AI agent governance is the discipline of making autonomous agents safe by default in production. It matters now because agents are entering companies from the bottom up. Not through procurement. Not through IT. Through individual engineers and operators who install Claude Code, wire up an OpenAI key, or deploy a custom agent on a Friday afternoon. The adoption pattern is always the same. 1 person experiments. They share it with 3 colleagues. Someone puts it on a server. A new hire gets onboarded by talking to the bot. 6 months later, 40 agents run against production data and nobody has a complete list. This is not a governance failure. It is the natural outcome of tools that are easy to build and useful immediately. Code is now free. Governance is not. The question is not "how do we slow this down". It is "what does the system need to look like so these agents are safe by default". This document is that answer. Every requirement for a complete agent governance architecture.…