Portfolio Concentration Governance

2. Summary

Portfolio Concentration Governance requires organisations to detect and manage excessive dependence on any single model family, provider, task type, or governance assumption across their agent portfolio. When an organisation builds 30 agents on one model family from one provider, it has created a single point of failure that can materialise as a simultaneous outage, a pricing shock, a capability regression, or a regulatory prohibition affecting all 30 agents at once. This dimension requires continuous measurement of concentration across defined axes and enforcement of diversification thresholds or documented risk acceptance when thresholds are exceeded.

3. Example

Scenario A — Provider Concentration Triggers Simultaneous Outage: A retail bank has deployed 24 AI agents across customer service, fraud detection, credit decisioning, and regulatory reporting. All 24 agents use the same foundation model from the same provider, accessed through the same API endpoint. The provider experiences a 14-hour outage due to a data centre incident. All 24 agents fail simultaneously. The bank's customer service channels go silent, fraud detection pauses (during which £2.1 million in fraudulent transactions pass through), credit decisions queue for 14 hours causing 890 mortgage application SLA breaches, and two regulatory reports miss their filing deadline.

What went wrong: The organisation never assessed concentration risk across its agent portfolio. Each agent was approved individually (per AG-249), but no portfolio-level view existed to identify that all agents depended on a single provider. The shared dependency was invisible at the individual use-case level. Consequence: £2.1 million fraud losses, regulatory investigation for missed filing deadlines, FCA supervisory letter citing inadequate operational resilience, £340,000 in customer compensation for mortgage SLA breaches.

Scenario B — Model Family Governance Assumption Invalidated: A healthcare organisation deploys 15 agents using the same model family for clinical decision support, patient triage, appointment scheduling, and resource allocation. The agents share a common governance assumption: that the model's outputs are calibrated — that is, when the model assigns 80% confidence to a recommendation, the recommendation is correct approximately 80% of the time. A model update changes the calibration characteristics. The organisation's governance controls, designed around the previous calibration profile, are no longer appropriate. All 15 agents are simultaneously affected, but the organisation's monitoring detects the calibration shift only in the clinical decision support agent (which has the most rigorous monitoring). The other 14 agents operate with degraded governance for 6 weeks before the issue is identified across the portfolio.

What went wrong: The shared governance assumption (model calibration) was never identified as a concentration risk. Each agent was monitored independently, and the cross-portfolio dependency on a single calibration assumption was not tracked. Consequence: 6 weeks of degraded governance across 14 agents, potential patient safety impact from miscalibrated triage recommendations, mandatory clinical audit of all agent-influenced decisions during the affected period.

Scenario C — Pricing Concentration Creates Budget Shock: A consulting firm builds 18 agents on a single provider's API, consuming approximately 4.2 billion tokens per month at a negotiated rate of $2.50 per million input tokens. The provider announces a pricing restructure: the negotiated rate will increase to $8.00 per million tokens in 90 days. The firm's monthly AI operating cost jumps from $10,500 to $33,600 — a 220% increase. Because all 18 agents depend on the same provider, the firm has no leverage to negotiate and no ready alternative. Migrating 18 agents to a different provider would take an estimated 6 months of re-engineering, testing, and revalidation.

What went wrong: The organisation concentrated its entire agent portfolio on a single provider without assessing the commercial risk of that concentration. No alternative provider capability was maintained, no portability requirements were included in agent design, and no concentration threshold triggered a diversification review. Consequence: £276,000 annualised cost increase, 6-month migration timeline if diversification is pursued, reduced margin on client engagements during the transition period.

4. Requirement Statement

Scope: This dimension applies to any organisation operating three or more AI agents in production. Concentration risk is inherently a portfolio-level concern — it becomes meaningful only when multiple agents exist. For organisations with fewer than three agents, concentration risk should be noted in the use-case approval (AG-249) but portfolio-level governance is not yet required. The scope covers concentration across five defined axes: model family, provider/vendor, task type, governance assumption, and infrastructure dependency. The scope extends to agents operated by third parties on the organisation's behalf if the organisation depends on their continued operation.

4.1. A conforming system MUST maintain a portfolio registry that records, for each deployed agent, the model family, provider, task type, governance assumptions, and infrastructure dependencies.

4.2. A conforming system MUST define concentration thresholds for each axis — the maximum percentage of the portfolio that may depend on a single model family, provider, task type, governance assumption, or infrastructure component.

4.3. A conforming system MUST measure portfolio concentration against defined thresholds at least quarterly.

4.4. A conforming system MUST require either remediation or documented risk acceptance by an appropriate authority when a concentration threshold is breached.

4.5. A conforming system MUST assess concentration impact as part of the use-case approval process (AG-249) — each new agent approval must evaluate whether the addition increases concentration beyond defined thresholds.

4.6. A conforming system SHOULD implement automated concentration monitoring that triggers alerts when thresholds are approached (e.g., at 80% of the threshold value).

4.7. A conforming system SHOULD maintain contingency plans for the failure or unavailability of any provider or model family on which more than 30% of the portfolio depends.

4.8. A conforming system SHOULD include portability requirements in agent design standards to reduce switching costs when diversification is needed.

4.9. A conforming system MAY implement concentration stress testing — modelling the impact of a provider outage, pricing change, or capability regression on the full portfolio.

5. Rationale

Portfolio Concentration Governance applies the same principle that has governed financial portfolio management for decades — diversification reduces correlated risk — to the organisation's agent portfolio. The principle is well understood in financial services: a portfolio concentrated in a single asset class, geography, or counterparty is vulnerable to events that affect that single factor. The same principle applies to agent portfolios.

The concentration risk is often invisible because each agent is approved and deployed individually. AG-249 (Use-Case Approval Governance) ensures that each agent is individually approved, but individual approval does not address the correlation risk that emerges when many individually approved agents share a common dependency. This is the distinction between micro-prudential governance (each agent is well-governed) and macro-prudential governance (the portfolio as a whole is well-governed). AG-250 is the macro-prudential complement to the micro-prudential controls in AG-249.

The concentration axes are specifically chosen because each represents a failure mode that affects multiple agents simultaneously. Provider concentration means a single outage, pricing change, or terms-of-service modification affects all dependent agents. Model family concentration means a single capability regression, safety finding, or regulatory action affects all dependent agents. Task type concentration means the organisation has over-invested in automating one function while leaving others unaddressed — creating an unbalanced dependency on agent-mediated operations in that function. Governance assumption concentration — the most subtle axis — means that multiple agents share an assumption (e.g., "the model does not hallucinate proper nouns" or "the model's confidence scores are calibrated") that, if invalidated, undermines governance controls across the portfolio simultaneously.

This dimension connects directly to AG-093 (Supplier Concentration and Exit), which addresses vendor lock-in at the supply chain level. AG-250 extends this concern to the portfolio level — it is not just about whether you can exit a supplier, but about how much of your agent portfolio is affected if you must.

6. Implementation Guidance

Portfolio concentration governance requires a portfolio-level view that does not naturally emerge from individual agent governance. The implementation must create and maintain this view.

Recommended patterns:

• Portfolio registry with concentration dashboards. Build a registry that records, for each agent: the model family (e.g., GPT-4 class, Claude 3 class, Gemini class), the provider (e.g., OpenAI, Anthropic, Google), the task type taxonomy (e.g., customer interaction, decision support, data processing, reporting), the key governance assumptions (e.g., calibration, language capability, safety training), and infrastructure dependencies (e.g., cloud region, API gateway, embedding store). Calculate concentration percentages across each axis and display them on a dashboard. Example thresholds: no single provider should serve more than 60% of agents; no single model family should underpin more than 50% of agents; no single infrastructure component should support more than 40% of agents.
• Concentration impact assessment at approval time. Extend the AG-249 use-case approval process to include a concentration check. When a new agent is proposed, calculate the post-approval concentration across all axes. If the new agent would breach a threshold, the approval body must either require a different provider/model for the new agent, increase the threshold with documented risk acceptance, or reject the use-case. Example: if the portfolio currently has 12 agents, 7 on Provider A (58%), and the new agent would also use Provider A (8/13 = 62%), and the threshold is 60%, the approval must address the concentration breach before proceeding.
• Contingency plans for high-concentration dependencies. For any provider or model family serving more than 30% of the portfolio, maintain a documented contingency plan. The plan should specify: the fallback provider or model, the estimated migration timeline, the estimated cost, the governance re-validation requirements, and the decision authority to activate the plan. Test the contingency plan annually — actually migrate one non-critical agent to the alternative provider to validate the plan's assumptions.
• Portability-by-design standards. Establish design standards that reduce concentration risk at the architecture level. Require abstraction layers between agent logic and model APIs so that model providers can be swapped without rewriting agent logic. Require that agent configurations, prompts, and evaluation criteria are stored independently of the provider's platform. Require that training data and fine-tuning assets are portable. These standards reduce the cost of diversification when it is needed.

Anti-patterns to avoid:

• Measuring concentration only by count. An organisation with 10 agents on Provider A and 2 on Provider B might appear 83% concentrated. But if the 2 agents on Provider B handle 90% of the organisation's revenue-critical functions, the true risk concentration is different from the count-based measure. Concentration should be measured by count, by criticality weighting, and by blast radius (how much operational impact results from the provider's failure).
• Ignoring governance assumption concentration. Organisations readily identify provider and model family concentration but rarely catalogue shared governance assumptions. If 8 agents assume that the model will not produce harmful content because it has been safety-trained, and a model update weakens that safety training, all 8 agents are simultaneously affected. Governance assumptions should be catalogued as explicitly as providers.
• Treating concentration as a one-time assessment. Concentration changes every time an agent is added, removed, or modified. A quarterly measurement is the minimum, but concentration should also be assessed at each approval decision and at each agent retirement.
• Setting thresholds without consequence. Thresholds that generate reports but do not trigger mandatory action provide no governance value. When a threshold is breached, there must be a defined consequence — either remediation within a defined timeline or documented risk acceptance by an authority with appropriate seniority.

Industry Considerations

Financial Services. Financial regulators have extensive experience with concentration risk governance. FCA requirements for operational resilience (PS 21/3) explicitly address concentration risk in technology outsourcing. The same principles apply to AI agent portfolios. Firms should align agent portfolio concentration thresholds with their existing technology concentration risk frameworks. The PRA's expectations on third-party risk management (SS2/21) apply when agent dependencies are on third-party providers.

Healthcare. Concentration in healthcare agent portfolios creates patient safety risk. If all clinical decision support agents use the same model family and that model exhibits a systematic bias (e.g., underdiagnosing a condition in a specific demographic), the bias propagates across all clinical functions simultaneously. Diversification of model families in clinical applications is a patient safety measure, not just a commercial risk measure.

Critical Infrastructure. Concentration thresholds should be more aggressive (lower) for agents in critical infrastructure. A 60% threshold appropriate for commercial agents may be unacceptable for agents controlling power grid operations or water treatment. Consider thresholds of 30-40% for critical infrastructure portfolios, with mandatory contingency plans for any dependency above 20%.

Maturity Model

Basic Implementation — The organisation maintains a spreadsheet listing all deployed agents and their provider/model family. Concentration is reviewed manually once or twice per year. No formal thresholds are defined. Concentration is noted but not formally governed — there is no mandatory response when concentration is high. This level provides visibility but not governance.

Intermediate Implementation — A portfolio registry is maintained with structured data on all concentration axes. Formal thresholds are defined and approved by the governance body. Concentration is measured quarterly and at each new agent approval. Threshold breaches require documented risk acceptance or remediation. Contingency plans exist for high-concentration providers. Concentration metrics are reported to the governance body quarterly.

Advanced Implementation — All intermediate capabilities plus: automated concentration monitoring with real-time alerts at 80% of threshold values. Concentration stress testing is performed annually, modelling the impact of provider failure, pricing shock, and capability regression. Portability-by-design standards are mandatory for all new agents. The organisation maintains validated fallback capability for all providers serving more than 30% of the portfolio. Concentration metrics are weighted by criticality and blast radius, not just count. The portfolio registry integrates with AG-093 (Supplier Concentration and Exit) for end-to-end supply chain concentration visibility.

7. Evidence Requirements

Required artefacts:

• Portfolio registry. The complete registry of all deployed agents showing model family, provider, task type, governance assumptions, and infrastructure dependencies for each agent. Format: structured data export (database, spreadsheet, or API extract).
• Concentration measurement records. Quarterly concentration measurements showing percentages across each axis, compared against defined thresholds. Historical records demonstrating trend over time.
• Threshold definitions and approval. The document defining concentration thresholds for each axis, approved by the governance body, with documented rationale for the threshold levels.
• Breach response records. For each threshold breach, the documented response: either a remediation plan with timeline and progress, or a risk acceptance decision by an authority with appropriate seniority.
• Contingency plans. For high-concentration providers, the documented contingency plan including fallback provider, migration timeline, cost estimate, and test results.

Retention requirements:

• Portfolio registry snapshots, concentration measurements, and breach responses: minimum 7 years for regulated financial services; minimum 5 years for other regulated sectors; minimum 3 years otherwise.

Access requirements:

• Producible to regulators or auditors within 48 hours of request. The organisation must be able to demonstrate its current concentration profile and its response to any historical threshold breach.

8. Test Specification

Test 8.1: Portfolio Registry Completeness

• Stimulus: Compare the portfolio registry against all deployed agents discovered through infrastructure scanning (network traffic analysis, API key inventories, compute resource allocation records).
• Expected behaviour: Every deployed agent appears in the portfolio registry with all required fields populated.
• Pass criteria: 100% of deployed agents are recorded in the registry with model family, provider, task type, governance assumptions, and infrastructure dependencies.
• Fail criteria: Any deployed agent is missing from the registry or has incomplete concentration-relevant metadata.

Test 8.2: Concentration Threshold Enforcement at Approval

• Stimulus: Submit a use-case approval request (AG-249) for an agent that would cause a concentration threshold to be breached (e.g., a new agent on Provider A when Provider A already serves 58% of the portfolio against a 60% threshold).
• Expected behaviour: The approval process flags the threshold breach and requires either an alternative provider, threshold increase with risk acceptance, or rejection.
• Pass criteria: The approval cannot proceed without addressing the concentration threshold breach.
• Fail criteria: The approval is granted without the concentration impact being assessed or the threshold breach being addressed.

Test 8.3: Quarterly Measurement Execution

• Stimulus: Audit the concentration measurement records over the past 12 months.
• Expected behaviour: At least four quarterly measurements are recorded, each covering all defined concentration axes.
• Pass criteria: Four or more quarterly measurements with complete axis coverage exist in the past 12 months.
• Fail criteria: Fewer than four measurements, or measurements that omit one or more defined axes.

Test 8.4: Breach Response Verification

• Stimulus: Identify a historical threshold breach and trace the response.
• Expected behaviour: The breach triggered a documented response — either a remediation plan with defined timeline or a risk acceptance decision by an authority with appropriate seniority.
• Pass criteria: Every threshold breach has a documented response within 20 business days of detection.
• Fail criteria: Any threshold breach lacks a documented response or the response was not actioned within the defined timeline.

Test 8.5: Contingency Plan Validity

• Stimulus: For the provider serving the highest percentage of the portfolio, verify the contingency plan by migrating one non-critical agent to the identified fallback provider.
• Expected behaviour: The migration is completed within the timeline specified in the contingency plan, and the migrated agent passes functional and governance validation.
• Pass criteria: Migration succeeds within the planned timeline and the agent meets governance requirements on the fallback provider.
• Fail criteria: Migration fails, exceeds the planned timeline by more than 50%, or the agent fails governance validation on the fallback provider.

Conformance Scoring

• Score 0: No portfolio-level view of agent dependencies exists — concentration is unmonitored.
• Score 1: A portfolio registry exists but concentration thresholds are not defined and breaches are not governed.
• Score 2: Concentration thresholds are defined, measured quarterly, and breaches require documented risk acceptance or remediation.
• Score 3: Automated concentration monitoring with pre-breach alerts, mandatory contingency plans for high-concentration dependencies, annual stress testing, and validated fallback capability for all providers above 30% portfolio share.

9. Regulatory Mapping

Regulation	Provision	Relationship Type
EU AI Act	Article 9 (Risk Management System)	Supports compliance
FCA PS 21/3	Operational Resilience — Important Business Services	Direct requirement
PRA SS2/21	Third-Party Risk Management	Supports compliance
DORA	Article 28 (ICT Third-Party Risk)	Direct requirement
ISO 42001	Clause 8.2 (AI Risk Assessment)	Supports compliance
NIST AI RMF	GOVERN 1.5, MANAGE 2.3	Supports compliance
EBA Guidelines	Outsourcing Arrangements	Supports compliance

FCA PS 21/3 — Operational Resilience

The FCA's operational resilience framework requires firms to identify important business services, set impact tolerances, and ensure they can remain within those tolerances during disruption. When important business services depend on AI agents, concentration of those agents on a single provider creates a single point of failure that threatens the firm's ability to remain within impact tolerances. Portfolio concentration governance directly supports the operational resilience requirement by identifying and managing these single points of failure. The FCA has explicitly flagged third-party technology concentration as a key risk in its operational resilience supervisory approach.

DORA — Article 28 (ICT Third-Party Risk)

Article 28 requires financial entities to manage risks arising from ICT third-party service providers, including concentration risk. DORA specifically addresses scenarios where multiple critical functions depend on a single provider. AG-250 implements this requirement for the AI agent portfolio specifically, ensuring that concentration in model providers is governed with the same rigour as concentration in other ICT service providers.

PRA SS2/21 — Third-Party Risk Management

The PRA expects firms to assess concentration risk arising from dependence on individual third-party providers, including situations where multiple services depend on the same underlying provider (sub-outsourcing). Agent portfolio concentration governance extends this expectation to the AI-specific supply chain, including model providers, hosting platforms, and API services.

10. Failure Severity

Field	Value
Severity Rating	High
Blast Radius	Organisation-wide — concentration failures affect all agents sharing the concentrated dependency simultaneously

Consequence chain: Unmanaged portfolio concentration creates correlated failure risk. When the concentrated dependency fails — through outage, pricing change, capability regression, regulatory action, or security breach — all dependent agents fail simultaneously. The blast radius scales with the degree of concentration: an organisation with 80% of agents on one provider faces 80% agent portfolio failure on that provider's worst day. The consequence is not hypothetical — major model providers have experienced multi-hour outages, surprise pricing changes, and capability regressions that affected all users simultaneously. The operational impact includes simultaneous loss of multiple business functions, inability to fall back to alternatives (because no alternatives were prepared), and extended recovery time (because diversification after a crisis takes months, not hours). The regulatory consequence is a failure of operational resilience — an inability to demonstrate that the organisation could maintain critical functions during a foreseeable disruption scenario.

Cross-references: AG-093 (Supplier Concentration and Exit) provides the supply-chain-level concentration and exit governance that AG-250 extends to the portfolio level. AG-249 (Use-Case Approval Governance) is the individual approval gate where portfolio concentration should be assessed. AG-045 (Economic Incentive Alignment Verification) addresses pricing risks that concentrate when the portfolio depends on a single commercial relationship. AG-251 (Strategic Fit and Substitution Governance) assesses whether agent alternatives exist, informing diversification options.