You Can't Solve Reliability Without Governance
You Can’t Solve Reliability Without Governance
I’m at Microsoft Build 2026 and one theme keeps surfacing in every conversation I have. Not observability. Not tooling. Not model selection. Organizations aren’t failing AI adoption because they can’t see what’s happening. They’re failing because they can’t act on what they see.
I’ve watched this pattern play out enough times that I can describe it before it happens.
New operational tooling arrives. It works. The instrumentation is clean, the signal is real, the dashboard reflects actual system behavior. The team that built it did everything right. And then adoption stalls. Not immediately. It usually takes six to eighteen months before everyone admits it. But the stall was visible from the beginning to anyone who knew what to look for.
Infrastructure monitoring. SRE. Cloud governance platforms. AI operations tooling. The technology changed each cycle. The organizational failure mode didn’t.
The current generation of AI reliability platforms is technically excellent. Detection is sophisticated. Root cause analysis is useful in ways that traditional monitoring never was. Automated remediation proposals close a loop that used to require hours of manual investigation. The teams building in this space are solving real problems well.
But there’s a boundary where every reliability platform stops. It stops at the code. And the problem your customers are actually experiencing extends past it.
The technical loop closes. The organizational loop was never built.
What Reliability Tooling Actually Solves
AI agents fail in ways that are difficult to detect. They don’t crash. They don’t throw exceptions. They produce outputs that are wrong in ways that require judgment to identify. An agent that selects the wrong order, repeats the same response to an increasingly frustrated user, or attempts a tool call for an unsupported operation doesn’t trigger any of the alerts that traditional infrastructure monitoring understands.
The reliability platforms being built right now detect this category of failure. They track task adherence. They surface user frustration patterns. They catch misrouted requests. They cluster failure modes you didn’t think to look for. They trace failures to their root cause and propose fixes, sometimes opening a pull request automatically.
This category of tooling is hard to build and valuable when it works. Catching agent failures before users complain, diagnosing the exact spans and tool calls that contributed. These are capabilities that didn’t exist two years ago.
The technical loop closes. Signal detected. Root cause identified. Fix proposed. Pull request opened.
And then someone has to decide whether to merge it.
The Decision the Platform Can’t Make
Here’s where the pattern breaks.
Your agent failed 18% of task adherence checks last week. The platform caught it. The root cause traces to how the model handles semantically similar fields in the schema. A prompt change is proposed. The pull request is waiting.
Three questions that failure rate cannot answer for you:
Should this agent’s authority be reduced while the fix is evaluated? Should the criteria that define acceptable task adherence be adjusted? Or does 18% indicate the use case should be reconsidered entirely?
Those aren’t engineering questions. They are authority delegation questions. Someone gave this agent the authority to act autonomously on behalf of users. That delegation was a decision. Responding to evidence that the delegation may have been premature, or that it needs to be scoped differently, is also a decision. It requires a human with named authority, operating inside an accountability structure, against criteria that were defined before the agent was deployed.
The platform cannot make that call. It wasn’t designed to. It surfaces what happened. It cannot tell you what the organization should do about what happened.
Without the organizational structure to receive and act on the signal, the pull request sits. The failure rate persists. The dashboard shows the problem clearly and nothing changes.
Reliability tooling catches what went wrong. Governance determines what happens next.
Authority Delegation Is the Unsolved Problem
The progression from human-assisted to autonomous operation seems simple when you describe it technically. The agent suggests actions. Humans validate. Success rates accumulate. Authority expands incrementally as evidence justifies expansion.
What sounds like a product feature is actually an organizational commitment.
Who has the authority to advance an agent from suggesting actions to executing them? What failure rate triggers a rollback versus a criteria adjustment? When the agent starts failing in auto mode, who makes the call to step it back? More importantly, will they actually make it, or will they wait for someone else to decide first?
These questions require named accountability. Named accountability requires an organization willing to assign it, which requires leaders who treat accountability as ownership of learning rather than ownership of blame. In environments where failure is career-limiting, nobody volunteers to own the gate. The agent sits in suggest mode indefinitely. The reliability metrics stay green. Adoption stalls anyway.
I watched this exact pattern kill SRE adoption. The tooling was sound. The error budgets were mathematically valid. The dashboards showed exactly what was happening in production. But error budgets without enforcement authority are just math, and enforcement authority evaporated the moment a Head of Product needed a deployment approved and found a way around the restriction. The feedback loop never closed because nobody owned the decision to close it.
AI reliability tooling is approaching the same wall. The technical loop closes. The organizational loop remains unbuilt: who acts on the signal, with what authority, under what accountability. That is the part no product installs.
You can instrument accountability. You cannot instrument the willingness to be accountable.
What This Looks Like in Practice
Across managed services environments, the pattern is consistent. The organizations getting the most from operational tooling share a trait. They came in with organizational structure already behind the deployment. Criteria for what failure means were defined before the agent went live. Someone with authority owns the rollback decision. The team operates in an environment where surfacing a problem is treated as useful information, not evidence of poor performance.
The organizations that struggle aren’t struggling because the tooling is wrong. The signal is accurate. The root cause analysis is sound. I’ve watched teams stare at accurate dashboards and do nothing, not because they disagreed with the data but because nobody in the room had the authority to act on it. Nobody defined what failure thresholds mean for authority decisions. Nobody was named as the person who acts on threshold violations. Nobody was empowered to make an uncomfortable call about an agent the business was excited about. And nobody asked whether these decisions should have been made before the agent went live.
The reliability platform surfaces that gap faster than anything else could. The value isn’t that it solves the problem. The value is that it makes the problem impossible to ignore. Before the tooling, organizations could tell themselves the agents were probably working fine. After, the specific failure modes are visible and documented and the absence of response to them is also visible.
Here’s what makes this frustrating. Traditional operations already solved this problem.
A monitoring system detected an anomaly. Humans evaluated against metrics. The evidence was clear. They acted. The authority to act was derived from the evidence itself, not from a committee or a policy document. The proof was right there on the screen and someone owned the response.
Automated remediation took it further. Auto-scaling, auto-failover, automated runbook execution, self-healing infrastructure. These systems acted autonomously on behalf of humans, within defined parameters, against observable criteria. Organizations delegated human authority to systems decades ago. It worked because the governance model evolved alongside the automation. When auto-scaling rules needed adjustment, someone owned that decision. When a runbook produced an unexpected outcome, someone investigated and recalibrated. The feedback loop was built into the operating model.
For some reason, the introduction of “AI” broke the pattern. Organizations that had no trouble delegating authority to automated systems suddenly froze when the word “agent” entered the conversation. The same organizations that let auto-remediation restart services at 2am without human approval now can’t decide who has authority to let an agent classify a support ticket.
What changed wasn’t the delegation model. What changed was perception. Organizations started prescribing human characteristics to a probabilistic system. They started asking whether to “trust” the agent instead of asking whether the observable criteria justified expanding its authority. They treated AI as something fundamentally new when it is, at its core, a different level of automation and a continuation of the same authority delegation pattern they’ve been operating for years.
The governance model should have evolved with the systems. Instead, it regressed.
The tool did its job. The organization revealed itself.
What This Means for Founders Building in This Space
The category of AI reliability tooling stops at the code boundary by design. That’s a scope decision. But the organizations buying it will not always understand where the product’s responsibility ends and their own organizational responsibility begins.
I had a conversation recently with a founder building in this space. Sharp, technically deep, backed by serious investors. We talked about confidence engineering and what happens when the dashboard works but the organization doesn’t act. The conversation shifted when I said something simple: you can’t solve reliability without governance. Not because the reliability tooling is incomplete. Because the problem the customer is actually experiencing extends past the code boundary into authority, accountability, and organizational structure.
When adoption stalls despite accurate signal and valid recommendations, the instinct will be to improve the tooling. More sophisticated detection. Faster fix proposals. Those are reasonable improvements. They’ll help at the margin. The actual problem will be that nobody in the customer organization has authority to act on what the tooling surfaces.
The founders who understand this early will ask a different question in customer conversations. Not just “do you have agents failing in production?” but “do you have the organizational structure to act on what you learn?” That second question surfaces the real obstacle before it becomes a churn problem that has nothing to do with product quality.
The organizational loop is where AI adoption succeeds or dies. Whether that represents a product direction or a customer readiness conversation is a decision each founder has to make for themselves. Ignoring it means the platform absorbs blame for a problem it was never built to solve.
The founders who understand both halves of the equation early will build the right product and find the right customers. The rest will wonder why technically excellent platforms sit in dashboards nobody acts on.
The Gap Is Organizational, Not Technical
The observability is achievable. Catching failures, diagnosing root causes, closing the technical loop. The industry is solving this well. The hard part was always what comes after the signal.
Signal without authority is noise with better formatting.
AI adoption succeeds when organizations build both loops: the technical loop that detects and proposes, and the organizational loop that decides and acts. The reliability platform owns the first loop completely. The second loop requires governance structure, accountability that enables action rather than preventing it, and the organizational preconditions that make accountability function. None of which arrive in a pull request.
Every generation of operational tooling has hit this wall. Infrastructure monitoring surfaced what was broken. SRE formalized how to measure it. Cloud governance attempted to control it. DevOps tried to bridge the gap between building and operating. The technology improved every cycle. The organizations that couldn’t act on evidence stayed broken anyway.
AI reliability tooling is next. The signal has never been cleaner. The question is whether anyone on the other side of the dashboard has the authority and the willingness to do something about it.
That question has never been a product problem. It has always been a leadership one.
If this framing resonated, the Confidence Engineering series goes deeper on the framework for staged authority expansion and what makes AI governance operational rather than decorative. The AI Observability series covers the instrumentation foundation that makes the technical loop possible.
Photo by Yuval Zuckerman on Unsplash