Not all AI tools are created equal, and trade executives responsible for customs automation, supply chain intelligence, and cross-border data flows must prioritize risk assessments accordingly. A detailed analysis from SVP & Field CTO at Saviynt, published by TechRadar Pro, argues that the catch-all label of 'AI' masks vast differences in security, privacy, and governance risks.
The AI Proliferation Problem
The urgency is clear: 62% of enterprises are at least experimenting with AI, according to McKinsey, while 79% are deploying AI agents, per PwC. IDC predicts there will be 1.3 billion AI agents in operation by 2028. For trade professionals, this means automated processes for tariff classification, incoterms validation, and sanctions screening are increasingly powered by AI — but not all implementations carry the same risk.
"So, for IT management struggling to keep up with the exposure threats associated with AI-infused applications, agents and processes, calibrating the risks based on AI variants is a smart first move."
Agentic AI: Higher Stakes for Trade Workflows
While simple AI assistants that scan or parse data carry minimal risk, the article warns that agentic AI processes that can cross tools, systems, and workflows pose far greater danger. In a trade context, an agentic system might automatically submit customs entries, flag denied parties, or adjust invoices—all with significant compliance consequences.
52% of respondents to the PwC survey listed cybersecurity as a number-one or number-two concern when employing agents. The analysis notes that in these early days of agentic AI, "some pioneers will fail to erect appropriate guardrails, meaning that agentic workflows may have more machine autonomy than is desirable, leading potentially to loss of data, wiped records, privacy intrusions, policy infringements."
Identity Management Gaps
A critical finding for trade operations: legacy identity and access management (IAM) systems are ill-equipped for agentic AI. The article states that "many examples of agentic AI processes being waved through by legacy identity management services as if they were new hires on an HR roster." This means an AI agent could inadvertently gain elevated privileges to customs databases or supplier portals, creating audit and compliance nightmares.
| Risk Factor | Consumer/Productivity AI | Agentic AI for Trade |
|---|---|---|
| Autonomy | Low | High |
| Cross-system access | Minimal | Required |
| Cybersecurity concern (PwC) | Not top-rated | 52% top concern |
| Example in trade | Tariff lookup assistant | Automated customs filing bot |
Steps for Trade Executives
The article recommends CIOs, CISOs, and risk officers perform a discovery process to inventory all AI tools in use—similar to how shadow IT was tracked. For trade-specific environments, this should include:
- Cataloguing every AI agent touching import/export data, including embedded tools in ERP or trade management platforms.
- Classifying risk tier: Personal assistants or summarization tools are low risk; agentic bots that execute trade transactions are high risk.
- Updating IAM policies to require human-in-the-loop approvals for any AI-driven action that commits to a trade declaration or payment.
The analysis concludes that change management is a persistent hurdle: "Technological change can be overwhelming when all the processes, ingrained pattern recognition habits and domain knowledge we possess are threatened by disruptive new waves of activity."
What to Watch
Trade executives should monitor how their identity and access management vendors adapt to agentic AI. The old IAM won't cut it, and the next 12–24 months will likely see new purpose-built governance tools emerge. In the meantime, calibrating risk by AI variant—not treating all AI as equal—is the first line of defense.
Sources:
