When 80% of Devs Bypass Policy, Your Governance Isn't Real
If ~80% of developers route around your guardrails, your policy is advisory. For a fintech CISO, only an enforcing control plane that beats the workaround governs.
The org chart you govern is no longer all human
There is a temptation to read the 80% figure as a culture problem. Tighten the SDLC, run another secure-coding refresher, add an attestation checkbox to the pull request. That instinct treats bypass as a discipline failure. It is not. It is an economics failure, and the economics just got dramatically worse.
For a fintech CISO, the unstated assumption behind every guardrail was that a human author understood the blast radius of their own change. A skipped review or an unrun suite was a tolerable tax because an accountable person could roughly model what they were touching. That assumption is dissolving. Industry research now suggests roughly 41% of codebases are AI-generated, and that about 45% of AI coding tasks introduce a critical flaw or security issue. A large and growing share of what reaches your payments path, your auth service, and your ledger is now authored by something that does not read your control library, does not feel deadline guilt, and does not pause at an attestation gate.
So the population you are governing has changed. You are no longer governing developers who occasionally cut corners. You are governing a generation engine that produces volume at machine speed and ships defects by default in nearly half its output. Human bypass was a tax. Machine-speed bypass against unenforced policy is a structural exposure, and it is silent. The cost of poor software quality is already estimated near $2.41 trillion. You do not close that gap by asking the machine to be more conscientious about a process it cannot see.
Why a written policy is not a control
Here is the uncomfortable definition a skeptical auditor will eventually force on you: a control is something that changes what is allowed to happen. A document that describes what should happen is not a control. It is a description of a control you do not have.
Run the test on your own program. Take your most-bypassed rule, the one with the highest override rate. Ask where it physically sits relative to the action it governs. If the honest answer is "in a Confluence page the engineer is supposed to remember to open," you do not have a control. You have a suggestion with a paper trail, and the paper trail exists mainly to assign blame after the incident.
This is why "more training" never moves the bypass rate durably. The rule did not fail because people forgot it. It failed because it was never placed where the decision happens, and because complying with it cost more than skipping it. When the cost of the governed path exceeds the cost of the workaround, a rational engineer takes the workaround, and a rational generation engine never even considers the policy because nothing in its execution path enforces it.
The contrarian claim: enforcement has to be faster than the workaround
Most governance programs try to make bypass harder. Raise the friction, add the gate, require the sign-off. This is precisely backwards, and it is why those programs degrade. If you raise the cost of skipping a control, motivated people find a more creative skip, and you have simply moved the leak. Enforcement that fights the engineer loses on a long enough timeline.
The durable move is the opposite. Make the governed path the fastest path. If complying is cheaper than working around, the workaround stops being rational and quietly disappears, with no reminder required. That reframes the job from policing developers to engineering a default. Three properties decide whether a control holds:
- It executes, it does not instruct. The check runs automatically in the workflow, not as a step a human or an agent must elect to perform.
- It is faster than the workaround. A governed path that adds an hour gets bypassed. One that adds seconds and surfaces only relevant risk gets trusted and kept.
- It is change-aware and proportionate. A blanket "run everything, review everything" gate is so slow it trains the organization to disable it. A control that knows what actually changed runs narrowly and earns the right to stand in the way of the change that matters.
That third property is where most well-intentioned governance dies, and it is where the security-versus-velocity war is usually lost. Treat every change as equally risky and you punish the one-line config edit as harshly as the rewrite of the funds-transfer logic. Under load, the team kills the gate. The fix is not a stricter gate. It is a gate that understands the system well enough to be proportionate. Reachability-based prioritization is the concrete version of this: focusing enforcement on what is actually reachable and exploitable can mean 70 to 90 percent less exploitable exposure, which is also what lets the governed path stay fast enough to win.
What an enforcing control plane actually does
This is the gap a control plane is built to close. Instead of policy as documentation that hopes to be read, an enforcing control plane sits between intent and production and decides, on every change from any author, what is allowed to proceed and what needs a human. For a fintech security org, that requires a few mechanisms working together.
It needs a live model of the system. A System Graph that maps services, dependencies, and CI/CD is what makes enforcement change-aware. Without it, the plane cannot tell that a proposed change reaches the auth service or sits three hops from the ledger, so it cannot bind a policy that says "changes touching funds movement require a security reviewer." Policy enforcement is downstream of system understanding. You cannot govern what you cannot map.
It needs a clear authorization boundary, and this is the principle that keeps the whole thing defensible: agents propose, humans authorize. Separation of proposer and authorizer is a decades-old security control. The agent era does not retire it; it makes it load-bearing. When a change falls outside policy, the plane does not silently fix it and does not silently let it through. It produces a proposal with evidence and routes the decision to someone with the authority to make it. This is why unsupervised autonomous fixing is reckless on the most sensitive surface there is. The engineering of governed remediation lives in the gradient between approving everything and approving nothing, routing low-blast-radius changes quickly while reserving human judgment for the genuinely consequential ones.
It needs audit-ready evidence as a byproduct, not a quarterly scramble. Every governed action should answer, on its own: what was proposed and by which actor, what policy applied and whether it was satisfied, who authorized it, what validation ran, and whether the verify step confirmed the system stayed healthy. That is the closed loop, and it is what turns a release decision into a verdict backed by proof rather than a gut call in a status meeting.
And for a regulated institution, it needs to run inside your boundary. The control that ends most procurement is data residency, not feature count. Execution as signed, attested capsules inside a secure enclave or your own environment, validating against a scoped subgraph and emitting evidence without exfiltrating code or topology, is the design intent behind Edge Runners. "Customer-controlled boundary" has to be an architectural property, not an MSA clause. A clause does not enforce itself; a signed capsule running where you put it does.
What to do Monday morning
You do not need a platform migration to start. You need to convert one advisory rule into an enforced one and prove the model.
- Measure the bypass; do not assume it. Pull the override rate on your most-cited "required" gate. That rate is your real policy, regardless of what the standard says.
- Locate one control. Pick the most-skipped rule and ask where it sits relative to the action. If it lives in a doc, that is the diagnosis.
- Make one gate proportionate. Replace one blanket check with a change-aware one that runs narrowly on what actually changed and on what is actually reachable. Speed is what earns compliance.
- Write down your authorization boundary. Decide explicitly which classes of change flow automatically and which require a named human. Ambiguity here creates both bottlenecks and bypasses.
If you want the full economic case for treating this as accruing risk rather than a code-quality nuisance, the security debt analysis makes the argument in the language your CFO and your examiner both understand.
The bottom line
Guides associés
Produit associé
Continuer la lecture
Who's Accountable When the Agent Ships the Bug? Building an Audit Trail That Holds Up
When an AI agent ships the bug, accountability comes down to your audit trail. How to build immutable, explainable records of autonomous action that hold up to a regulator.
A Glossary of Enterprise AI Agent Governance: Control Plane, Policy-as-Code, Authority Scoping, and More
Plain-English definitions of the enterprise AI agent governance vocabulary: control plane, policy-as-code, authority scoping, blast radius, and more.
The Governed-Autonomy Maturity Model: Where Is Your Org on the Curve?
A five-stage maturity model for governed autonomy in software delivery, from manual gates to policy-driven control, plus a self-assessment for engineering leaders.
