One evening during the winter of 2015, I found myself in one of those conversations that disguise profound wisdom as casual banter. My friend — let’s call him Vikram — was holding court on the art of raising children. The man had a gift for making the complicated sound obvious, and the obvious sound as he’d invented it.

"You should let children be free. Define a boundary — wide enough for them to run, stumble, and discover things on their own. But keep it a boundary. Then just watch, guide, and let them grow."
 — Vikram, over chai, with the confidence of a man who had clearly read exactly one parenting book and decided it was enough

I remember nodding politely, filing it away under “things-that-sound-wise-but-I’ll-probably-forget-by-morning.” I was wrong. That little gem has stayed with me for over a decade, resurfacing in the most unlikely of places — not a nursery, but a conference room full of enterprise architects arguing about Flow Designer permissions.

Because here’s the thing: what Vikram described that evening wasn’t just a parenting philosophy. It was — almost word for word — the operating model that every enterprise desperately needs for its automation landscape in 2026.

Define the boundary. Give enough room to grow. Monitor. Guide. Scale.

And yet, a staggering number of organizations are doing the exact opposite — either locking automation in a cage so tight it can barely breathe (hello, 14-step approval workflows for a simple email notification), or letting it run wild across departments like an unsupervised toddler with a permanent marker and access to production.

The Problem Didn’t Start Yesterday

Let’s rewind. The early days of RPA had a certain romantic energy. The pitch was seductive: software robots that mimic human clicks, automate the mundane, and free your workforce to finally do that “higher-value work” everyone kept talking about, but nobody could quite define. Enterprises rushed in. Pilots sprouted like mushrooms after rain. And then — with painful predictability — most of them stalled.

The bots worked fine in isolation. But nobody had thought about what happens when hundreds of them are running across dozens of systems, each lovingly built by a different team, with no centralized oversight, no shared standards, and the kind of documentation that would make an auditor weep. The industry even coined a term for the mess: “RPA islands.” Scattered automation pockets that created more operational risk than they ever resolved.

Think of it this way: imagine a city where every household installs its own traffic light. Each one works perfectly in front of its own driveway. But the moment you zoom out and look at the actual roads? Absolute chaos.

Fast forward to 2026, and the landscape looks nothing like those early RPA days. We’re no longer dealing with screen-scraping bots that follow scripts. We now have AI agents that reason, plan, and execute multi-step workflows autonomously. ServiceNow’s Autonomous Workforce already handles over 90% of its own employee IT requests — faster than any human could. Forrester’s 2026 automation predictions note that while the industry is sprinting from “flow-first” to “reasoning-first” architectures, fewer than 15% of firms will actually turn on agentic features in their automation suites. The reason? Governance. Or rather, the lack of it.

The technology is ready. The organizational maturity? Still catching the bus.

Why 2026 Is the Year the Music Stops

Every year, someone declares it “the year of” something in enterprise tech. Usually it’s harmless marketing theater. But 2026 actually has teeth.

The EU AI Act — the world’s first comprehensive AI regulation — hits its most critical enforcement milestone this August. If your automated workflows touch hiring decisions, credit assessments, or compliance documentation for EU citizens, you’re in scope. The penalties aren’t theoretical either — they’re the kind that make CFOs lose sleep and legal teams book therapy sessions.

Simultaneously, the agentic AI wave is raising the stakes in a way that deterministic RPA never did. When a bot follows a script, the blast radius of failure is predictable — annoying, but containable. When an AI agent dynamically decides how to execute a task, the failure modes multiply in ways that are genuinely hard to anticipate. As one platform CEO put it at a recent industry conference: if companies want to scale AI, trust and governance that span any cloud, any asset, and any AI system are simply “non-negotiable.”

And Gartner isn’t whispering either — they predict over 40% of agentic AI projects will be cancelled by the end of 2027, largely due to inadequate risk controls. Forty percent. That’s not a cautionary statistic. That’s a eulogy for a lot of PowerPoint decks that promised the board “transformational outcomes.”

Enter the Playground with Guardrails

This is where I come back to Vikram, sitting in that winter evening with his chai, unknowingly describing enterprise automation strategy a decade before most CIOs would need to hear it.

The answer isn’t to shut automation down. It isn’t to create a 47-page approval process that makes deploying a simple subflow feel like applying for a mortgage. It’s to build the right playground — with clear boundaries, enough space for innovation, and someone watching from the bench who knows when to intervene and when to let the kids figure it out.

This is precisely the philosophy behind ServiceNow’s Automation Center.

For those unfamiliar, think of Automation Center as the governance backbone of ServiceNow’s automation ecosystem. It’s where Flow Designer (the low-code engine for building automated workflows), Integration Hub (API-based integrations across 1,300+ external systems), RPA Hub (robotic process automation for legacy systems that still think APIs are a passing fad), and Document Intelligence (intelligent document processing) all converge — not as disconnected tools sold by different product teams at the same SKU meeting, but as a governed, orchestrated whole.

What makes this genuinely powerful isn’t any single capability. It’s the unified nature of it. When a new automation is created — whether it’s a flow that routes an IT incident, an RPA bot that lovingly scrapes data from a legacy ERP screen circa 2004, or a subflow that processes an invoice through document intelligence — it lives on one platform. It’s discoverable. It’s auditable. It inherits the security, role-based access, and policy controls of the broader environment.

Now layer on the AI Control Tower — ServiceNow’s centralized governance command center for all AI and automation activity. It provides real-time visibility into which agents and automations are running, what decisions they’re making, and whether those decisions align with business objectives. For regulated industries like banking, healthcare, and government — where a rogue automation can trigger consequences that range from embarrassing to existential — this isn’t a nice-to-have. It’s the difference between confident scaling and a very expensive conversation with regulators.

The beauty of this model mirrors Vikram’s principle perfectly. The boundary is the governance framework. The playground is the composable automation surface. The watchful eye is the AI Control Tower. Define. Play. Monitor. Grow.

Governance Is Not a Tax. It’s a Shortcut.

Here’s the counterintuitive truth that most enterprises still haven’t internalized: governance doesn’t slow automation down. It’s what allows automation to speed up.

Without governance, every new automation becomes a risk conversation. Somebody in InfoSec has to review it manually. Somebody in compliance has to sign off. Somebody in architecture has to check whether it conflicts with an existing integration that Dave from the Mumbai office built three years ago and forgot to document. The result? Weeks of delay for something that should take hours.

With governance built into the platform — as ServiceNow’s architecture enables — those checks happen automatically. Policy enforcement is embedded in the workflow, not bolted on as a bureaucratic afterthought that arrives via a SharePoint form nobody can find. The automation ships faster because it’s governed, not despite it.

The data reinforces this. Organizations with weak governance frameworks spend significantly more on ongoing operational costs. Compliance readiness gaps force quarterly budget reallocations. And teams without centralized automation oversight spend more time in approval meetings than actually building automations. It’s the organizational equivalent of spending so long child-proofing the house that the child has already graduated college by the time you’re done.

The Road Ahead

We stand at an extraordinary — and, frankly, unforgiving — moment. Automation has evolved from a back-office efficiency tool into the connective tissue of enterprise operations. AI agents are no longer theoretical — they’re resolving tickets, processing claims, onboarding vendors, and occasionally doing things nobody asked them to. The RPA market reached $3.6 billion in 2024 and shows no signs of slowing down. And the regulatory landscape — from the EU AI Act to NIST and OECD frameworks — is making governance a legal requirement, not just a slide in someone’s quarterly review deck.

The enterprises that will thrive are the ones that take Vikram’s advice. Define the boundary. Make it wide enough for innovation. And never, ever stop watching, guiding, and growing.

Because automation without governance isn’t really automation. It’s just chaos — with better branding and a faster clock speed.

The author works on Automation Governance and agentic automation capabilities at ServiceNow, where he spends his days ensuring that the playground has exactly the right amount of fence — and that Vikram gets absolutely none of the credit he deserves.