The Digital Regulation Cooperation Forum (DRCF) has set out its views on the regulatory challenges posed by agentic AI.

As we have commented on previously, the DRCF was established in 2020 to bring together the Competition and Markets Authority, the Financial Conduct Authority, the Information Commissioner’s Office, and Ofcom in order to coordinate the regulation of digital services.

Last year, the DRCF published a call for views, seeking input from industry, academia, and others on the specific regulatory challenges that might arise in relation to agentic AI, a technology that has attracted significant attention in recent months.

Alongside a more detailed report setting out how the UK’s regulatory environment can help support the development of agentic AI in a responsible and safe way, the DRCF has identified the following ‘key takeaways’ from its call for views and industry roundtables that are likely to inform policy debates about future regulation:

1. Speed is outpacing assurance

Much has been written about the pace at which agentic AI is developing without adequate regulatory oversight. To close the gap, the DRCF suggests that capabilities could be released incrementally so that they can be monitored in real time.

2. Cross-regulatory coherence

Businesses are clear that there should be coherence, common standards, and practical cross-border compatibility across regulatory regimes to support competition and secure better consumer outcomes.

3. Delegation and consent

Concerns remain that AI agents will go beyond what has been asked of them. To address this, the DRCF suggests that so-called ‘human-in-the-loop’ measures such as “prominent, in-journey consent renewal” can help users retain control.

4. Platform concentration

The DRCF notes concerns about the dominance of a small number of model providers, which can create risks both in terms of competition and resilience.

5. What should be regulated?

Businesses have expressed a desire for regulation not to follow a binary model of ‘agentic/non-agentic’ tools. Instead, adopting an approach that “regulates for outcomes”, regulators are encouraged to analyse what a system does as well as its level of autonomy, and set duties that fit the risk profile.

6. Liability

The question of who is liable when things go wrong is a central preoccupation of those thinking about AI. Agentic AI poses its own problems since, as the DRCF puts it, “greater autonomy, increasing interactions and a lack of transparency in interactions in multi-agent systems and cascading errors may make it harder to establish responsibility”.

7. Literacy and Guardrails

The DRCF states that “trust is built though literacy and visible guardrails”, arguing that education, standardised terms, and cross-regulatory sandboxes can support the public’s understanding of, and confidence in, agentic AI.

8. Data protection

Whilst data protection law is technology-neutral, agentic AI will throw up its own particular challenges, particularly in relation to questions of data minimisation and transparency.

To read the DRCF’s report on the Future of Agentic AI in full, click here.