Thirty-five days.
That’s the window before Colorado’s AI Act (SB 26-189) takes effect on June 30, imposing duty-of-care, risk mitigation, and algorithmic discrimination disclosure requirements on developers and deployers of high-risk AI systems operating in the state. For companies that have spent the past year deploying autonomous AI agents across enterprise workflows, this deadline arrives with a compliance gap that most programs haven’t specifically addressed: they can’t prove who authorized the agent’s actions.
Call it the attribution gap.
An AI agent takes an action, submits a form, modifies a record, sends a communication, triggers a downstream workflow. Who authorized it? The engineer who configured the system? The manager who approved the deployment? The vendor whose orchestration platform the agent runs on? Under Colorado SB 26-189’s duty-of-care standard, deployers of high-risk AI systems are expected to take reasonable steps to protect consumers from algorithmic discrimination and document their risk mitigation processes. “The agent did it” isn’t a risk mitigation process.
This isn’t a new theoretical concern. It’s a concrete gap in how most agentic deployments were designed. Agents were configured for capability, not accountability. The authorization chain, who approved this action, at what scope, under what conditions, often doesn’t exist as a documented artifact. It exists as an assumption.
Who This Affects
The EU AI Act compounds the urgency. General provisions become binding on August 2, roughly 10 weeks from today. High-risk system requirements take full effect December 2, 2027. The EU’s accountability framework requires AI system traceability in a way that maps directly onto the authorization gap problem: if you can’t produce documentation of how your system’s actions were authorized and overseen, you’re facing questions from two regulators across two jurisdictions.
Five additional frameworks are already enforceable and already have provisions that reach agent authorization. According to analysis by identity and access management vendors including Okta, the attribution gap intersects with SOX, CCPA, SEC cybersecurity disclosure rules, GDPR, NIS2, and DORA, each of which contains accountability and recordkeeping requirements that agent deployments can implicate. This is a vendor-framed analysis, not an independent regulatory finding, and enterprises should validate their specific exposure with qualified legal counsel. But the underlying frameworks are real, they’re enforceable, and the gap they’re pointing at is real too.
The governance maturity context is worth acknowledging here. Survey data cited by AI workflow vendors, attributing findings to HFS Research and Infosys, suggests most enterprises are still in early stages of formalizing AI governance programs, though that figure hasn’t been independently verified through the primary research. The direction is consistent with what compliance practitioners are reporting on the ground: governance frameworks that addressed AI in broad strokes are now being tested against agentic deployments specifically, and they’re not ready.
Don’t expect a 35-day sprint to close the gap entirely. What June 30 demands is a documented posture, evidence that your organization has assessed the authorization risks in your agentic deployments and taken reasonable steps to address them. That’s not a software problem. It’s a documentation and governance problem, and it’s solvable faster than a full compliance build.
What to Watch
The catch is that “reasonable steps” requires knowing which agents are deployed, what decisions they can make autonomously, and whether there’s a human-in-the-loop mechanism for decisions that carry significant consequences. Most enterprises deploying agents over the past 18 months don’t have that inventory.
TJS has covered the broader patchwork compliance challenge that enterprises face as state and international AI laws pile up without federal coordination. The attribution gap is the specific technical manifestation of that problem for agentic deployments, and Colorado just set a hard date on addressing it.
TJS synthesis
The compliance programs that survive the Colorado deadline won’t necessarily be the ones that built the most comprehensive governance frameworks. They’ll be the ones that asked the right question first: for each agent we’ve deployed, can we show who authorized its actions and under what conditions? Start there. The rest follows.