Interactive Companion — Know Your Agent | iProDecisions Research Issue 04

Interactive Calculator

KALIB Readiness Score

Rate your institution across the six KALIB layers. Adjust each slider to reflect your current implementation maturity. Your composite readiness score and prioritized action recommendations update in real time.

K — Knowledge Layer · Agent Registry & Identity

Agent Inventory Completeness0%

Human Sponsor Designation0%

DID / Verified Credential Issuance0%

A — Authentication Layer · Credential Management

Static API Key Elimination0%

Task-Scoped Token Implementation0%

SPIFFE / Workload Attestation0%

L — Lifecycle Layer · State Machine Governance

Formal Agent Lifecycle Policy0%

Automatic Credential Expiry on Completion0%

I — Intent Layer · HITL Gates & Scope Validation

Hardcoded HITL Gate Implementation0%

Task-Level Scope Validation0%

B — Behavior Layer · Continuous Monitoring

Real-Time Agent Behavior Monitoring0%

Probabilistic Baseline Modeling0%

L — Lineage Layer · Audit Chain & Examiner Reconstruction

Immutable Delegation Chain Logging0%

24hr Examiner Reconstruction Capability0%

FATF Travel Rule Extension Coverage0%

Composite KALIB Score

/ 100

● Unprotected

Priority Recommendation

Adjust the sliders to reflect your institution's current KYA implementation maturity across each KALIB layer.

Framework Explorer

The KYA Framework — Four Pillars

Select each pillar to explore its governance mandate, technical requirements, primary sources, and the specific compliance failure it prevents. Synthesized from NIST NCCoE, IMF Notes 2026/004, Singapore IMDA, and MetaComp StableX frameworks.

Pillar 01

Agent Identity & Registration

Know what the agent is — before it acts

Pillar 02

Authority & Permission Control

Scope what the agent can do — per task

Pillar 03

Behavior Monitoring & Risk Intelligence

Verify what the agent does — continuously

Pillar 04

Ecosystem & Interaction Governance

Govern what the agent touches — including other agents

Data Visualization

The Governance Gap — What the 2026 Data Shows

Convergent findings from five independent 2026 surveys — CISO AI Risk Report, CSA/Strata Identity, McKinsey State of AI Trust, IMF, and MetaComp — paint a consistent picture of institutional unpreparedness.

Exposure Indicators — % of Institutions (2026)

Lack full AI agent identity visibility

92%

Do not enforce AI identity access policies

86%

AI has uncontrolled access to financial platforms

71%

Use static API keys for agent auth

44%

No formal agent identity strategy

77%

Have real-time agent inventory

21%

Can trace agent actions to human sponsor

28%

Have formal enterprise-wide KYA strategy

23%

Sources: CISO AI Risk Report 2026 · CSA/Strata Identity 2026 · McKinsey State of AI Trust 2026

Compliance Control Gaps by Category

Agent Identity VerificationNo mechanism to verify agent identity before transaction execution; no published regulatory standard exists

Critical Gap

Delegation Chain AccountabilityNo audit mechanism for agent-to-agent permission delegation in multi-agent workflows

Critical Gap

FATF Travel Rule — Agent HopsTravel Rule has no extension for agent-to-agent transactions; 73% of jurisdictions enacted, 59% not enforcing

Enforcement Gap

NIST SP 800-53 Control OverlaysAI-agent-specific control overlays in active development; no publication date confirmed as of Q3 2026

Standards Gap

SR 11-7 / Agentic AI AlignmentSR 11-7 model risk management guidance does not address nondeterministic autonomous agents

Interpretation Gap

Singapore IMDA FrameworkWorld's first published cross-sector agentic AI governance framework; adopted by MetaComp

Active Standard

IMF Agentic Payments AnalysisFormal IMF analysis identifies KYA gap; recommends "Know Your Agent" models and continuous verification

Guidance Issued

MetaComp StableX KYA FrameworkFirst KYA framework by a licensed financial institution; open for industry adoption and regulatory reference

Deployed

Sources: IMF Notes 2026/004 · NIST NCCoE Feb 2026 · MetaComp Apr 2026 · FATF Jun 2025

Forward Scenario Analysis

Three Scenarios to 2028

Select a regulatory trajectory to explore how the agent identity governance landscape evolves — and what each scenario means for institutions deciding how to allocate resources today.

45% probability

Standards Accelerate

NIST, FATF, and FinCEN publish enforceable AI agent identity controls by Q1–Q3 2027. First-mover institutions define the reference architecture.

40% probability

Standards Plateau

Regulation slows; a high-profile agent-initiated incident triggers enforcement action. Incident-driven adoption replaces proactive compliance.

15% probability

Standards Fragment

U.S., EU, Singapore, and UK develop incompatible agent identity regimes. Cross-border complexity becomes a barrier to entry.