lights-out.ai logo

Who Is Liable When the Agent Gets It Wrong?

Window reflection in an office

Air Canada's chatbot promised a customer a bereavement discount on a flight. The discount didn't exist. The customer bought the ticket, requested the discount, and was denied. The case went to tribunal. Air Canada tried arguing the chatbot was a separate legal entity, responsible for its own statements.

The tribunal was not impressed. Air Canada paid.

That was 2024. Since then, AI agents have gone from answering questions to making decisions, placing orders, adjusting prices and processing returns. 82% of organisations now use AI agents in their operations according to SailPoint. But only 44% have formal governance for them.

That means the majority of companies running agents don't have an answer to the simplest question: who is liable when the agent gets it wrong?

The Accountability Gap

Here's the reality that rarely comes up in the sales meeting.

88% of AI vendor contracts cap liability at the subscription fee. Your agent sends incorrect order confirmations to 2,000 customers? The vendor refunds your monthly licence. You pay for the rest.

Only 17% of vendor contracts provide regulatory compliance warranties. The rest leave it to you.

80% of companies report unintended agent actions. Meaning the agent does things nobody asked it to. 72% are dissatisfied with their existing guardrails according to Cleanlab.

This is not hypothetical. In Mobley v. Workday, an AI system rejected 1.1 billion job applications. The court held the vendor directly liable. Not the customer. The vendor.

The pendulum is swinging.

What the Law Is Actually Saying

Three legal changes are reshaping the playing field in 2026.

1. EU Product Liability Directive (December 2026). Strict liability extends to software and AI. If your agent causes damage, the injured party does not need to prove negligence. Only that the damage occurred and your product caused it. This applies to any company selling to EU consumers.

2. California AB 316 (January 2026). You cannot use AI autonomy as a defence. "The agent made the decision itself" no longer works as an argument in court.

3. EU AI Act. Penalties up to 35 million EUR or 7% of global revenue. For an e-commerce company doing 500 million SEK in revenue, that is a potential fine of 35 million SEK.

Gartner projects that 40% of agentic AI projects will be cancelled by 2027 due to inadequate controls. Not because of bad technology. Because nobody knows who is liable.

SLAs That Don't Work

Traditional SLAs measure uptime. 99.9% availability. Response time under 200 milliseconds.

That works for a database. It does not work for an agent making business decisions.

Your agent can have 100% uptime and simultaneously approve returns that violate your policy, send incorrect prices to customers, or place orders with the wrong supplier. The uptime SLA stays green the entire time.

The problem is that the SLA model hasn't kept up. When software went from storing data to making decisions, the contracts should have changed. They didn't.

An SLA for an AI agent needs to measure outcomes, not infrastructure.

  1. Correctness. What percentage of the agent's decisions align with business rules?
  2. Escalation. Does the agent flag cases it shouldn't handle on its own?
  3. Damage cap. What is the maximum financial impact of a wrong decision before the agent is stopped?
  4. Liability. Who bears it financially? Not "shared responsibility". One party.

Operator vs. Vendor

There are two models for running AI agents in business processes.

Model 1: You buy a tool. The vendor sells software. You configure, integrate, operate. The liability is yours. The vendor's responsibility ends at the licence fee. This is the standard today across 88% of vendors.

Model 2: You hire an operator. The operator takes responsibility for the outcome. Not just for the software running, but for it doing the right thing. The operator writes SLAs against business outcomes, not uptime. The operator bears the financial responsibility when the agent gets it wrong.

The difference is enormous. In model 1, you hold the risk. In model 2, you share it with someone who has the incentive to build better guardrails.

Five Things a CFO Should Demand Today

  1. Audit every AI vendor contract. Look for liability caps and regulatory warranties. If the vendor limits liability to the licence fee, you know where the risk sits.
  2. Map agent decision authority. What decisions does the agent make autonomously? What amounts are involved? Which customers are affected?
  3. Implement outcome-based SLAs. Measure correctness, not uptime. Define escalation rules and damage caps.
  4. Prepare for the EU Product Liability Directive. December 2026 is not far away. Strict liability for AI-caused damage changes the risk calculus fundamentally.
  5. Choose the operator model for critical processes. Order management, returns, pricing logic. Processes where a mistake costs money should be run by someone with skin in the game.

Lights Out

This is why we built Lights Out. Not as another AI tool you buy and configure yourself. But as an operator model where we take responsibility for the outcome.

We write SLAs against correctness and business results. We bear the financial responsibility when an agent makes a wrong decision in the processes we run. Not because we are generous, but because it forces us to build better agents, better guardrails and better escalation flows.

If you want to talk about what this looks like in practice for order management, returns or customer support, get in touch.