AgenticRei deontic policies for runtime governance of agentic AI

AgenticRei, proposed on arXiv on 17 Jun 2026 by Anupam Joshi, Tim Finin, Karuna Pande Joshi and Lalana Kagal, implements deontic policies to govern LLM-driven agentic systems at runtime. The paper (arXiv:2606.19464) is 10 pages with 1 figure and describes a Rei-based policy language expressed in OWL and evaluated by a high-performance logic engine entirely outside the LLM.

What is AgenticRei and how does it work?

AgenticRei is a deontic-policy pipeline that enforces not only permit and prohibit rules but also obligations, dispensations and policy conflict resolution at runtime, and it governs both tool invocations and agent-to-agent messages. The authors express policies in a Rei-derived language encoded as OWL; those policies are evaluated at runtime by a high-performance logic engine that runs outside the LLM. The same pipeline governs tool calls made by an agent and messages exchanged between agents, so policy checks are applied to both external actions and inter-agent coordination.

How does it differ from existing policy engines?

AgenticRei adds governance features that current production engines do not, namely obligation lifecycle management, meta-policy conflict resolution and dispensations that waive obligations in particular circumstances. The paper contrasts AgenticRei with XACML, Rego and Cedar, noting those systems address only the permit/prohibit subset of governance. AgenticRei therefore covers aspects the authors say "obligation lifecycle management" and ontological reasoning over domain class hierarchies require, capabilities that the cited engines lack.

The implementation path the authors describe is explicit: a deontic policy language built on the Rei framework, expressed as OWL, with runtime evaluation handled by a separate logic engine. That separation places policy reasoning entirely outside the LLM, rather than embedded in model prompts or application code.

Why it matters

Agentic AI systems can invoke tools, manipulate data, install software and coordinate across organizational boundaries, so simple authentication and access control do not capture the full enterprise governance needs the authors identify. AgenticRei targets those gaps by adding obligations (actions the agent must perform after certain steps), dispensations (waivers under defined conditions) and a mechanism for resolving conflicting policies. The approach also supports ontological reasoning over domain hierarchies, which matters in regulated settings such as healthcare, cybersecurity and data privacy, areas the paper cites as typical application domains.

This matters because LLM-driven agents that can act autonomously create new compliance and security vectors. A runtime policy layer that enforces obligations and handles waivers could change how organizations let agents interact with sensitive systems and with each other.

What to watch

The authors note AgenticRei composes naturally with industry-standard frameworks like A2AS; seeing concrete integrations or reference implementations with A2AS would be the next confirmatory signal. Publication is scheduled in the 2026 IEEE Symposium on Agentic Services (part of the IEEE Conference on Web Services), which should make peer-reviewed proceedings and any accompanying artefacts available.

Specific, source-attributed facts: the paper was submitted on 17 Jun 2026 to arXiv as arXiv:2606.19464, it runs 10 pages and contains 1 figure, and the implementation uses Rei/OWL with a runtime logic engine entirely outside the LLM.

Authors and metadata: Anupam Joshi, Tim Finin, Karuna Pande Joshi and Lalana Kagal authored the submission; the submission history lists Tim Finin as the contact. The paper argues that current engines (XACML, Rego, Cedar) handle only permit/prohibit and thus miss obligation lifecycle management, meta-policy conflict resolution and dispensations, which AgenticRei aims to provide.