The REMIT framework

Responsibility, Envelope, Monitoring, Identity, Trust.

REMIT — the governance framework for agents

Every agent needs a remit. Five dimensions, one question: what is this agent authorised to do, and who answers if it goes wrong?

R — Responsibility

Every agent has a named human owner.

If nobody owns it, nobody governs it. Agents without designated owners become organisational orphans: capable of acting but accountable to no one.

• Business owner — a named individual (not a team, not a committee) accountable for the agent's actions and outcomes.
• Escalation chain — a clear path from agent failure to a human decision-maker, documented before deployment.
• Board line of sight — the company can trace any agent action to a responsible human within 24 hours.
• No orphans — if the owner leaves, responsibility transfers explicitly. If someone leaves, handing over management of their agents is like handing over management of their human team. An unowned agent is a decommissioned agent.

E — Envelope

The defined boundaries of operation. Not in a policy document. In the code.

• Tools — which systems, APIs, and data sources the agent can access. Nothing else.
• Actions — read, write, create, delete, send, approve — each permission explicit and specific.
• Spend — financial authority limits. What can it commit, and at what threshold does it escalate?
• Scope — jurisdictions, data types, customer segments. The boundaries of the agent's world.

A policy document saying "the agent will not send emails over £10K" is not an envelope. A rate limit, an amount check, and a refusal path in code are an envelope.

M — Monitoring

Continuous observability, not quarterly audits.

If you cannot reconstruct every decision the agent made, you cannot defend it to a regulator, a board, or a court. Logs and traces are critical.

• Action logs — every tool call, every data access, every output.
• Reasoning traces — why the agent chose this action over alternatives.
• Drift detection — behavioural changes over time, caught automatically.
• Alert design — the right humans notified at the right moments.
• Circuit breakers — automatic halts when thresholds are exceeded.
• Approval-fatigue watch — monitoring the monitors. Are humans still reviewing, or rubber-stamping?

I — Identity

Verified, auditable, non-negotiable.

Non-human identities now outnumber humans 45-to-1 in financial services. Every agent needs a verified identity: what it is, what it can do, where it came from.

• Provenance — which model, version, and provider powers this agent.
• Capabilities — what tools, skills, and permissions it holds.
• Authorisation — who approved its deployment, and under what conditions.
• Lineage — if it calls other agents, what are their identities.

T — Trust

Graduated autonomy, earned and revocable.

Trust is not a configuration setting. It is calibrated through evidence, reviewed on a cadence, and revoked when behaviour degrades.

• Intern — read-only; can observe but not act. All outputs reviewed.
• Junior — can recommend with reasoning. Requires human approval.
• Senior — executes pre-approved actions autonomously. Notifies, does not ask.
• Principal — full autonomy within defined playbooks. Trusted to triage and act.

Promotion requires evidence. Demotion is always available. You would not give an intern signing authority on day one.

How REMIT maps to the Agent Canvas

Three canvas cells have a direct REMIT equivalent: Authority → REMIT-T, Guardrails → REMIT-E, Human Checkpoints → REMIT-M. REMIT-R and REMIT-I sit outside the canvas — they are the bits the REMIT worksheet adds on top.

You can fill a REMIT worksheet interactively.