Sponsored

The agent stack is missing a trust layer

This article is presented by TC Brand Studio. This is paid content, TechCrunch editorial was not involved in the development of this article. Reach out to learn more about partnering with TC Brand Studio.

Sponsored by:

By Joel Hron, Chief Technology Officer, Thomson Reuters

The next wave of AI will not be defined by better chatbots. It will be defined by agents that can get work done.

That is the promise, at least. Across the technology industry, companies are racing to build AI systems that can retrieve information, reason across sources, use tools, take actions, and complete work end-to-end. The ambition is clear. The potential is there. The demos are impressive. But there is still a gap between what agents can appear to do in a controlled environment and what enterprises can trust them to do in production.

That gap is not just intelligence. It is trust.

A model can be fluent without being informed. It can be confident without being correct. It can produce an answer without conveying how it got there, why it is right, or whether it was shaped by the right domain expertise and constrained by the right permissions.

For consumer use cases, that risk/reward tradeoff may be tolerable. For enterprise work, especially in legal, tax, audit, compliance, risk, finance, and regulatory environments, it is not. In these settings, “almost right” is not good enough. At Thomson Reuters, we call the higher standard required for this work Fiduciary-Grade AI™: AI built for professionals operating under duties of care, regulatory oversight, and real accountability.

The uncomfortable truth for enterprises is that your AI accountability cannot be outsourced to the vendor that sold you the agent. The AI may accelerate the work, but the professional and the enterprise still own the judgment, the advice, and the outcome.

This is why the competition over agent capabilities is not only about which model is most powerful. It is about how agents connect to the trusted systems, data, content, and tools that drive actual work.

Protocols such as the Model Context Protocol, or MCP, point to a larger shift in the market. Agentic systems need standardized ways to access not only information, but also the tools, systems, and context required to complete real work. Without that, every agent is trapped in a brittle web of one-off integrations, copied-and-pasted prompts, limited retrieval, and unclear permissions.

MCP matters because it addresses one of the biggest blockers to production-grade agents: how to connect AI to approved context and tools in a consistent, governable way.

But MCP alone is not the answer. Trusted context is necessary, but it is not sufficient. High-stakes professional work requires a fiduciary-grade system.

That is the premise behind the next generation of CoCounsel Legal. It is not simply a model pointed at legal content, and it is not just a data access layer. Built to a fiduciary-grade standard, it combines authoritative legal content, professional workflow tools, domain-specific AI capabilities, rigorous privacy and security safeguards, permissioning, and transparent outputs designed for human review and verification.

In legal work, context is not just more data. It can include controlling authority, the procedural posture of a matter, the relevant client documents, the jurisdiction, prior work product, deadlines, workflow history, and the specific task a lawyer is trying to complete. An agent that does not understand that context can still sound persuasive. That is the problem.

This is the part of the agent conversation that too often gets skipped. More autonomy increases the need for more trust, not less.

That is also where much of the next enterprise AI value will be created. Enterprises do not run on models alone. They run on proprietary knowledge, permissions, workflows, regulated processes, and human accountability. The agent that can navigate those conditions safely will be far more valuable than the agent that can merely generate an impressive response.

Agents will become more capable. Standards will mature. Protocols like MCP will make integrations more portable. Enterprises will keep pushing AI deeper into workflows that were previously too complex or too risky to automate.

But the fundamental test will remain the same: can the work be verified and trusted?

Anything less may be good enough for a demo. It will not be good enough for production.