OSuite OSuite.ai
Sign in Request access
← All posts
Research note · July 13, 2026 · 10 min read

Interoperability is not governance.

MCP, A2A, ACP, ANP, and trust registries help agents connect. Enterprise buyers still need a control plane that decides authority, preserves dissent, binds approval, and makes proof replayable.

O
OSuite Research
Protocol governance field note
At a glance
Agent interoperability protocols can connect agents, but connection is not control.
The missing layer is not another transport protocol; it is deployer-owned governance over action authority, dissent, approval leases, and replayable proof.
OSuite treats MCP, A2A, ACP, ANP, and similar protocols as evidence lanes feeding the governed action layer.

A useful new paper put language around something enterprise buyers already feel: agent interoperability is not the same as agent governance.

The paper, Governance Gaps in Agent Interoperability Protocols: What MCP, A2A, and ACP Cannot Express, looks at the protocol side of the problem. Its finding is not that MCP, A2A, ACP, ANP, or trust registries are useless. The opposite is closer to the truth. These protocols matter because they make agents easier to connect, discover, hand off, and compose.

But connection is not control.

OSuite protocol governance control plane

Protocols solve connection, not authority

Most interoperability work starts with a reasonable goal: let agents communicate, discover capabilities, call tools, delegate tasks, and exchange structured messages without every vendor inventing its own private wiring.

That is necessary infrastructure. It is also incomplete for enterprise deployment.

Once an agent can touch production systems, customer records, repositories, cloud resources, financial flows, legal workflows, or external communications, the buyer's question changes. The question is no longer only "can these agents talk to each other?" The question becomes:

  • Who has final authority over the action?
  • What exactly is the action allowed to do?
  • Did anyone dissent, object, or require an exception?
  • Is approval bound to the specific action, or can it be reused?
  • Can the organization reconstruct the proof later without trusting a vague log?

A protocol can move a message. It does not automatically decide whether that message should become a business event.

The missing fields are governance fields

The paper evaluates interoperability protocols against governance dimensions such as membership, deliberation, voting, dissent preservation, human escalation, and audit or replay. Those words sound procedural, but they are technical requirements once agents begin acting in real systems.

Dissent preservation is a good example. If one reviewer says "do not run this" and another approves an exception, the system should not flatten that into a simple pass/fail status. The dissent is evidence. The exception is evidence. The owner, reason, scope, expiry, and proof reference matter.

In a serious enterprise environment, disagreement is not noise. It is part of the control record.

Where OSuite sits

OSuite should not pretend to replace MCP, A2A, ACP, ANP, or similar standards. That would be the wrong layer.

Our view is narrower and stronger:

MCP and A2A let agents connect. OSuite decides what connected agents are allowed to do, who approved it, whether the approval can be reused, and how the proof is replayed later.

That is why OSuite is built around the governed action path:

LayerProduct role
Runtime adaptersBring in shell hooks, MCP calls, SDK calls, workflows, managed agents, and ChatGPT App actions.
CAVATurns the raw runtime event into a canonical action object.
Policy profile and Decision ScoreRoute the action as allow, observe, approval, dual approval, or block.
PCAAAssigns final deployer-side governance authority and proof-carrying approval.
BAFTurns approval into a bounded action lease, not a reusable permission.
AREGMaps agents, runtimes, tools, systems, boundaries, proof, dissent, and exceptions into a runtime security map.

The protocol lane is evidence. It is not final authority.

Why this changes product design

If interoperability is mistaken for governance, the product becomes dangerously reassuring. The dashboard shows connected agents. The protocol handshake succeeds. The tool call is structured. The trace exists. Everything looks modern.

Then a real buyer asks what happened after an agent proposed a risky action.

The system needs to answer in operational language:

  • The action touched a production-adjacent system.
  • The reviewer approved it for this exact canonical action.
  • The approval lease was bound to this session, actor, policy version, destination scope, and time window.
  • A dissent record was preserved.
  • An exception was accepted by a named owner with a stated reason and expiry.
  • The final proof bundle can be replayed.

That is governance. A connected agent without that control path is still a connected agent, but it is not yet a governed one.

What we changed after reading it

We added dissent and exception evidence to OSuite's action accountability path.

That means a governed action can now carry records such as who objected, why they objected, whether the objection was resolved, whether an exception was accepted, who owns that exception, what scope it applies to, and when it expires.

This is not a new product. It is a correction to the evidence model. If governance is going to survive audits, incidents, and internal disagreement, it has to preserve more than the final verdict.

The enterprise market does not need another phrase for "human in the loop." It needs runtime controls that can survive the first uncomfortable question after an agent acts:

What exactly was allowed, by whom, over whose objection, under what boundary, and with what proof?

Keep reading
Strategy

AI sovereignty is incomplete without action sovereignty.

July 13, 2026
Founder essay

Enterprise AI is not about who owns the model. It is about who owns the operating language.

July 2, 2026

Approve high-risk AI work before it runs.

Request enterprise access and send your first governed decision today.

Request enterprise access Read the docs