RPA worked. That's worth stating clearly, because the governance problems that followed tend to overshadow it. For stable, well-defined processes where data moved between systems with known fields and predictable structures, RPA delivered measurable value.
The brittleness showed up at the edges, and the first place it showed was credentials. Gartner identified the top security failures in RPA deployments, and the most telling was that organizations reused human credentials with bots. A bot built to process invoices would run under the credentials of the analyst who built it. Expedient, and a governance time bomb. When that analyst changed roles or left the company, their credentials were still embedded in a bot that still ran, holding permissions no one actively managed.
The RPA industry developed a term for this: orphaned bots. Bots that continued running after the person who understood them was gone. The bot still held credentials. It still processed exceptions according to rules that lived in someone's head rather than in documentation. It still ran on a schedule nobody remembered setting. Without the builder's knowledge, the bot's purpose became opaque to the organization that depended on it.
The costs were real. Forrester reported that maintenance could account for up to 60% of total RPA implementation expenses. Gartner's broader taxonomy included breaks in segregation of duties, failure to maintain audit trails, and failure to secure the RPA lifecycle beyond just operations. The technology kept working. Governance questions accumulated slowly and went unanswered until something broke. Who owns this bot? What happens when it encounters an exception it wasn't built for? Who audits what it did?
These questions were answerable. Organizations that invested in bot lifecycle management, credential rotation, exception escalation paths, and clear ownership structures made RPA work at scale. The ones that didn't discovered that value and governance debt could grow simultaneously, in the same deployment, for months before the debt came due.
AI agents now face the same questions. Who owns this workflow? What happens when it fails in a way nobody anticipated? Who audits what it did, and against what standard? What credentials does it hold, and who rotates them? When the person who designed the workflow leaves, what knowledge leaves with them?
Every one of these questions has been asked before. And yet there is remarkably little institutional memory connecting the RPA cycle to the current one. The teams deploying AI agents are rarely the teams that managed RPA, and the technology feels different enough that the organizational patterns don't obviously transfer. Nobody is reading the RPA postmortems before standing up an agent fleet.
RPA bots followed predefined rules. Their failure modes were bounded by their rigidity. AI agents make probabilistic decisions, which means their failure modes are bounded by their judgment. The governance questions carry over almost exactly. The consequences of leaving them unanswered have gotten worse.