AI Agents in the Enterprise: Trust, Control, and the Swarm Problem

The most ambitious vision for enterprise AI involves multiple agents working together — a "swarm" of specialised agents that coordinate to complete complex tasks. One agent researches, another analyses, a third drafts, a fourth reviews. The orchestration of these agents is meant to produce output that exceeds what any single agent could achieve.

In theory, this is elegant. In practice, it introduces a control problem that enterprise governance frameworks are fundamentally unprepared for. When agents coordinate autonomously, the decision chain becomes opaque: which agent made which decision, based on what information, and why? When the output is wrong, which agent in the chain bears responsibility?

• Cascading errors: An error by one agent propagates through the swarm — the research agent fabricates a fact, the analysis agent builds on it, the drafting agent presents it as verified, the review agent lacks the context to catch it
• Accountability diffusion: When no single agent is responsible for the final output, accountability for errors becomes impossible to assign — a critical failure in regulated industries
• Emergent behaviours: Complex multi-agent systems can produce behaviours that no individual agent was designed to exhibit — including workarounds, shortcuts, and failure modes that weren't tested
• Audit trail fragmentation: Following the decision chain across multiple coordinating agents produces audit trails that are technically complete but practically uninterpretable

The swarm paradigm optimises for capability at the expense of transparency. For enterprises in regulated industries, this trade-off is often unacceptable.

Enterprise AI agents fail in three characteristic ways, each presenting distinct governance challenges. Understanding these failure modes is essential for any organisation evaluating agent deployment.

Failure Mode 1: Hallucination at scale. Individual LLM hallucinations are well-documented. But when an agent operates autonomously across multiple tasks, hallucinations compound. An agent tasked with researching 50 companies will hallucinate details for some of them — and without per-claim verification, those errors enter downstream decision-making processes indistinguishable from verified facts.

Failure Mode 2: Inappropriate escalation and action. Agents designed to take actions — sending emails, filing reports, making API calls — can take inappropriate actions when they misinterpret context. A compliance agent that automatically files suspicious activity reports based on misinterpreted data creates regulatory exposure, not efficiency.

Failure Mode 3: Black-box reasoning. Even when agent output is correct, the inability to explain how the agent reached its conclusion creates governance problems. Regulators require not just correct outcomes but demonstrable reasoning. An agent that produces the right answer through an unexplainable process is, for regulatory purposes, indistinguishable from an agent that was lucky.

• Hallucination: Fabricated facts that are structurally indistinguishable from verified information in the agent's output
• Escalation failures: Agents that take actions beyond their intended scope because they lack understanding of organisational context and boundaries
• Opacity: Correct outputs that cannot be explained or audited, creating regulatory risk even when the agent performs well

The architecture of an AI agent determines its governance properties more than any policy or procedure applied after deployment. Two fundamentally different approaches are competing in the enterprise market, with dramatically different implications for trust and control.

Monolithic agents are large, general-purpose systems that attempt to handle entire workflows end-to-end. They take a complex task, decompose it internally, and return a final output. The advantage is simplicity of deployment. The disadvantage is that the internal reasoning is opaque, error attribution is impossible, and the system's behaviour on novel inputs is unpredictable.

Atomic agents are specialised, single-purpose components that each handle one well-defined task with clearly specified inputs and outputs. They can be composed into workflows, but each component is independently testable, auditable, and replaceable. The advantage is transparency and control. The trade-off is that composition requires more deliberate design.

• Testability: Atomic agents can be tested against specific inputs with expected outputs — monolithic agents can only be tested against the final result of a complex process
• Error attribution: When an atomic agent produces incorrect output, the failure point is immediately identifiable — monolithic agents require forensic analysis of internal reasoning chains
• Incremental deployment: Atomic agents can be deployed one at a time, with each addition validated before proceeding — monolithic agents are all-or-nothing
• Regulatory defensibility: Atomic agents produce audit trails that map to specific, explainable operations — monolithic agents produce complex, often opaque reasoning traces

For regulated enterprises, the atomic approach is not just preferable — it may be the only architecture that meets regulatory expectations for transparency, auditability, and human oversight.

Grep's approach to AI-powered research reflects the atomic agent philosophy applied to enterprise research. Rather than deploying a monolithic system that ingests a question and outputs an answer through an opaque internal process, Grep uses specialised research agents — each responsible for a specific, well-defined task — that produce independently verifiable output.

Critically, Grep's agents are non-orchestrated in the traditional sense. They don't autonomously coordinate or delegate to each other. Each agent performs its specific research function, produces cited output, and the results are assembled with human visibility into every step. This eliminates the swarm problem entirely: there is no opaque coordination layer where accountability diffuses.

• Single-purpose agents: Each research agent handles one research task — sanctions screening, corporate registry verification, adverse media analysis — with testable, auditable output
• Citation verification: Every factual claim produced by any agent is verified against primary sources before it enters the research output — eliminating hallucination propagation
• Transparent composition: The assembly of multi-agent research into final output is visible and auditable — users can see which agent produced which finding
• Human-in-the-loop by design: Grep presents findings to human analysts for evaluation and decision-making — it never takes autonomous action beyond research

This architecture is not the most ambitious vision of enterprise AI agents. It is, however, the most governable — and in regulated industries, governability is the feature that matters most. Grep demonstrates that enterprises can deploy AI agents that are powerful, transparent, and auditable simultaneously. The trade-off between capability and control is a design choice, not an inevitability.