Traditional ROI & Risk Management Models Don’t Work for AI: Here’s What You Should Do Instead
Most organisations have, by now, approved meaningful AI investment.
But many are starting to ask the harder question that follows. How do we know we are getting value back?
The honest answer, across most large Australian organisations, is that they don’t.
ADAPT’s research, profiled in its recent interview with Workday’s Industry Advisor, Luke Bebbington, found that 8 in 10 CFOs say they struggle to track the returns on technology investments. AI is making that problem materially worse, not better.
The reason is structural. Agentic AI does not behave like the technology that traditional ROI models were built to evaluate. It learns, adapts, its costs are variable, and its risks compound with use. But most importantly, its value is highly dependent on how it is governed.
For senior leaders responsible for both growth and risk, this matters.
For example, the frameworks finance teams have used for decades to justify technology investment are not built to handle a category of capability that behaves more like a digital employee than a software licence. The organisations that recognise this early will deploy AI with confidence.
The organisations that don’t will continue funding initiatives whose true cost and true risk only become visible after the fact.
Why traditional ROI models do not fit agentic AI
Discounted cash flow models, payback periods and standard productivity metrics share a common assumption.
They assume the asset being measured has a predictable cost profile and a stable risk envelope. Software fits that assumption reasonably well. Agentic AI does not.
Luke Bebbington, who has built dozens of agents across finance roles, frames the issue clearly.
Conventional ROI frameworks “don’t fit nicely” when applied to systems that operate as intangible assets rather than tools. The value of an agent compounds over time, depends heavily on the data and policy environment in which it operates, and varies with how it is governed.
That has direct implications for the way investment cases are written. A traditional ROI case assumes the asset performs as specified at the point of purchase. An agent performs the way it was deployed, the way it was trained, the way its data flowed last week, and the way it was constrained by its policy environment yesterday.
Each of those variables can change. Each of those changes can move the financial outcome.
The second structural problem sits on the cost side. AI specialist Naren Gangavarapu has warned that organisations should not treat AI consumption like standard software licensing, because token usage, retries and reasoning depth can escalate quickly and create costs that are difficult to attribute, cap or recover.
A board approving an AI initiative on the basis of a fixed annual cost may discover, twelve months later, that real expenditure is multiples of the original case. That is not a forecasting failure. It is a model failure. Consumption-based AI cost structures challenge the assumptions on which traditional capital allocation rests.
Together, these two issues, variable value and variable cost, mean that the ROI of agentic AI cannot be calculated the way the ROI of an ERP upgrade can be calculated. A different model is required.
The risks that grow with autonomy
Beyond cost, there is a category of risk unique to agentic AI that traditional ROI models do not price at all.
Autonomous systems take actions. The more autonomy they have, the more actions they take without direct human oversight. Each action is a potential point of exposure. Four categories of risk are now becoming visible in real-world deployments.
1. Runaway inference cost
Agents that loop, retry, or expand their reasoning chains can consume orders of magnitude more compute than their original use cases justify. Without enforcement, cost overruns are detected only at the next invoicing cycle.
2. Hallucinated actions
An agent that produces a plausible but incorrect output in a chat interface is a minor problem. An agent that produces a plausible but incorrect action in a live business process is a material one.
The downstream cost of correcting a hallucinated transaction, contract clause or customer message can dwarf the productivity gain the agent was deployed to deliver.
3. Policy violation
Agents operating across regulated workflows can trigger obligations under privacy law, financial services regulation, prudential standards, and, increasingly, the Financial Accountability Regime.
A policy violation that goes unnoticed for weeks can move from a control failure into a reportable regulatory event.
4. Silent degradation
Models drift. Data sources change. Integrations break in ways that affect output quality without producing a visible failure. Performance can erode quietly between formal reviews.
By the time it surfaces, the cumulative damage to decisions, customer experience and compliance posture may be significant.
None of these risks appears in a traditional ROI model. All of them are now appearing in real boardrooms.
Why guardrails have become an economic question, not a compliance one
Until now, AI governance has been treated as a compliance overlay. The model was deployed, the use case approved, and a separate process attested to the controls around it.
That approach assumes that the system’s value and risk can be managed separately. With agentic AI, they cannot.
Guardrails, the real-time mechanisms that bind agent behaviour to policy, contracts and risk thresholds, now determine whether the financial case for an AI investment holds up.
Without them, every additional deployment increases financial volatility rather than reducing it. With them, the cost envelope becomes forecastable, the risk envelope becomes bounded, and the value envelope becomes defensible to a board.
That shift turns guardrails from a compliance afterthought into an economic necessity.
The boards that understand this are reframing their evaluation of AI investment. The conversation is moving from “what hours will this save” to “what is the risk-adjusted return on this capability, and what does our governance environment have to do to keep that return positive?”
What organisations and teams should actually measure
For executives and directors seeking to bring AI investment under proper financial discipline, three shifts in measurement now matter more than the ROI calculation itself.
1. From Productivity gains to system resilience
Hours saved are a useful indicator at the pilot stage, but a poor indicator at scale. The more strategic question is whether the system as a whole, agents, data, controls and people, is more resilient, more accurate and more responsive than it was before.
Resilience is harder to measure than productivity, but it is the metric that holds up under board and regulatory scrutiny.
2. From project ROI to portfolio value
Single-agent business cases tend to overstate value because they ignore interdependency. The agent that automates a workflow may, three quarters later, be one of fifty agents interacting across the same data fabric.
Portfolio-level visibility is now essential. Organisations need to see the combined cost, risk and benefit of the agent fleet, not the case for each agent in isolation.
3. From cost optimisation to risk-adjusted return
The right framing for an agentic AI investment is not “how cheaply can this run?” It is “what return can we sustain once we account for the cost of the controls required to keep this safe?”
Organisations that price guardrails into the case from the start have a stable view of return. Those that don’t are running an unhedged exposure.
How Ikara helps boards turn AI into a governable capability
Ikara is built for this shift. We provide real-time guardrails that bind AI behaviour to enterprise policy, contractual obligations and risk thresholds, giving boards, executives and risk teams a continuous, evidence-based view of how autonomous systems are actually performing. For organisations moving AI from pilot into production, this delivers three capabilities that conventional governance cannot.
1. Policy enforcement in real time
Agent actions are checked continuously against the regulatory and internal rules that apply to them, rather than reviewed periodically after the fact. Policy violations are surfaced as they happen, not reconstructed afterwards.
2. Contract-linked accountability
Ikara ties AI behaviour directly to the operational and commercial obligations sitting underneath each agent, so the connection between what an agent did and what the organisation is on the hook for is visible at all times. This matters at the supplier interface, where third-party AI is increasingly part of the supply chain.
3. Continuous monitoring of drift, misuse and anomalous behaviour
Performance changes that would otherwise surface at the next review (silent degradation, unexpected cost escalation, model drift) become visible early enough to act on.
Together, these capabilities convert AI from a volatile operating expense into a governed capability. The cost envelope becomes forecastable. The risk envelope becomes bounded. The value envelope becomes defensible.
The bottom line for CEOs and boards
The failure of traditional ROI models for AI is not a sign that AI lacks value, but rather that its value can only be captured within a different governance environment.
For boards, the practical work in the months ahead is to test three assumptions.
1. Whether existing investment cases for AI properly price both consumption-based cost volatility and the four risks that grow with autonomy.
2. Whether AI activity inside the organisation is being measured at the portfolio level, not just the project level.
3. And whether guardrails are built into the financial case from the start, rather than bolted on afterwards as a compliance overlay.
The organisations that get this right will deploy agentic AI with the confidence that financial exposure will not outpace benefit. They will be able to explain and defend the autonomous decisions taken in their name. They will treat AI as a governed capability rather than a speculative bet.
The rest will continue running AI on a model designed for software. That model is no longer fit for purpose, and the cost of finding out will continue to be paid in unmeasured risk.
Sources
Australia regulator calls for urgent cybersecurity action to counter Mythos