The Governance Gap: Why Your AI Agent's Perfect Memory is a Liability
Google just gave your AI agents a perfect memory. The enterprise reaction was not applause. It was alarm.
The Familiar Ground
In March 2026, a Google Senior PM named Shubham Saboo open-sourced an “Always On Memory Agent” on the official Google Cloud Platform GitHub. It runs continuously, ingests text, images, audio, video, and PDFs, stores structured memories in SQLite, and consolidates them every 30 minutes. No vector database. No embeddings. Just an LLM that reads, thinks, and writes structured memory.
The architecture is elegant. It replaces the entire Retrieval-Augmented Generation stack (embedding pipelines, vector databases, approximate search indices) with a single model that reasons directly over structured data. Powered by Gemini 3.1 Flash-Lite at $0.25 per million input tokens, the economics make “always-on” memory viable for the first time. The agent processes continuously for less than the cost of a junior developer’s daily coffee.
The Counter-Signal
The strongest public reactions were not about whether the system works. They were about whether it should be trusted.
Franck Abe, an architect, called it “brilliant” and then immediately warned: an agent “dreaming” and cross-pollinating memories in the background without deterministic boundaries becomes “a compliance nightmare.”
A developer named ELED cut deeper: “The main cost of always-on agents is not tokens but drift and loops.”
Another critic challenged the scalability claim: the system “still has to chunk, index and retrieve structured memory,” and may break down at scale.
Three different critics. Same instinct. Not one of them questioned capability. Every one of them questioned governance.
⚛️ The Fusion
Here is what the reaction reveals. The enterprise question has shifted. It is no longer “Can AI agents remember?” That question was answered. The new question is: “Can they remember safely?”
This is the collision: persistent memory capability meets enterprise governance requirements, and the gap between them is enormous.
Consider what Saboo’s agent does every 30 minutes. It consolidates memories. Fragments are merged. Redundancies are removed. Patterns are reinforced. This sounds useful until you ask the governance questions:
| Governance Question | Saboo’s Agent | What Enterprise Needs |
|---|---|---|
| What did the agent “know” at 2:00 PM on Tuesday? | Unknown (non-deterministic) | Deterministic audit trail |
| Who authorised the memory merge at 2:30 PM? | Automated (no oversight) | Policy-gated consolidation |
| When must specific memories be deleted? | Not addressed | GDPR Article 17 compliance |
| How are conflicting memories resolved? | LLM decides | Structured dissent protocol |
| Can a human inspect the full memory state? | Partial (Streamlit dashboard) | Complete audit visibility |
The agent can remember everything. It cannot prove what it remembered, when it learned it, or who approved the consolidation. For a prototype, this is fine. For a regulated enterprise, this is disqualifying.
The Pattern Beneath
This is not about one Google PM’s open-source project. This is about a structural gap in the entire AI memory infrastructure category.
Every team building persistent AI agents will face the same five questions. The capability layer (can the agent store and retrieve memories?) is now a solved problem. The governance layer (can you audit, bound, and control what the agent remembers?) is wide open.
The teams that solve governance first will own the enterprise market. The teams that ship memory without governance will watch their demos impress and their contracts stall.
Memory without governance is not an asset. It is evidence you cannot control.
What if you could see your AI agent’s memory state not as a feature to celebrate, but as a compliance surface to govern? The shift is the same one your finance team made decades ago: from “we can track the money” to “we can prove we tracked the money.” The difference is audit. The difference is trust.
The Open Question
If your AI agent has been running for six months, consolidating memories every 30 minutes, accumulating knowledge about your customers, your processes, and your decisions: could you explain to a regulator exactly what it “knows” right now, how it learned it, and why it has not forgotten?
And if you cannot, at what point does perfect memory become perfect liability?
Further reading: Why organisations need structured disagreement before they need AI memory