Most conversations about AI risk stop at data leaks, but that focus misses a deeper structural problem taking shape inside the enterprise. Core business processes are being automated informally, without clear ownership or governance. What began as "Shadow IT" and "Shadow AI" has evolved into "Shadow Process," where workflows like order-to-cash are run by autonomous bots with no paper trail, no accountability, and no real institutional oversight, leaving critical operations operating in ways the business no longer fully understands or controls.

Gabor Szentivanyi, Chief Information Officer and Chief AI Officer at AI and IT consultancy SSTRAIT, has spent decades leading high-stakes technology transformations where operational discipline directly affects business outcomes. With hands-on experience integrating systems and deploying AI in manufacturing environments, he sees today’s surge in agentic tools as more than a productivity boost. The same convenience that makes these systems attractive, he argues, is introducing a whole new category of operational risk inside the enterprise.

Szentivanyi describes the result of Shadow Process as the "orphan agent," a failure mode that appears when employees automate parts of their job with agentic AI, then move on while those systems continue running without ownership or oversight. "You end up with AI agents actively running pieces of the business, but no one knows who created them, what assumptions they were built on, or how to stop them if something goes wrong," he says. What looks like efficiency on the surface becomes a trust problem underneath, as critical workflows are handed to unattended systems that can act with confidence even when they are wrong.

• All confidence, no competence: That false confidence can be dangerous. In his own testing, an agent built to automate operations repeatedly made basic arithmetic errors and insisted the results were correct. "If you don’t verify what the system is doing, you’re not managing risk, you’re relying on luck," says Szentivanyi. To correct the errors, he ended up using a second AI to audit the first, a process so compute-intensive that it undercut the entire efficiency argument and raised a harder question about whether some tasks are still cheaper, and safer, to leave with humans.

• The permanent record: He adds that AI’s persistent, searchable memory turns everyday productivity into legal exposure for the enterprise. Once AI is embedded in meetings and workflows, Szentivanyi warns, companies create a permanent record they may not be ready to defend. "As legal counsel, I would be very nervous," he says. "It’s no longer just emails and files. Now there are transcripts of everything said. People don't realize the level of privacy they're giving up." Casual conversation becomes discoverable evidence, expanding legal risk in ways many organizations have not yet fully reckoned with.

• Just browsing: Much of the risk is amplified by the rise of AI browsers, which pull more of everyday work into a single, always-on interface. "All of your productivity is happening in front of the AI’s watchful eye," Szentivanyi explains. "It’s not like the old browser history anymore. These systems remember how you think, what you decide, and why you do it." When built for the enterprise, AI browsers can deliver real productivity gains while preserving visibility, control, and ownership over how AI is used.

In this "Wild West" of shadow adoption, the argument is that the issues stem primarily from the fragmentation of unmanaged tools. Szentivanyi suggests the most effective path forward is to centralize this innovation within a governed environment. A move like this requires a commitment to formalized, staff-wide education, transforming AI from an unmanageable liability into a secure corporate asset.

• The Sarbanes-Oxley model: Szentivanyi draws a parallel to the corporate governance reforms that followed the Enron scandal. "Before Enron, we trusted that companies did their best to calculate a good result. After Enron, we saw that wasn't always the case, so we put regulations like Sarbanes-Oxley in place. It's the same idea here. You have to establish milestones, or control points, that are consciously managed by humans."

Ultimately, in Szentivanyi's view, addressing the orphan agent problem calls for a deeply human solution that relies on education, responsibility, and a commitment to augmenting our own intelligence. As he concludes, "AI has zero emotional intelligence. We have to be the ones to provide it. That is how we add human value and make it right. AI is great, but we have to learn how to use it properly."