The current federal AI governance framework

    Federal agency use of AI is currently governed by OMB Memorandum M-25-21, "Accelerating Federal Use of AI through Innovation, Governance, and Public Trust," issued in early 2025 under Executive Order 14179. The memo supersedes the prior M-24-10 framework. Its stated intent is to remove unnecessary barriers to AI adoption across government while maintaining accountability, and it does this primarily by requiring each covered agency to establish an Agency AI Governance Board. This board may be a new body or an existing governance structure repurposed for this role, and it is responsible for overseeing the agency's AI use on an ongoing basis.

    Alongside the governance board requirement, agencies must develop and publicly post a Compliance Plan on a recurring cycle. The plan must demonstrate either alignment with the memo's requirements or include a formal determination that the agency does not use AI covered by the policy. Agencies are also directed to establish a Generative AI Policy governing acceptable use, safeguards, and oversight for generative and agentic AI tools specifically. This reflects the reality that these systems introduce distinct risks compared to earlier, narrower AI applications.

    The substantive risk management requirements center on what the memo calls "high-impact AI," defined as use cases where the AI's output meaningfully affects rights, safety, or significant agency decisions. For these, agencies must implement a set of minimum risk practices:

    • Pre-deployment testing
    • Documented AI impact assessments
    • Ongoing performance monitoring after deployment
    • Human training and oversight
    • Defined remedies or appeals processes for those affected by AI-driven decisions
    • Mechanisms for stakeholder feedback

    Agencies are also expected to maintain discontinuation plans for high-impact AI that underperforms, and to report their AI use case inventory and compliance status to OMB on an ongoing basis, not solely at initial deployment.

    Key distinction

    Ongoing reporting, not one-time approval

    M-25-21 explicitly frames compliance as a continuous posture. Agencies must maintain current AI use case inventories and report compliance status to OMB on a recurring cycle rather than satisfying requirements once at deployment and treating them as complete.


    Core obligations at a glance

    The following table summarizes the three primary structural requirements M-25-21 imposes on covered agencies and what each involves in practice.

    Requirement What it involves Timing
    Agency AI Governance Board A designated body responsible for overseeing the agency's AI use, either newly created or adapted from an existing governance structure. Generally required within 90 days of the memo's applicable timeline
    Compliance Plan A public document demonstrating alignment with federal AI policy requirements, or a formal determination that the agency does not use covered AI. Published and updated on a recurring cycle
    Generative AI Policy An internal policy governing acceptable use, safeguards, and oversight for generative and agentic AI tools specifically. Established and maintained on an ongoing basis
    High-Impact AI Risk Practices Pre-deployment testing, impact assessments, ongoing monitoring, human oversight, appeals processes, and stakeholder feedback mechanisms for high-impact use cases. Applied before deployment and maintained continuously

    Why agentic AI raises the stakes for these requirements

    The minimum risk practices in M-25-21 were written broadly enough to apply to any AI system. Agentic AI, however, makes several of these requirements substantially harder to satisfy with static documentation alone. The difference lies in what "agentic" means: rather than generating outputs that a human then acts on, agentic systems can take actions themselves, often across multiple connected systems, without requiring human review at each step.

    Ongoing performance monitoring becomes operational, not evaluative

    For a model that produces text for human review, ongoing monitoring is primarily an evaluation problem: you sample outputs and assess their quality periodically. For an agent that independently executes actions across systems, monitoring requires continuous visibility into what the agent actually did in production. Periodic evaluation of test-environment outputs is no longer a meaningful substitute. Agencies need audit trails that capture what actions were taken, under what conditions, with what approvals, and with what outcomes, in real time or close to it.

    Human oversight requires deliberate engineering

    The requirement for human training and oversight assumes a meaningful human checkpoint exists somewhere in the process. For agentic systems capable of acting autonomously, that checkpoint has to be engineered deliberately. This means building approval workflows for high-impact actions, defining clear escalation paths, and establishing explicit limits on what an agent can do without human sign-off. It cannot be assumed to exist simply because a human was nominally "in the loop" during the design or procurement stage.

    Accountability and reporting become continuous obligations

    Producing evidence for an AI use case inventory or a compliance demonstration is relatively straightforward when the AI system's behavior is fixed and reviewed once at deployment. It is considerably harder when the system in question is an autonomous agent whose behavior can vary based on context, connected tools, and the specific inputs it encounters at runtime. The inventory and compliance reporting obligations in M-25-21 assume agencies will maintain current, accurate information about deployed AI, which is exactly the situation runtime logging and audit trails are designed to address.

    Practical implication

    Point-in-time documentation is not sufficient for agentic systems

    A governance board reviewing an agentic AI deployment needs current evidence of how the system is behaving, not just a record of how it was designed. This creates a direct operational requirement for continuous logging, policy enforcement records, and monitoring data that can be produced on demand rather than assembled retroactively before a reporting deadline.

    Practical steps for agencies deploying agentic AI

    The following practices follow directly from the requirements in M-25-21 and address the specific challenges that agentic systems introduce. They are intended as a starting point for agencies working through compliance planning, not as an exhaustive implementation guide.

    • Classify each agentic AI use case against the memo's high-impact criteria before deployment, not after an incident prompts a review. The classification determines which minimum risk practices apply and at what level of rigor.
    • Build continuous performance monitoring into the deployment itself rather than relying on periodic manual evaluation. For agentic systems, this means capturing action logs, decision traces, and policy enforcement records as part of normal system operation.
    • Engineer explicit human oversight checkpoints for any agent capable of independent action, with the checkpoint location and approval threshold tied to the assessed risk level of the specific action type, not applied uniformly across all agent behavior.
    • Maintain audit-ready logs of agent actions, approvals, and policy decisions that can be produced quickly for OMB reporting or an accountability review. Retroactive log reconstruction is both time-consuming and less reliable than records generated at runtime.
    • Revisit discontinuation criteria and thresholds for high-impact AI on a defined schedule, consistent with the memo's expectation of ongoing risk management rather than a one-time deployment approval.
    • Ensure that impact assessments are updated when the agent's capabilities, connected tools, or authorized action scope change materially, not only at initial deployment.

    Implementation guidance

    Agencies should treat the Agency AI Governance Board's oversight role as an ongoing operational function, not a one-time approval gate. That means the board needs a reliable, continuously updated source of information about what agentic AI systems are deployed, what actions they are authorized to take, and how their performance is trending. Compiling this information manually across multiple systems and teams on a recurring cycle is difficult; building it into the deployment architecture from the start is more tractable.

    Given the memo's emphasis on proportional risk management, agencies benefit from establishing a consistent method for classifying AI use cases by impact level early in the process, so that the appropriate minimum risk practices are applied consistently rather than negotiated case by case. This also simplifies the public Compliance Plan process, since use cases can be grouped by the controls already documented for their impact tier rather than described individually from scratch.

    Finally, agencies should build toward runtime evidence generation as the default posture for agentic AI deployments. Audit trails, policy enforcement records, and monitoring data produced automatically as agents operate, rather than assembled retroactively when a report is due, directly support the accountability and reporting obligations in M-25-21. They also give the governance board the operational visibility the memo assumes agencies will maintain, and provide the foundation for the appeals and feedback processes required for high-impact use cases.

    Questions about federal AI agent governance

    Which agencies does M-25-21 apply to?

    M-25-21 applies to CFO Act agencies, which are the 24 major federal departments and agencies subject to the Chief Financial Officers Act of 1990. Other agencies are encouraged to align with the memo's requirements, but the mandatory compliance obligations, including the governance board, Compliance Plan, and Generative AI Policy requirements, apply specifically to CFO Act agencies.

    How does M-25-21 define "high-impact AI"?

    The memo defines high-impact AI as use cases where the AI's output meaningfully affects rights, safety, or significant agency decisions. This is intentionally broader than earlier frameworks and is meant to capture a wide range of AI applications where errors or failures could have material consequences for individuals or government operations. Agencies are expected to apply their own judgment in classifying use cases against this standard, with the classification determining which minimum risk practices apply.

    What is the difference between M-25-21 and the prior M-24-10 framework?

    M-25-21 supersedes M-24-10 and reflects a policy shift toward removing barriers to AI adoption while maintaining accountability through governance structures rather than case-by-case approval processes. The new framework places more emphasis on enabling agency AI use at scale and less on individual use case gatekeeping. The governance board, Compliance Plan, and Generative AI Policy requirements are new or restructured relative to M-24-10, and the framing of compliance as a continuous posture rather than a point-in-time review is more explicit in M-25-21.

    Are commercially procured AI agents subject to these requirements?

    Yes. The requirements in M-25-21 apply to AI used by the agency regardless of whether it is built in-house, procured from a commercial vendor, or accessed through a cloud service. Agencies remain responsible for ensuring that high-impact AI use cases, including those powered by commercial AI products, satisfy the applicable minimum risk practices. Vendor documentation or certifications may provide useful inputs, but they do not substitute for the agency's own compliance obligations.

    What does "ongoing performance monitoring" mean for an agentic AI system?

    For agentic AI systems, ongoing performance monitoring requires continuous visibility into what the agent is actually doing in production, not just periodic evaluation of its outputs in a test environment. This means capturing action logs, decision traces, and the results of agent-initiated actions in real or near-real time, so that the governance board and responsible officials can assess whether the system is performing within expected parameters and flag anomalies as they occur rather than after the fact.

    What should a discontinuation plan for high-impact AI include?

    M-25-21 requires agencies to maintain discontinuation plans for high-impact AI that underperforms, but does not prescribe a specific format. In practice, a useful discontinuation plan should identify the conditions or thresholds that would trigger discontinuation, describe the process for taking the system offline and transitioning affected functions to alternative processes, address any data or audit obligations that persist after discontinuation, and assign responsibility for executing and documenting the discontinuation decision. These plans should be reviewed periodically rather than treated as static documents.

    Generate the runtime evidence federal AI policy requires

    See how continuous audit trails and policy enforcement records support Compliance Plan reporting and AI Governance Board oversight for agentic AI deployments.

    Book a Demo

    Ready to govern your AI in production?