Agentic artificial intelligence is changing where operational authority is formed inside the firm. Autonomous systems no longer just automate decisions; they resolve at runtime how regulated terms and policies apply to a specific action before it is taken. For institutions, the governance challenge is no longer whether they can automate reasoning, but whether they can retain authoritative control over the operational interpretations under which autonomous systems act. Existing governance families, model risk management, security, workflow orchestration, and input and output controls, each govern a defined surface. None governs the reasoning layer, where an authorized agent acting within its permissions can resolve a regulated term the institution never sanctioned and carry the firm into a decision it never intended. This paper defines that reasoning layer as a governable surface and sets out how to govern it at runtime, situating that work within existing supervisory, governance, and banking-control frameworks. It introduces Runtime Semantic Divergence, the single-decision condition in which an agent's runtime operational interpretation diverges from the institution's authorized Reasoning Baseline, and distinguishes it from the cumulative effect of Agentic Workflow Drift and the enterprise risk surface of Agentic Workflow Subversion. It also bears on the inference economics that have made agentic deployment cost difficult to justify. By resolving authority before the agent acts, it provides a governance-grounded basis for reserving heavyweight semantic reasoning for high-consequence workflows and halting divergent ones before their downstream reasoning and remediation cost accrues. To govern this exposure it defines the Semantic Control Plane: an Ontology that holds the authorized Reasoning Baseline, a Semantic Layer that evaluates the agent's runtime interpretation against it, and a Knowledge Graph that governs propagation across multi-agent workflows, operating through a Pre-Execution Assurance Protocol that decides whether execution authority may be emitted before the agent acts. This approach complements rather than replaces existing controls. It integrates with model risk management under SR 11-7 and SR 26-2, the Three Lines of Defense, and established banking control structures, and develops the failure modes, evidence artifacts, and worked scenarios supervisory review requires. Its contribution is threefold: it defines the reasoning layer as a governable object and introduces a Runtime Governance Applicability Test for where such governance applies; it defines the Semantic Control Plane and its Pre-Execution Assurance Protocol; and it situates reasoning-layer governance within existing supervisory and control frameworks. The paper is a conceptual architecture specification, not an empirical study, and it closes by setting out the evaluation agenda required to test and supervise the architecture in practice.
Maureen Doyle-Spare (Thu,) studied this question.