A chatbot answers questions. An agent completes tasks. When you ask a chatbot “Book me a flight to London next Tuesday,” it tells you how to book a flight. When you ask an agent the same thing, it searches flights, compares prices, selects the best option based on your preferences, books it, adds it to your calendar, and sends you the confirmation. The agent doesn’t just understand language — it reasons, plans, uses tools, takes action, observes results, and adapts.

The agentic AI market reached $7–8 billion in 2025 and is projected to exceed $50–90 billion by 2030 at a 42% CAGR. 68% of organizations expect to integrate AI agents by 2026. 78% of Fortune 500 companies are projected to deploy agentic AI this year. 64% of product roadmaps now include agentic AI as scheduled work.

Three capabilities converged to make agents possible:

1. Reasoning — LLMs can now break complex goals into sub-tasks and reason about which steps to take (Chapter 14: emergent abilities).
2. Tool use — Models can call APIs, query databases, search the web, execute code, and interact with software applications.
3. Memory — Agents maintain context across multi-step workflows, remembering what they’ve done and what remains.

ReAct (Reason + Act) is the default design pattern for enterprise agents. It creates an explicit loop:

1. Reason — “The user wants Q3 revenue by region. I need to query the financial database.”
2. Act — Execute a SQL query against the finance database.
3. Observe — “The query returned data for 4 regions. APAC is missing.”
4. Reason — “APAC data might be in a separate system. I’ll check the APAC reporting tool.”
5. Act — Query the APAC system.
6. Observe & Synthesize — Combine results and present the complete answer.

The explicit reasoning step makes the agent’s decisions traceable and auditable. You can inspect the reasoning chain to understand why the agent took each action. This is critical for enterprise deployment: when an agent makes a mistake, you need to understand why it made that mistake, not just that it did. ReAct also prevents hallucination-driven actions — the agent must justify each step before executing it.

An agent’s power is defined by its tools: APIs it can call, databases it can query, applications it can operate, and code it can execute. More tools = more capable agent. The model decides which tool to use and when, based on the task at hand. This is fundamentally different from traditional automation, where every step is pre-programmed. The agent adapts its approach based on what it encounters.

Klarna’s AI assistant handles 2.3 million conversations monthly across 23 markets in 35 languages — equivalent to 700 full-time agents. Results: $40 million in annual savings ($4M from customer service, $6M from marketing automation), 47% increase in customer satisfaction, and resolution times dropped from 11 minutes to under 2 minutes. However, Klarna later pivoted to a hybrid model after discovering that aggressive automation compromised empathy in complex interactions.

Salesforce deployed Agentforce to handle ~32,000 customer conversations weekly with an 83% resolution rate. Escalations to human agents dropped to just 1%, freeing team members for high-value work. The system combines LLM reasoning with structured CRM data and business rules.

Goldman deployed autonomous agents built on Claude for transaction reconciliation and client onboarding. The agents eliminated manual handoffs between systems, reducing processing time from days to continuous workflow with human oversight at decision points.

Single-purpose agents that complete one well-defined task. “Classify this support ticket and route it to the right team.” “Extract key terms from this contract.” “Generate a weekly sales summary from CRM data.” These are the lowest-risk, highest-adoption agents. They operate within narrow boundaries with predictable outcomes.

Agents that execute multi-step workflows spanning multiple tools and systems. “Process this insurance claim: verify the policy, assess the damage photos, check for fraud indicators, calculate the payout, and draft the response letter.” Each step may involve different tools (database lookup, image analysis, rules engine, document generation). The agent orchestrates the entire workflow.

Agents that set their own sub-goals and adapt their approach based on what they discover. “Investigate why APAC revenue declined 15% this quarter.” The agent decides what data to pull, what analyses to run, what hypotheses to test, and what follow-up questions to pursue — all without human guidance at each step. These are the most powerful and the most risky.

A specialized category with enormous impact: agents that write, test, debug, and deploy code. They read codebases, understand requirements, implement features, write tests, and submit pull requests. JPMorgan Chase reported a 40% increase in developer productivity and 50% faster legacy system migration using coding agents.

A chatbot that hallucinates gives you a wrong answer. An agent that hallucinates takes a wrong action. It might send an incorrect email to a client, execute a flawed database query that corrupts data, approve a transaction that violates policy, or book a flight to the wrong city. The stakes are fundamentally higher because agents operate in the real world, not just in conversation.

Klarna’s aggressive automation delivered impressive cost savings but compromised service quality in complex interactions. Customers experienced lack of empathy and contextual understanding when situations deviated from standard patterns. Klarna pivoted to a hybrid model, reintroducing human agents for nuanced support. The lesson: not every interaction should be automated, even if it technically can be.

Runaway actions — An agent in a loop that keeps executing actions without stopping. Requires hard limits on iterations, cost, and scope.
Permission escalation — An agent that accesses data or systems beyond its intended scope. Requires strict tool-level access controls.
Prompt injection — Malicious inputs that hijack the agent’s behavior (Chapter 26). Agents are more vulnerable because they take actions, not just generate text.
Cascading errors — One wrong step early in a workflow corrupts every subsequent step.

1. Tool-level permissions — Each agent has an explicit list of tools it can use and the scope of each tool. A customer service agent can read order history but cannot modify billing. A coding agent can write code but cannot deploy to production.

2. Action approval gates — High-stakes actions require human approval before execution. The agent prepares the action, presents its reasoning, and waits for a human to approve or reject. “I’m about to issue a $12,000 refund. Here’s why. Approve?”

3. Budget and iteration limits — Hard caps on cost per task, API calls per session, and reasoning loop iterations. Prevents runaway behavior.

4. Hybrid reasoning — Combine LLM reasoning with rules-based guardrails. The LLM handles flexible reasoning; hardcoded rules enforce non-negotiable constraints. “Never approve a refund exceeding $5,000 without manager approval” is a rule, not a suggestion to the model.

5. Observability and audit trails — Log every reasoning step, tool call, and action. Full traceability for compliance, debugging, and continuous improvement. If an agent makes a mistake, you need to reconstruct exactly what happened and why.

6. Graceful degradation — When the agent encounters uncertainty, it escalates to a human rather than guessing. The escalation threshold should be configurable per use case.

The limiting factor for agentic AI is no longer technical capability but organizational readiness. OpenAI’s 2026 Frontier Alliance with McKinsey, BCG, Accenture, and Capgemini reflects this reality: enterprises need change management and integration expertise, not additional model capability. The average implementation cost is $890,000, with a global AI talent shortage of 340,000 professionals.

47% of organizations cite data infrastructure inadequacy as a barrier to agent deployment. Agents need access to clean, well-structured data across multiple systems. If your CRM, ERP, and knowledge base are siloed with inconsistent schemas, the agent can’t operate effectively. The data integration work often exceeds the AI development work by 3–5×.

57% of organizations cite inability to demonstrate ROI as their biggest investment blocker. The challenge isn’t building the agent — it’s proving its value in a way that justifies the investment. Start with use cases where the current process is well-documented, the cost is measurable, and the quality bar is clear. Customer service (measurable resolution rates, cost per ticket) and document processing (measurable throughput, error rates) are ideal starting points.

Deploy Level 1 task agents for internal, low-stakes use cases. IT helpdesk ticket routing, meeting summarization, report generation, data extraction from documents. These build organizational confidence, surface data integration issues, and establish governance patterns without customer-facing risk.

Extend to customer-facing task and workflow agents with human-in-the-loop for complex cases. Customer support (with escalation), order status and tracking, appointment scheduling. Measure resolution rates, customer satisfaction, and escalation frequency. The Klarna model: start automated, add human touchpoints where quality demands it.

Graduate to multi-step workflow agents for validated use cases. Claims processing, procurement workflows, compliance monitoring, coding and engineering tasks. These require mature guardrails, robust monitoring, and proven data infrastructure. Only deploy in domains where you’ve built confidence through Phases 1 and 2.