaction, or pay an invoice with no named human responsible. The Hackett Group’s 2026 leadership forum polling found that lack of ownership for outcomes was holding back AI deployment for 34% of procurement teams.
- Access is the question of what each agent can reach. Permissions accrue because widening access is always faster than scoping it. API keys scatter. Agents accumulate always-on rights to systems they interact with twice a week.
- Entanglement is the question of what each agent touches invisibly. One agent silently depends on the output of another; a change upstream breaks something downstream without warning.
- Operational debt is the question of what agents are actually doing and what it costs. Model behaviour shifts silently. No version control. No audit. Finance asks what the AI programme spent last month and nobody can produce a single number.
Twelve named failure modes across four ledgers. Each one a direct consequence of isolation.
Two Forces Narrowing the Window
The first is what the whitepaper calls the inversion: the shift in which procurement’s day-to-day work moves out of the Source-to-Pay suite interface and into agentic flows. Today, agentic flows handle intake and tail spend. Over the next 12 to 18 months they expand into sourcing, contracts, supplier onboarding, and AP. Shadow estates do not shrink as flows expand. They compound.
The second force is the board. Boards now fund outcomes, and isolated point agents structurally cannot make a board-level case. Governed agentic flows can. Isolated agents cannot.
Richard Gardner, Sr. Director, Solution Intelligence at The Hackett Group, put the historical pattern with precision: organisations have always struggled to manage the proliferation of IT complexity as they grow. The same pattern is highly likely to emerge and multiply for companies that build agents aggressively without the data maturity, governance structures, and talent to manage what accumulates. The Hackett Group’s 2026 AI Solution Providers Study reinforced where the industry gap is: 50% of procurement technology providers do not fully support the governance requirements needed for effective AI.
What Good Actually Looks Like
Every agent needs five things attached at the moment it is created:
- An owner: a named person who answers for what the agent does.
- A scope: least-privilege access, granted for the task at hand and not extended by default.
- A meter: cost attribution that makes the agent’s spend visible to finance.
- A log: a record complete enough to reconstruct what the agent did on any given day and who was accountable.
- A kill switch: one place to stop it immediately when something goes wrong.
That is what the Merlin Agentic Platform is architected to deliver: not isolated agents dispatched at individual tasks, but multiple agents collaborating inside governed flows embedded in the processes that define procurement’s outcomes.
Six Questions That Tell You Where You Stand
The diagnostic draws from the ten-question Shadow Estate Audit in the Zycus–Hackett whitepaper.
- Can you produce, in under an hour, a complete list of every AI agent running in your name — built, bought, embedded, and orchestrated?
- Do any agents in your function perform tasks without being embedded in a governed end-to-end outcome flow?
- Can an agent in your organisation send a communication, approve a transaction, or publish content with no named human answerable for what it does?
- Does at least one agent silently depend on the output of another, where a change to the upstream agent would break a downstream process without warning?
- Can you state, as a single number, what your agents cost last month — with a finance owner who can verify that figure?
- Do you have an audit log complete enough to reconstruct what a specific agent did on a specific day and who was accountable for the outcome?
Three affirmative answers means an active Shadow Agent Estate. The first move is a count: one honest list of every agent running in your name, what it can reach, what it costs, and whether it sits inside a governed flow or in isolation.
The Bill Has Arrived. The Ledger Is Still Open.
The move out of a Shadow Agent Estate is not the move from many agents to fewer. It is the move from isolated agents executing tasks to orchestrated agents delivering outcomes. That is the only move that closes the ledger. Everything else is interest accruing on debt you already owe.
The full Zycus–Hackett Group research paper The Shadow Agent Estate is available on the Zycus resource page. If your organisation is ready to assess where its estate stands, a Shadow Agent Estate diagnostic with a Zycus Merlin Platform specialist is the right starting point.
FAQs
Q1. What is a Shadow Agent Estate in procurement?
A Shadow Agent Estate is the population of AI agents operating across an enterprise — whether built, bought, embedded, or orchestrated — that runs in isolation: disconnected from each other, from the outcome flows that would give them purpose, and from any central inventory, ownership, or governance. The term and framework were defined by Zycus in collaboration with The Hackett Group’s Expert Advice in 2026. Agent Debt is the liability the Shadow Agent Estate generates.
Q2. What is Agent Debt?
Agent Debt is the compounding liability that isolation generates across four ledgers: Ownership, Access, Entanglement, and Operational, with twelve named failure modes across them. The Hackett Group’s 2026 Future-Ready P2P Quick Poll found that 69% of companies already expected additional material risk from agentic AI deployment.
Q3. What is the difference between a point agent and an agentic flow?
A point agent automates one task and stops — it is discretionary, and the process can complete without it. An agentic flow is structural: the process does not complete without the agents. The distinction is architectural, not cosmetic.
Q4. Why do Shadow Agent Estates form even in well-intentioned organisations?
Because every path to agent creation defaults to isolation unless governance is deliberately attached at the point of creation. The Hackett Group’s 2026 polling found only 17% of procurement professionals had moderate or advanced experience building agents. When 83% of the people configuring agents have low maturity and the tooling defaults to task isolation, the shadow estate is the expected output.
Q5. What are the four ledgers of Agent Debt?
Ownership debt accrues when agents are isolated from accountability. Access debt comes from permission discipline failures. Entanglement debt comes from visibility failures. Operational debt comes from financial and audit oversight failures. Every question left unanswered about an agent becomes a category of cost.
Q6. How do I know if my organisation has a Shadow Agent Estate?
Start with the count. Can you list every agent running in your name in under an hour? If not, you have a Shadow Agent Estate. The Zycus–Hackett Shadow Estate Audit maps ten diagnostic questions to the four ledgers.
Q7. What does a governed agentic estate require at the architecture level?
Every agent needs five things attached at creation: an owner, a scope, a meter, a log, and a kill switch. These must be enforced at the platform level, not bolted on afterwards. The Hackett Group’s 2026 AI Solution Providers Study found that 50% of procurement technology providers do not fully support the governance requirements needed for effective AI.
Q8. What should CPOs do first to address Shadow Agent Estate risk?
One count — not a policy document, not a platform purchase: one honest list of every agent running in your name, who owns it, what it can reach, what it costs, and whether it sits inside a governed outcome flow or in isolation.
Related Reads:



















































