Weekly signal

Two concrete regulatory‑facing developments this week materially affect how organisations should treat agentic/ autonomous AI: the European Commission published draft guidelines to clarify what counts as a "high‑risk" AI system under the EU AI Act (19 May 2026), and an IETF Internet‑Draft introduced a practical protocol for agent memory that explicitly maps to GDPR obligations including the right to erasure (18 May 2026). These items sit against the backdrop of earlier multilateral security guidance on agentic AI from Five Eyes agencies and the EU's recent "Digital Omnibus" political agreement to simplify AI Act implementation — all of which are driving operational and legal expectations for agent design, logging, and auditability.

What changed

1. European Commission: draft guidelines on classification of high‑risk AI systems (published 19 May 2026). The document clarifies Article 6 interpretation and provides practical examples and tests for when an AI system (including orchestrators of sub‑agents) should be treated as high‑risk — i.e., when obligations under the AI Act attach and when third‑party conformity assessments may be required. The Commission opened a targeted stakeholder consultation running to 23 June 2026.

2. IETF: SAIHM (Sovereign AI Horizontal Memory) Internet‑Draft (published 18 May 2026). This technical spec proposes a memory protocol for agents that includes wallet‑bound identity binding, cryptographic audit anchors, and mechanisms for cryptographic erasure aligned with GDPR Article 17 — moving privacy/compliance requirements into an engineering artefact that agents can implement. The draft is informational (work in progress) but signals standardisation pressure on agent memory and audit trails.

3. Contextual enforcement signals. Governments and security agencies (Five Eyes) have already published operational guidance treating agentic AI as a distinct security surface; the EU’s Omnibus agreement (May 2026) also reshapes timelines and obligations under the AI Act — creating an urgent compliance window for organisations operating agents in or into the EU.

What to do with it

1. Re‑scope your AI inventory for the EU AI Act: identify any agent stacks (orchestrators + sub‑agents) that could be classified as high‑risk under Article 6 and use the Commission's draft examples to test classification now. If you operate in the EU or serve EU users, assume the guidelines will be enforced as interpretive guidance.

2. Add cryptographic, auditable memory to agent designs: the SAIHM draft shows regulators and standards communities expect memory, identity, and erasure semantics to be provable. Start prototyping per‑agent cryptographic anchors, per‑action receipts, and eraseable key envelopes so audit trails are reconstructible and defensible.

3. Map security guidance to compliance deliverables: map Five Eyes/CISA security controls (least privilege, human‑in‑the‑loop gates, incremental autonomy) to AI Act obligations (risk assessment, logging, human oversight) so a single program satisfies both security and legal auditors. Prioritise remediation where agents hold persistent privileges or make financial/ safety‑sensitive decisions.

4. Respond to the EU consultation window (by 23 June 2026) if you have EU exposures: submit concrete examples of agent architectures and explainability/logging constraints so the final guidance reflects practical agent design patterns.

(For sources, see list below.)