Quick question for anyone building AI-powered workflows in financial services:
Can you explain how your workflow was designed AND prove it runs the same way every time?
Most firms can answer one of those. Almost nobody’s thinking about both.
That’s because it’s not one spectrum of risk. It’s two. Design time and run time. Different questions, different exposures — and you can have strong governance on one and a dangerous blind spot on the other.
I assembled a framework around this that I’m calling the AI Workflow Autonomy Spectrum.
The part that surprised me most? Where the hidden risk actually lives. Not at the extremes. In the middle.
Link to full LinkedIn article below. I’d welcome hearing whether this maps to what you’re seeing.
This is a strong framing, especially the separation between design‑time governance and runtime predictability.
One thing worth reinforcing is that the highest risk often sits between those layers: when a well‑designed system allows uncontrolled runtime autonomy, or when strong runtime controls are applied to poorly governed designs.
Pega’s approach explicitly treats:
Design‑time AI as proposable and reviewable
Runtime AI as constrained by workflow, policy, and audit
I’m curious whether others have seen failures caused more by design gaps or by runtime drift, and how they detected them early.
An interesting thing to point out: this framing works the same when you’re talking about humans…it’s one of the core reasons organizations started moving toward BPM and workflow software and why the “great revolution” of RPA/bots never materialized the way evangelists thought it would. We don’t want a human, at run-time, making arbitrary decisions about processes; we don’t want an AI doing it either, even though both can provide rationales. We want those decisions to be based on facts, following explicit, agreed-upon rules, that treat similar facts patterns similarly, as much as possible. So while knowledge workers are an important part of most processes, human knowledge workers have an accountability structure that just isn’t there for synthetic agents. A regulator isn’t going to accept “well an AI told me to do it like that”…at least not for a long while. That’s why Pega’s guidance on delivering these solutions is practical: use GenAI where creativity matters (like design-time or under strict human supervision) and channel that creativity into deterministic or rule-driven patterns that are predictable, scalable, and repeatable. The real interesting frontier is: when confronted with a run-time fact pattern we haven’t seen, can we creatively address using GenAI, and can we create a pipeline that allows that creative solution to become a repeatable pattern? That’s where I think some really revolutionary solutions are going to come from.
