For most of 2024 and 2025, the conversation about AI in the enterprise stayed comfortably above the execution line. Agents summarized meetings, drafted emails and answered questions about a knowledge base. They were assistants. They did not touch the general ledger.
That changed in 2026. The June 26 ERP Today analysis "Who Governs AI Agents When Workflows Cross Enterprise Platforms?" frames the shift directly: **HCLTech, Google Cloud and ServiceNow are now embedding agents in field-service, customer-experience, manufacturing-floor and IT-operations workflows** — agents that are not advising operators but **executing transactions inside the systems of record**. The same article notes the arrival of Priority Software's "aiERP Companion" in **Priority ERP 26.0**, where agents **create journal entries, post receipts, process supplier invoices and handle purchase orders end-to-end**, with approval gates and an auditable trail.
On the control-plane side, **Microsoft Agent 365 reached general availability** in 2026, positioning itself as the cross-cloud layer to **discover, govern and secure agents across Microsoft, AWS and Google Cloud** environments — explicitly not just Microsoft tenancies. KPMG's June 9, 2026 announcement that it is **rolling out Agent 365 to approximately 276,000 employees** is the largest single deployment yet disclosed and the clearest signal that the agent-management market has moved from pilot to platform.
The aggregate forecast is the part that should reach the audit committee. **Gartner's published projection is that roughly 40% of enterprise applications will embed AI agents by the end of 2026**, up from under 5% in 2025. That is not a curve; it is a step function. And it is happening while the governance plane is still being assembled — **Cyberhaven published its agentic-governance framework on June 20, 2026**, one of the first vendor frameworks specifically built for agent identity, action authorization and exfiltration control across platforms.
This article is a practical read of that landscape for a mid-market buyer — the CIO or COO of a 200-to-2,000-person company who is being told by software vendors that agents are now available in their ERP, CRM and ITSM, and who needs to decide what to govern, who governs it, and what to build versus buy.
The structural problem is simple to state and hard to solve. A modern transaction does not live inside a single platform. A typical order-to-cash cycle touches:
In the 2024 model, a human moved the work across those systems. The audit trail was the human user-id appearing in each system's log. Governance was a problem of role-based access control inside each platform.
In the 2026 model, the work is moved by an **agent**, often by **several agents from different vendors** chained together. The agent in the ERP holds the credential that posts the journal. The agent in the CRM holds the credential that closes the opportunity. The agent in the ITSM holds the credential that provisions the cloud account. Each platform sees a valid authenticated principal. **No single platform sees the end-to-end transaction.**
That is the gap. The execution layer is now distributed across vendors that ship their own agent runtimes, their own agent identities and their own audit logs — and that do not, by default, share a common control plane. The Microsoft Agent 365 GA is the first credible attempt at that control plane; the ServiceNow AI Control Tower, Google Agentspace and the Cyberhaven framework are adjacent attempts from adjacent angles. None of them is yet a market consensus.
For a non-executing assistant, governance reduces to data access — what can the model see, where does it store the conversation, who logged the prompt. For an executing agent, governance has to answer five additional questions, every time the agent acts:
Every one of those questions has historically been answered inside a single platform for a single human user. In the 2026 cross-platform agentic stack, every one of them has to be answered across platforms, across vendors and across agent runtimes — and answered fast enough not to block the transaction.
This is what the ERP Today article means when it argues that the execution layer is fragmenting before it is governed.
A Fortune 100 company can fund an internal AgentOps platform team, write its own policy engine and force its strategic suppliers to integrate with it. A 500-person company cannot. The mid-market buyer faces three uncomfortable facts simultaneously:
The pragmatic answer for the mid-market is not to wait for a standard that will arrive in 2028. It is to **build a thin, opinionated governance layer now**, on top of what the vendors ship, and treat it as a permanent operational capability — not a project.
A mid-market governance program that holds up under a 2026 audit covers eight controls. None of them is exotic; the discipline is in operating all eight continuously.
This program is achievable inside two quarters for a mid-market company. It is not achievable as a side-of-desk task for the existing IT team. It needs a small number of engineers — typically two to four — whose entire job is AgentOps, plus access to the AppSec and identity disciplines.
Three roles need to be filled. The buyer rarely fills all three internally.
Our position at Call IT Dev — and the reason we are publishing this analysis — is that the nearshore Morocco model fits the mid-market constraint better than either pure-onshore consulting or pure-offshore staffing. Senior engineers in Casablanca and Rabat operate inside Central European business hours, two hours by flight from Frankfurt and Paris, at a loaded rate that lets a mid-market buyer afford the dedicated AgentOps function the program requires. We discussed the broader nearshore staffing economics in our companion piece on [software supply-chain security and the secure SDLC](/en/blog/software-supply-chain-security-npm-secure-sdlc-2026), which shares the same delivery model.
Concretely, an engagement that holds up under audit usually combines:
Two predictions that are reasonable to make and worth stating because they affect the buy decision today.
First, the governance plane will not consolidate to a single winner by end-2026. Microsoft Agent 365 will dominate the Microsoft-first estate. ServiceNow will dominate the ITSM-first estate. The hyperscalers will dominate their own clouds. ERP vendors will ship their own agent governance inside their own platforms. The mid-market buyer who waits for one platform to win will, at the end of 2026, still be waiting.
Second, the audit profession will catch up faster than expected. The Big Four are already publishing internal guidance on auditing agentic transactions. By the FY2026 close, expect external auditors to ask, in a non-rhetorical way, for the agent inventory, the action authorization policy and the provenance trail. The buyer who can produce them in fifteen minutes will close the audit cleanly. The buyer who cannot will spend a quarter recreating them from logs.
The execution layer has arrived. The governance question is no longer whether to govern it — it is who, and on what schedule.
${CTA_AGENT_GOV}
**Sources:** ERP Today, "Who Governs AI Agents When Workflows Cross Enterprise Platforms?" (26 June 2026); Priority Software, Priority ERP 26.0 / aiERP Companion release notes; Microsoft, Agent 365 GA announcement; KPMG, Agent 365 deployment announcement (9 June 2026); Gartner, published projection on enterprise application agent embedding; Cyberhaven, Agentic Governance Framework (20 June 2026).
It means agents are no longer drafting suggestions for a human to action. They are posting journal entries, raising purchase orders, processing supplier invoices and closing CRM opportunities inside the systems of record. The ERP Today analysis of 26 June 2026 frames this shift directly around Priority ERP 26.0 aiERP Companion, HCLTech, Google Cloud and ServiceNow embedded-agent deployments.
It is the strongest 2026 control plane for Microsoft-rooted agents and provides cross-cloud discovery for AWS and Google Cloud. It is not yet a complete substitute for ERP-vendor governance or for third-party agent runtimes. Treat Agent 365 as the cross-cloud control plane and pair it with platform-native controls inside the ERP, CRM and ITSM.
Per Gartner's published projection, roughly 40% of enterprise applications will embed AI agents by the end of 2026, up from under 5% in 2025. KPMG's 9 June 2026 rollout of Microsoft Agent 365 to approximately 276,000 employees is the largest disclosed single deployment so far.
An agent registry — a live inventory of every production agent, its owner, identity, data scope, action scope and monetary threshold. Without it, you cannot govern, audit or revoke. With it, every other control becomes operable.
A mid-market program needs two to four dedicated AgentOps engineers continuously, plus integration and CRM/ERP capacity. Most 200-to-2,000-person companies cannot economically staff this in-house, which is why the nearshore pod model exists.
Big Four firms are publishing internal guidance now. Expect FY2026 external audits to ask for the agent inventory, the action authorization policy, the provenance of agent decisions and the cross-platform trace. Buyers who can produce them in fifteen minutes close cleanly; buyers who cannot spend a quarter recreating them from logs.
Because the work is continuous, requires Central European business-hour overlap, and combines integration, AgentOps and CRM/ERP customization skills that are scarce and expensive onshore. Senior Morocco engineers operate in CET year-round, two hours by flight from Frankfurt, at a loaded rate that lets a mid-market buyer afford the dedicated function the program requires.
CALL IT DEV — Software, AI and dedicated tech teams — Casablanca | Madrid | Dubai — contact@callitdev.com — +212-537-373777