Fiduciary & Responsibility.

Organizations are still fiduciary containers.

A corporation is a fiduciary container. So is a fund. So is a partnership. The structure is not theoretical — it's the legal and operational reason these organizations exist. Officers owe duties. Boards owe duties. Auditors are owed a story they can verify.

None of that disappeared the moment your stack started shipping agentic workflows. The container is unchanged. The interior is what got crowded.

Where liability lives when agents execute.

Liability doesn't move because an LLM is in the loop. It lands where it already lands: on the organization, on the officers, on the people who signed off, on the people who were supposed to be watching.

What does move is the surface area between something happened and we have to defend it. Agents act faster than humans review. An automated retrieval call commits the organization to a position the moment it answers a customer. By the time a wrong answer surfaces, three downstream actions have already been taken on top of it.

The legal exposure didn't change. The lag between exposure and awareness did. That's the actual problem to govern.

Responsibility cannot be diffused.

There's a tempting move when a system gets complicated: distribute responsibility across the chain. Each agent is responsible for its step. Each handoff is reviewed at the boundary. The system as a whole is governed because every part is.

This is the diffusion trap, and it's structurally bankrupt.

Imagine a three-agent workflow. Agent A retrieves data. Agent B drafts a response. Agent C sends it to a customer. The customer acts on a wrong answer. Where does responsibility land?

• Agent A's owner: "I retrieved what was requested. The data is correct."
• Agent B's owner: "I drafted based on what was retrieved. The draft is consistent with the input."
• Agent C's owner: "I sent what was approved."

Every step is defensible in isolation. Nobody is accountable for the outcome.

That's not governance. That's distributed deniability dressed up as process.

The principle this page sits on says responsibility must remain visible, local, intact, unborrowed, and non-transferable. Diffusion across an agent chain violates every one of those. Someone has to hold the outcome. That position isn't a bug; it's the load-bearing seat.

Accountability, escalation, ownership.

A responsibility-preserving system makes three things easy to find on demand:

Accountability — the human whose name is on the outcome. Not a team. Not a process. A person. Named, locatable, answerable.

Escalation — the path from "something is off" to "a human with authority is looking at it" has to be short and obvious. If your escalation path is buried in a Slack channel nobody reads, you don't have escalation. You have hope.

Ownership — distinct from accountability. Accountability is who answers for the outcome. Ownership is who can change the system to prevent it next time. The two are often different people. They should never be nobody.

If your AI deployment can't surface these three on demand, the responsibility layer is missing. Not weakened — missing.

What this means for boards and operators.

Boards already have fiduciary obligations. Officers already have duty of care. None of that suspends because the workflows became agentic.

What changes is what knowing what's going on actually requires.

A board can no longer discharge oversight by reviewing summaries the system generated about itself. (See Fluent isn't true for why that fails.) An officer can no longer rely on "the system flagged it" as the alert that triggers attention — the system flagging a thing is just another machine-generated claim, not evidence a human reviewed it.

The legibility layer is what makes the fiduciary layer functional. Without it, the obligation is unchanged and the ability to discharge it becomes materially harder to demonstrate. With it, the obligation lands where it always landed — on a human, named, who can actually see what's happening fast enough to act.

This isn't an additional layer of compliance bolted onto fiduciary duty. It's the layer that makes fiduciary duty possible under agentic execution.

What we don't claim.

This page is doctrine and orientation. It is not:

• A certification. We don't have one. Any claim of settled "AI fiduciary certification" right now should be treated cautiously; the underlying frameworks are still forming.
• A regulatory mapping. The legal landscape for agentic AI accountability is still forming. We track it; we don't pretend to have settled it.
• An assurance product. We don't sell "AI fiduciary compliance as a service." If we did, we'd be the exact thing this page is built to oppose.

What we offer is a way of thinking about the problem that doesn't collapse under its own weight. The discipline is the credibility. The implementation is what your organization builds — under your fiduciary obligations, not ours.

If you want a structured way to find out where the responsibility layer is missing in a system you're already running, the Signal Profile is where that conversation starts.