A financial services firm deployed an AI agent to process loan applications. The agent worked for weeks. Then it encountered an edge case that triggered a loop. Within minutes, it had sent 2,000 duplicate approval notifications to customers.

The team knew something was wrong almost immediately. Alerts fired. Dashboards turned red. Engineers scrambled.

But nobody could stop it.

The system had no interrupt mechanism. No kill switch at the governance layer. No way to halt execution without shutting down the entire platform. By the time they pulled the plug, the damage was done.

The agent did exactly what it was capable of doing. The problem was that nobody had built the authority to tell it to stop.

The Missing Architecture

We spend enormous energy on what AI systems can do. Capability roadmaps. Feature development. Integration architectures. The “go” mechanisms receive obsessive attention.

We spend considerable energy on what AI systems should do. Policy debates. Ethical frameworks. Compliance reviews. The “should” questions generate endless meetings.

We spend almost no energy on building the mechanical authority to stop AI systems mid-execution. The “stop” mechanism barely exists in most deployments.

This is an architectural failure, not an oversight. Most AI systems are designed with implicit trust in mind. Once an action begins, the system assumes it should be completed. Governance exists in policy documents, configuration files, and human review processes that operate before or after execution. During execution, the agent is on its own.

The assumption is that pre-execution governance will catch problems before they start, and post-execution review will catch anything that slips through. The space between, the actual runtime where actions occur, remains ungoverned.

That’s exactly where failures happen.

What Interruption Rights Actually Mean

Interruption rights are not policy objections. They are not escalation procedures. They are not incident response playbooks.

Interruption rights are the mechanical authority to halt an AI’s action while it is in progress.

This means the governance layer has direct control over the execution layer. Not advisory input. Not logging and alerting. Actual authority to stop an action mid-stream, before it completes, before the consequences become irreversible.

Consider what this requires architecturally. The governance layer must operate in parallel with execution, not just before or after. It must have real-time visibility into what the agent is doing. It must have the technical capability to intervene, not just observe. And it must have the authority to override, not just recommend.

Most governance architectures lack these properties. They evaluate requests before execution begins. They analyze outcomes after execution ends. The execution itself proceeds without governance participation.

An interrupt capability changes this. The governance layer becomes an active participant in runtime, not just a gatekeeper at the entrance or an auditor at the exit.

Why Post-Execution Review Isn’t Enough

The argument for post-execution governance sounds reasonable. Let the agent act. Monitor outcomes. Review results. Course-correct based on what you learn.

This approach works when actions are reversible, consequences are minor, and learning happens faster than damage accumulates. For many AI applications, none of these conditions hold.

Some actions cannot be undone. A message sent cannot be unsent. A commitment made cannot be unmade without cost. Data exposed cannot be unexposed. The loan approval notifications could be retracted, but the customer relationships were already damaged.

Some consequences are compound. A single erroneous transaction is a mistake. A thousand erroneous transactions in rapid succession are a crisis. Speed and scale turn minor errors into major incidents before post-execution review even begins.

Some damage happens faster than humans can respond. By the time alerts fire, dashboards update, and engineers assess the situation, the agent has already taken hundreds or thousands of additional actions. Post-execution review becomes post-disaster archaeology.

The fundamental problem is temporal. Post-execution review operates on a different timescale than AI execution. Agents act in milliseconds. Humans review in minutes or hours. Governance that operates at human speed cannot govern systems that operate at machine speed.

Interruption rights close this gap. They allow governance to operate at execution speed because governance participates in execution directly.

Designing for Override

Implementing interruption rights requires architectural commitments that most organizations have not made.

The governance layer must have authority over the execution layer. This sounds obvious, but violates how most systems are built. Typically, the execution layer is the primary one. Governance advises, configures, and reviews, but execution proceeds according to its own logic. Inverting this relationship, making governance authoritative over execution, requires fundamental redesign.

Governance must operate synchronously with execution. Asynchronous governance, where the agent acts and governance catches up later, cannot provide interruption. The governance layer must evaluate and, if necessary, intervene at each step, not after the workflow completes.

Interruption must be granular. A kill switch that shuts down the entire system is not governance. It is an emergency measure with significant collateral consequences. True interruption rights allow halting specific actions, specific agents, or specific workflows while the rest of the system continues operating.

State must be recoverable. When an action is interrupted mid-execution, the system must handle partial completion gracefully. This means transactional boundaries, rollback capabilities, and clear state management. Interruption without recovery creates problems that it doesn’t solve.

These requirements explain why interruption rights are rare. They demand architectural investment that most organizations defer in favor of faster deployment. The governance layer that can actually interrupt is harder to build than the governance layer that merely advises.

But advisory governance is not governance. It is commentary.

Interruption as Trust

There is a counterintuitive relationship between control and trust. The systems we trust most are the systems we can stop.

Consider the difference between an employee and a contractor. Both might perform identical work. But the employee operates within structures that allow intervention, redirection, and, if necessary, termination. The contractor operates more autonomously. We trust employees with more sensitive work not because they are inherently more trustworthy, but because the relationship includes mechanisms for control.

AI systems follow similar logic. An agent that cannot be interrupted requires complete trust. You must believe it will handle every situation correctly because you have no recourse if it does not. The governance that preceded execution must have anticipated every scenario because governance cannot participate once execution begins.

An agent that can be interrupted requires less trust. You can deploy it with confidence, not because it is perfect, but because you retain the authority to intervene when imperfection emerges. Governance continues throughout execution.

This means interruption rights actually enable deployment. Organizations hesitant to grant AI systems significant authority might be more willing to do so if they knew they could revoke it instantly. The ability to stop becomes the foundation for permission to start.

Nomotic governance recognizes this relationship. Trust is not binary. It is calibrated continuously based on observed behavior. Interruption rights operationalize that calibration. When trust is high, intervention is rare. When behavior deviates from expectations, intervention capability exists.

The Nomotic Principle

Nomotic AI is about laws for agents. Laws that govern what agents should do are evaluated at runtime and enforced continuously.

But laws without enforcement are suggestions. A governance framework that can evaluate but not intervene, that can assess but not override, that can log but not stop, is not governing. It is observing.

The nomotic principle requires that governance have mechanical authority over execution. Not just the authority to permit or deny before action begins. The authority to intervene while action occurs.

This is the governance layer nobody builds. Not because it is unimportant. Because it is hard. It requires architectural commitments that slow initial deployment. It requires engineering investment that does not show up in feature demonstrations. It requires acknowledging that capable AI systems need constraints with teeth, not just policies with good intentions.

The organizations that build interruption rights will deploy AI with justified confidence. They will expand agent authority, knowing they can contract it at any time. They will trust their systems because those systems are trustworthy by design, not by hope.

The organizations that skip this investment will deploy AI with fingers crossed. They will monitor dashboards and pray that nothing goes wrong. When something does go wrong, they will discover that governance without uninterrupted authority is no governance at all.

Agentic AI gives systems the power to act. Nomotic AI gives governance the power to intervene. The interrupt capability is not a feature. It is the foundation that makes AI governance real.

If you cannot stop it, you do not control it. And if you do not control it, you are not governing. You are just watching.

---

If you find this content valuable, please share it with your network.

Follow me for daily insights.

Schedule a free call to start your AI Transformation.

Book me to speak at your next event.

Chris Hood is an AI strategist and author of the #1 Amazon Best Seller Infailible and Customer Transformation, and has been recognized as one of the Top 40 Global Gurus for Customer Experience. His latest book, Unmapping Customer Journeys, will be published in 2026.