Ninety-five percent of enterprise AI projects fail when organisations deploy agentic capability without a governing federation layer. That number comes from a decade of real-world deployment in financial services, government, procurement, and compliance—not from a lab benchmark.
A new paper formalises what those failures teach: the Three-Ring Architecture. Ring 1 is your existing production infrastructure. Ring 2 is the M2 federation layer—built on strategies-based agentic AI, running deterministic agents whose actions are traceable, permissions enforceable, and deviations recoverable. Ring 3 holds the LLM-based frontier intelligence: powerful, non-deterministic, and categorically riskier.
Ring 2 Is the Operating System for the Agentic Enterprise
The paper’s central claim is that Ring 2 performs at the organisational level what an OS does at the device level: resource abstraction, process coordination, permission enforcement, and a stable platform for compounding intelligence. Without it, every LLM-based agent becomes a non-deterministic actor whose deviations propagate through complex systems without retrospective traceability. That is not a risk you can manage with a policy document or a prompt guardrail.
Strategies-based agents in Ring 2 operate inside a deterministic framework. Their consequences are traceable, their permissions enforceable, their deviations recoverable. LLM-based agents in Ring 3 introduce a categorically distinct risk profile—a non-deterministic actor whose outputs cannot be fully predicted or retroactively inspected when things go wrong.
Better LLMs Amplify the Governance Requirement
Here is the punchline that should make every CTO stop: every improvement in LLM capability is a structural tailwind for this architecture. More capable non-deterministic actors produce larger consequences when they deviate. The governance requirement scales with capability. You do not get safer agents by making the LLM smarter; you get more dangerous ones that demand a harder separation between exploratory intelligence and production execution.
The architecture has been validated across a decade of deployment in financial services, government, procurement, and compliance. That is not theory—it is the pattern that emerged from repeated failure. The paper’s formal distinction between Ring 2 and Ring 3 risk profiles gives enterprise architects a vocabulary and a blueprint to stop treating every agent as a stateless API call.
Source: The Three-Ring Architecture: Governing Agents in the Era of On-Platform Organisations
Domain: arxiv.org
Comments load interactively on the live page.