Microsoft just shipped a product that treats AI agents like employees.

Agent 365 launched in June as a control plane for managing AI agents across an organization. Not building agents. Not training them. Managing them. It includes an agent registry, onboarding workflows, lifecycle policies, identity controls, performance analytics, and compliance logging. The same categories you would find in an HR platform, applied to software that thinks.

KPMG signed on immediately. The firm is deploying Agent 365 across its entire global workforce of more than 276,000 professionals and using it to manage agent deployments for its clients. Integra LifeSciences, a medical technology company, is embedding agents into supply chain, regulatory affairs, and medical affairs through the same stack.

The price: $15 per user per month. Or bundled into Microsoft 365 E7 at $99 per user per month, which includes Copilot, security, and the full productivity suite.

This is not a research preview. It is a shipping product with enterprise pricing. Worth sitting with that for a second.

The management layer was always the missing piece

For the past two years, the AI conversation has been dominated by capabilities. Which model is fastest. Which one reasons best. Which one handles the longest inputs. The assumption: better models produce better outcomes.

That assumption is wrong. And the evidence keeps piling up.

A Deloitte study from Q1 2026 found that 76% of organizations deploying AI agents lacked the infrastructure to manage them in production. Not the intelligence. The infrastructure. The agents worked. The organizations around them did not.

Agent 365 is Microsoft’s answer to that gap. The product page describes it as enabling organizations to “move from agentic AI experimentation to enterprise-scale operations.” The framing is telling. The bottleneck was never experimentation. Everyone can run a pilot. The bottleneck was operations at scale.

Look at what the product actually does.

There is an agent registry — a single inventory of every agent in the organization, regardless of which platform built it. Microsoft agents, third-party agents, even self-registered ones from non-Microsoft platforms all show up in one dashboard.

IT controls onboarding. Security policy templates get applied before an agent touches anything, the same way you would not hand a new employee the keys to every system on day one. Lifecycle policies expire inactive agents, flag orphaned ones, and block agents that violate security requirements.

Agents get identities in Microsoft Entra, the identity system that already manages human users. Conditional access policies extend from people to agents. And there is agent-level performance tracking — not just uptime, but speed, quality, business impact, and ROI.

Microsoft looked at all of this and decided the right product was not a better agent builder. It was a better agent manager.

Why KPMG moved first

KPMG did not sign this deal because it needed more AI capability. KPMG already runs a multi-agent platform called Workbench, built on Azure AI Foundry. The firm has agents operating across audit, tax, and advisory services. The agents exist. The question was never whether to use them.

The question was how to govern them at scale across 138 countries.

Lisa Heneghan, KPMG’s Global Chief Digital Officer, framed it directly: “This requires strong foundations in governance, visibility and accountability.” Not smarter models. Not more powerful reasoning. Governance, visibility, and accountability.

Cherie Gartner, the KPMG US partner leading the deal, went further: Agent 365 helps enterprises “move beyond fragmented pilots toward a more consistent, production-ready approach to deploying agents.”

Fragmented pilots. That phrase should land hard for anyone still running isolated AI experiments across different departments with no central oversight. KPMG was already running agents. What they needed was the connective tissue between those agents and the organization’s security, compliance, and management infrastructure.

Who should own this in your organization

This is where the answer gets uncomfortable for most companies.

Agent 365 is designed to be managed by the same people who manage employees and systems today. Microsoft 365 admins handle the agent registry and onboarding. Entra admins handle identity and access. Defender admins handle threat protection. Purview admins handle data compliance.

That means the question “Who owns our AI agents?” has the same answer as “Who owns our user accounts and security policies?” It is not the innovation team. It is not the data science group. It is IT operations, security, and compliance.

Most organizations have not made that assignment. The agents report to whoever built them, if they report to anyone at all. There is no central registry, no lifecycle policy, no identity management. Every agent is a standalone experiment.

That worked when you had three agents in a pilot. It does not work when you have three hundred across production systems handling customer data, financial records, and regulatory documents.

The real signal

Microsoft did not build Agent 365 because it thought the market needed another AI product. Microsoft built it because it saw what its enterprise customers were struggling with. The models worked. The agents ran. And then organizations hit a wall trying to manage, secure, and govern what they had deployed.

The product categories tell the story. Agent onboarding. Lifecycle management. Identity and access. Performance analytics. Compliance and audit logging. These are not AI research terms. They are operations terms. HR terms. IT governance terms.

KPMG understood that. Microsoft built a product for it. And most organizations are still running agents the way they ran shadow IT in 2015 — scattered, ungoverned, and one audit away from a very uncomfortable conversation.