226 views
Photo from Unsplash by Igor Omilaev.

Governance gap threatens Singapore's agentic AI ambitions

Singapore's AI governance push is outpacing the organisations it is designed to protect.

Singapore has positioned itself at the forefront of agentic AI governance, but new research from KPMG and the Institute of Internal Auditors Singapore warns that most organisations are moving too slowly to keep pace with the technology they are already deploying.

In May 2026, the Singapore Government and Google published findings from an AI Agents Sandbox, a four-month controlled experiment run jointly by the Cyber Security Agency of Singapore, GovTech Singapore, and the Infocomm Media Development Authority, designed to test how autonomous AI systems perform against real public-sector use cases.

The sandbox found that AI agents delivered measurable efficiency gains, stronger analytical capability, greater consistency, and improved auditability compared with human operators. It also surfaced risks that the report says require active management before broader deployment.

The most significant threat identified was indirect prompt injection, where a malicious actor embeds hidden instructions inside content an AI agent encounters, tricking it into performing unintended actions.

In the social assistance use case, the agent occasionally navigated to potentially harmful external websites after misreading on-page text as instructions.

The sandbox concluded that no single control mechanism is sufficient and that defence-in-depth is required.

The 2026 IIA Risk in Focus Singapore report, cited in a playbook published jointly by KPMG and the Institute of Internal Auditors Singapore, found that digital disruption and AI ranked as the second-highest risk by perceived severity amongst Singapore organisations at 73%, yet internal audit coverage of that risk sat at just 49%

Human capital risk showed an even sharper disconnect with 57% severity against 8% audit coverage. Cybersecurity was the only category where severity and coverage were in alignment, both at 76%.

The playbook said that traditional governance frameworks were built for a world where risks are stable, controls are periodic, and accountability is clear, adding that agentic AI breaks all three assumptions simultaneously.

The sandbox found that when agents processed outputs exceeding approximately 400 words, accuracy degraded, and hallucination occurred. The report identified this as a direct limitation for organisations deploying AI agents in document-heavy workflows without human review checkpoints.

The sandbox also found that default safety controls, whilst essential, occasionally blocked legitimate testing activity, surfacing a tension between safety and operational flexibility.

Join Singapore Business Review community
A NOTE FROM SINGAPORE BUSINESS REVIEW

If you've been wondering whether SBR could work for your company — yes, probably.

A lot of the companies we partner with started as readers. They'd been following our coverage for a while, saw their own customers and competitors in it, and eventually asked the obvious question: could we do something with you? The answer is usually yes. The shape of it depends on what you're trying to do.


The options are broader than most people assume — thought leadership articles, sponsored content, industry summits across Southeast Asia, regional awards programmes, podcasts, and media placements in print and digital. Some partners use one channel; most use a mix. We figure out the right combination by starting with your brief, not with our rate card.


So if the question has been on your mind, here's the easy way to ask it.

We'll tell you honestly whether we can help, and how. It's a better use of everyone's time.