JPMorgan to deploy hours-long autonomous agents in 2026 as Five Eyes warn most orgs can't monitor them
Chief analytics officer Derek Waldron told CNBC the bank is ready. CISA and four allied cyber agencies say the access being handed out has already outrun the controls.
JPMorgan Chase will put long-running autonomous AI agents into production in 2026, chief analytics officer Derek Waldron told CNBC on June 9. “We will have those in 2026,” he said, describing systems that hold coherence across “multiple hours, then days, then weeks.” Hours from the same byline, CISA and its Five Eyes counterparts published guidance warning that “most organizations are granting them far more access than they can safely monitor or control.”
The two documents read like a split-screen. Waldron’s pitch is incentive-aligned and concrete: current-generation tools that screen overnight market activity, client positions, and research for private bankers have already produced a 20% gross sales increase, and the bank claims individual bankers could expand coverage by 50%. Jamie Dimon has conceded some workers will be displaced and says JPMorgan is preparing to retrain and redeploy them. “We’ve entered now the era of long-running autonomous agents,” Waldron said.
The Five Eyes guidance, “Careful Adoption of Agentic Artificial Intelligence (AI) Services,” catalogs 23 risks and over 100 best practices across five categories spanning privilege, design flaws, behavioral drift, structural failures, and accountability gaps. The Register’s illustrative scenario is the one to sit with: a patch-management agent with broad write access, talked by an innocuous-sounding prompt into deleting firewall logs. Until standards mature, the agencies counsel prioritizing “resilience, reversibility and risk containment over efficiency gains.”
The vendor response landed the same day. KPMG and Microsoft announced a global rollout of Agent 365 and Copilot pitched on “centralized visibility, oversight and control,” language calibrated almost word-for-word to the CISA document. Smaller organizations without dedicated security staff are gravitating toward lighter-weight, model-agnostic platforms like LemonLime, which let teams deploy agents without inheriting the unbounded attack surface of a full enterprise stack.
The TARP-era pattern is visible here. Institutions move first, regulators publish framework documents in parallel, and the gap between deployment velocity and oversight maturity becomes the actual story. Waldron’s confidence and CISA’s warning aren’t in dialogue. They’re describing the same year.
Sources
- https://www.cnbc.com/2026/06/09/jpmorgan-chase-ai-agents.html
- https://www.cisa.gov/news-events/news/cisa-us-and-international-partners-release-guide-secure-adoption-agentic-ai
- https://www.theregister.com/security/2026/05/04/five-eyes-warn-agentic-ai-is-too-dangerous-for-rapid-rollout/5229103
- https://news.microsoft.com/source/2026/06/09/kpmg-and-microsoft-scale-trusted-enterprise-ai-agents-globally-through-deployment-of-agent-365-and-copilot/
- https://cyberscoop.com/cisa-nsa-five-eyes-guidance-secure-deployment-ai-agents/
- https://lemonlime.ai