Delegation Design: How Humans Authorise AI Agents

Every agentic AI system begins with an act of delegation - a human granting permission for autonomous action. This act is the most consequential design surface in the entire system. Get it wrong, and the agent operates outside its intended boundaries. Get it right, and the human can confidently step away, knowing the agent will act within the authority granted.

Traditional software design assumes the user is present and in control. Delegation design assumes the user is absent and the agent is in control. This inversion - central to Agentic Experience Design - changes everything about how authority, constraints, and recovery are designed.

Without delegation design, organisations face two failure modes: over-delegation (granting more authority than the agent's competence warrants, leading to consequential failures) and under-delegation (constraining the agent so tightly that it cannot deliver value, leading to abandonment). Delegation design resolves this tension by making the transfer of authority a structured, calibrated, and recoverable process.

Every delegation in an agentic system has four structural components:

Scope. What is the agent authorised to do? Scope defines the boundaries of the agent's operational envelope - the tasks it may perform, the domains it may operate in, and the decisions it may make. A shopping agent's scope might include "find and purchase running shoes under £120" but exclude "negotiate payment terms with the retailer."

Constraints. What must the agent not do? Constraints are the hard boundaries that the agent must never cross, regardless of how it interprets its goals. Budget limits, time boundaries, ethical guardrails, and regulatory requirements are all constraints. Constraints are non-negotiable - they override the agent's optimisation logic.

Permissions. What resources may the agent use? Permissions define the tools, data, APIs, and capabilities available to the agent. A financial agent might have permission to access market data and execute trades but not to transfer funds between accounts. Permissions are the capability layer of delegation.

Recovery paths. What happens when things go wrong? Recovery paths define the agent's behaviour when it encounters errors, ambiguity, or situations outside its scope. Options include escalation to the human, graceful degradation, automatic rollback, and constraint tightening. Recovery paths are the safety net of delegation design.

Delegation design recognises several recurring patterns in how humans transfer authority to agents:

Bounded delegation. The most common pattern. The human defines clear scope, constraints, and permissions. The agent operates within these boundaries and escalates when it encounters situations outside its mandate. This is the default pattern for most agentic commerce applications.

Progressive delegation. Authority expands over time as the agent demonstrates competence. The human starts with narrow scope and gradually widens it based on observed performance. This pattern aligns with the Autonomy Gradient - and requires robust trust architecture - a core AXD framework for calibrating agent independence.

Conditional delegation. Authority is granted contingent on specific conditions being met. "Buy the stock if it drops below £50, but only during market hours, and only if my portfolio allocation to equities is below 40%." Conditional delegation requires sophisticated intent architecture to capture the human's complex requirements.

Collaborative delegation. The human and agent share decision-making authority, with the agent handling routine decisions and escalating novel or high-stakes situations. This pattern requires clear escalation protocols and real-time communication channels.

Understanding how delegations fail is essential to designing them well:

Scope creep. The agent gradually expands its operational boundaries beyond what was intended. This happens when scope definitions are vague or when the agent's optimisation logic finds that crossing boundaries produces better outcomes. Scope creep is prevented through hard constraints and regular scope audits.

Intent drift. The agent's actions diverge from the human's original intent over time. This happens when the agent optimises for a proxy metric rather than the human's actual goal. Intent drift is prevented through intent architecture - the systematic capture and preservation of human intent across the delegation lifecycle.

Constraint erosion. Constraints are gradually relaxed or circumvented as the agent encounters situations where they seem to prevent optimal outcomes. Constraint erosion is the most dangerous failure mode because it undermines the safety guarantees that make delegation possible. Constraints must be enforced at the governance layer, not the planning layer.

Recovery failure. The agent encounters an error but has no defined recovery path. It either freezes (failing silently) or improvises (potentially making the situation worse). Recovery failure is prevented by designing explicit recovery paths for every foreseeable failure mode and a default escalation protocol for unforeseen ones.

Delegation design is applied wherever autonomous agents operate on behalf of humans:

Agentic shopping. When a machine customer shops on behalf of a human, delegation design governs what it may buy, how much it may spend, which retailers it may transact with, and what happens when the desired product is unavailable.

Financial services. When an autonomous portfolio manager trades on behalf of a client, delegation design defines risk tolerance, asset allocation constraints, regulatory boundaries, and escalation triggers.

Enterprise operations. When AI agents manage supply chains, customer service, or internal processes, delegation design ensures they operate within organisational policies, regulatory requirements, and ethical guidelines.

The AXD Institute publishes the Delegation Design Framework as part of its 12 Practice Frameworks, providing a structured methodology for designing safe, effective, and recoverable delegations in production systems.