With the rise of agentic AI, autonomous agents will multiply. How to coordinate them for complex tasks? What architecture and technique and what governance framework should be put in place?
After generative AI, it’s time for agentic AI. The use cases are almost endless. In the case of IT support, AI agents interpret the problem stated in the incident ticket, query the technical documentation, then suggest possible solutions to the user. The onboarding process for a new employee can also be automated. Agents gather the necessary documents to create the employment contract, ensure that the recruit has the right to access the information system and that meetings have been scheduled during the first days with the main contact persons (n+1 and n+2, HR manager, etc.).
“Coherent execution logic”
For a year, companies have carried out tests and experiments to consider moving to the production phase today. In the months to come, AI agents are therefore expected to multiply. Which raises the question of the architecture and governance framework to be put in place. To successfully carry out complex tasks, AI agents must interact with each other and coordinate. In a white paper dedicated to agentic AI, the Wavestone firm devotes an entire chapter to this subject.
“Designing an AI agent does not only consist of choosing a model, providing it with tools, and writing instructions, remind the two co-authors. These elements must also be articulated in a coherent execution logic, capable of transforming a user request into a structured sequence of actions.” This is the role of orchestration which designates all of the mechanisms which will control the agent. This involves defining how the agent sequences its actions, how it makes its decisions and how it manages uncertainty and errors.
The document recalls that the operation of an AI agent is based on an execution loop (“agent loop”) which follows four main steps. It analyzes the instruction and adopts a strategy to respond to this request, breaks down the objective into micro-tasks, selects the relevant tools by calling a business application via API or by querying a database. Finally, the agent executes the actions, observes the results, detects errors or anomalies and adjusts its strategy if necessary.
From single-agent orchestration to multi-agent orchestration
This cycle, iterative and adaptive, is relatively simple in the case of single-agent orchestration. “The agent receives a request, decides what to do, calls the tools, evaluates the result, and loops until finalized,” summarizes Wavestone. This approach lends itself to use cases where the task to be accomplished is simple and well-defined. To truly seek out value creation where it lies, companies will have to take the next step and experiment with multi-agent orchestration.
“In an organization’s learning curve for agentic AI, the typical trajectory is to first develop a single-agent POC, then evolve to a multi-agent approach,” explains Tom Wiltberger, GenAI senior consultant at Wavestone. Two approaches exist. In the case of the hierarchical model, a “manager” agent delegates the different subtasks to specialized agents, then collects the results and returns the final response to the user. In a collaborative model, agents are placed on an equal footing. They interact with each other and collectively contribute to solving the task. It is not only a matter of defining which agent does what and at what time but also of ensuring the transfer of tasks or handoff.
A2A and MCP, two essential protocols
The technical architecture will use two communication protocols which, through their popularity, have become de facto standards despite their youth and the possible security flaws they present. Developed primarily by Google and introduced in April 2025, the A2A, or Agent-to-Agent, protocol allows for seamless communication and cooperation between AI agents, even if they were created by different companies or publishers. It establishes a common language and rules to ensure this peer-to-peer dialogue. A2A is mostly preferred over ACP, Agent Communication Protocol, launched by IBM in February this year.
Another essential protocol: Model Context Protocol. Developed by Anthropic at the end of 2024, MCP allows AI agents to connect to the tools necessary to solve the task, such as an ERP or CRM type business application, a cloud service or a database. Renamed “the USB-C socket for agentic AI”, this universal connector is based on a client-server architecture where the client, in this case the agent, sends requests to an MCP server which exposes the requested functionalities while respecting the access rights which have been granted to it.
Strategic client architect at MuleSoft, Manh-Kiet Yap draws an analogy with the human body. “The LLM is the brain of an agentic system that the knowledge base feeds. MPC is the nervous system of the agent. This protocol allows it to act on the outside world by consulting databases and interacting with business applications and triggering concrete actions.”
Ad hoc governance framework
The orchestration of AI agents is not just a matter of technique but also of governance. For Tom Wiltberger, the transition from the generative phase to the agentic phase represents a fundamental change and requires putting in place ad hoc safeguards. “For LLMs, it’s no longer just a matter of reading information, but of carrying out concrete actions.” Which raises, according to him, a large number of questions. Who can develop these agents? When should a human be placed in the loop and what actions can be performed with no or limited supervision?
Furthermore, since an LLM inevitably makes errors, what is the threshold of acceptability? “In certain cases of internal use, an error rate of 10 to 15% may be considered acceptable,” continues Tom Wiltberger. “But if the service is exposed externally and concerns hundreds of thousands of end customers, an error rate of 5% becomes untenable. It is therefore imperative to approach an almost zero error rate from the development phase.”
There is also the issue of cybersecurity. Moving to agentic AI increases the attack surface. Based on LLMs, autonomous agents inherit all the threats weighing on generative AI, such as “prompt injection”, while developing new risks. From a prompt injection, an attacker can manipulate a corrupted agent and ask it to perform malicious actions.
For Guillaume Gérard, AI & data manager at Capgemini, it is necessary to assess the criticality of the use case and the tools that the agent will use to carry out its task. “The level of risk deemed acceptable must be measurable, observable, compliant with the regulatory framework and governed by sufficiently safe protocols.”
A multitude of frameworks
The market intends to respond to these emerging concerns. In recent months, we have seen a proliferation of software development kits (SDKs) and frameworks. These environments allow you to create and deploy AI agent workflows while ensuring their orchestration and supervision. Most are open source. LangGraph, created by LangChain, attempts with its iterative resolution mode to apply the principles of the human approach to complex problems. With CrewAI, each agent acts according to their skills, interacting with their “colleagues” to delegate tasks or discuss decisions.
OpenAI Agents SDK is another open source library designed to simplify the orchestration and management of systems composed of multiple agents, integrating tracing functions to visualize when a bug has occurred in agentic interactions. Now integrated into the Microsoft Agent Framework, the open source Microsoft AutoGen framework orchestrates complex interactions between agents where each is assigned a role within the workflow. A proxy agent serves as an interface between the user and the AI agents. It is also possible to use a graphical interface, called AutoGen Studio, to explore multi-agent workflows.
Specialized publishers offer their own platforms. Microsoft once again publishes Copilot Studio, a graphical and low-code development environment allowing you to design agents, describe their tasks, connect them to internal or external data sources and create workflows. The platform, of course, integrates connectors to the Microsoft ecosystem (Teams, Outlook, SharePoint, Power BI, Dynamics 365) and to third-party tools like Salesforce, Zendesk, or HubSpot.
Agentforce Studio is its equivalent in the Salesforce world. The platform allows you to create, deploy and manage autonomous agents to automate repetitive tasks, streamline workflows and interact with customers or collaborators. Fully integrated into Salesforce Customer 360, it primarily uses the publisher’s CRM data while being able to connect to external data sources.
MuleSoft, for its part, intends to capitalize on its know-how in the field of API management. At the end of September, the Salesforce subsidiary unveiled Agent Fabric, a suite of tools to manage the entire life cycle of agents regardless of their origin. “Our governance platform allows agents to be recorded on a centralized repository, then secured and shared while observing and tracking their interactions in real time,” says Lila Dorato, senior director of solution engineering at MuleSoft. “This approach guarantees the consistency and continuity of workflows, regardless of the underlying technology.”
Proprietary lock-in and modular approach
While open source frameworks are supposed to provide an agnostic layer, publisher studios pose a risk of vendor lock-in. “Copilot Studio will prove very comfortable for a company that already operates in a Microsoft environment, however with the risk of reinforcing its dependence,” points out Guillaume Gérard. A publisher platform can also be a priority target for cybercriminals. In August 2024, a critical vulnerability, since patched, was discovered in Microsoft Copilot Studio exposing an organization to a leak of potentially sensitive data.
Since agentic AI is based on a technology that is still emerging, Tom Wiltberger advises making platform and architecture choices that are sufficiently scalable, scalable and robust so as not to have to change them after six months. “A modular approach makes it easy to change functional building blocks when they become obsolete,” he concludes.
