When Robots Need Rules: The Governance Gap for Physical AI

Last week, Singapore's Infocomm Media Development Authority released version 1.5 of its Model AI Governance Framework for Agentic AI. If that sounds like bureaucratic jargon, let me translate: it's the world's first serious attempt to write rules for AI that actually does stuff in the real world — not just generates text or recommends movies, but moves boxes in warehouses, drives vehicles, and controls infrastructure.

This matters more than it sounds.

From Pixels to Physics

Here's the thing about most AI governance we've seen so far: it's been focused on the digital realm. Bias in hiring algorithms. Misinformation in social feeds. Harmful content from chatbots. These are real problems, but they stay in the cloud.

Agentic AI is different. These systems can plan multi-step goals, interact with external tools, write to databases, control devices, execute transactions. And increasingly, they're moving into physical environments — warehouses, delivery routes, public spaces.

The risks don't just multiply. They transform.

"Any risk in the digital domain will be amplified in the physical domain, and the physical domain will have a physical consequence," said Dr. Ya-Qin Zhang from Tsinghua University at an AI summit in Singapore. He's right. A biased hiring algorithm creates bad teams. A biased autonomous vehicle creates casualties.

The Accountability Web

What makes this governance challenge particularly thorny is the distributed responsibility. AI developers, robotics manufacturers, semiconductor suppliers, infrastructure operators — throw in software updates, telemetry, and operational data, and you have a complex web where responsibility gets diffused across many actors.

Singapore's framework tries to untangle this by calling for clear responsibility chains from model providers to deployers to end users. It recommends limiting agent access to tools and systems using least-privilege permissions. It suggests standard operating procedures for agent workflows. Most importantly, it calls for mechanisms to take agents offline when they malfunction.

I'm not sure this goes far enough, but it's a start.

The Monitoring Problem

Grab, the Singapore-based superapp, is already piloting autonomous vehicles and delivery robots in the Punggol district. Their CTO makes an important point: "There's a long tail of issues that could emerge."

This is the monitoring challenge nobody talks about enough. Traditional software deployment has a clear endpoint — the system is live, you watch the logs, you patch bugs. Agentic AI in physical environments doesn't have that luxury. The environment changes. Edge cases emerge. Robots encounter situations their training never prepared them for.

Grab's approach involves extensive simulation, closed-course testing, open-course testing — and only then gradual scaling. It's deploy-based governance built around iteration, not certification.

What This Means for Businesses

If your company is thinking about deploying AI agents in physical operations — logistics, manufacturing, delivery — you need to think about governance before the lawyers do it for you. Key questions:

• What happens when the AI makes a wrong decision? Not if, when.
• Who is accountable? The AI developer? The deployer? Your company?
• How do you take it offline? Can you, quickly?
• What's your monitoring posture? Real-time telemetry is not optional.

Singapore's framework isn't perfect, but it's ahead of most jurisdictions. If you're operating AI in physical environments, you'll want to know what's in it.

The era of embodied AI is arriving faster than our rulebooks suggest. Time to catch up.