When I started The RWA Ledger, I knew there would come a point when I would inevitably dive into AI - a theme I’ve largely and intentionally excluded from my pieces since beginning this project months ago. AI is everywhere now, from conference panels and investor memos to layoff announcements and my entire LinkedIn feed. While this article isn’t solely about AI, it has played a central role in the story I’m sharing. I’m not anti-AI, but it’s a complex issue that requires careful thought and ethical consideration when discussing, and I think there are writers out there who currently do a much better job at highlighting those considerations than I ever could, such as Noah Smith who writes about AI regularly and has one of the most interesting and relatable perspectives on the matter - for instance, he wrote a Substack piece back in March on why AI has what he calls “the worst sales pitch I’ve ever seen” [34].

When I first began drafting this after returning from Consensus 2026 Miami, my initial focus was narrower, centering on AI and agentic systems in financial infrastructure. I also planned to explore how cybersecurity, compliance, and risk are thematically linked - topics that were widely discussed at the conference. That original version would have been much shorter, which I imagine was a welcome relief for some. However, as with many of my writings, it has expanded beyond that initial scope.

What has taken shape in the week since that initial draft has evolved considerably. It is as much a story about leadership decisions dressed up as strategy, capital pressures reframed as efficiency, and layoffs presented as AI transformation, even when the underlying data tells a considerably more complicated story.

Leadership Decisions Dressed Up as Strategy

The Speed-to-Risk Paradox

There is no single agreed-upon term for what is happening, but the pattern is documented across multiple institutional frameworks. For example, Deloitte calls it the cyberthreat paradox [40], Cisco frames it as the multiplier effect [41], and Hack The Box (HTB) calls it the automation paradox.[46] What they are all describing is the same underlying dynamic: the tools accelerating digital transformation are the same tools expanding the attack surface, and the speed advantage increasingly belongs to the attacker. For the purposes of this piece, I will use the term “speed-to-risk paradox.”

All current arguments are valid, true, and relevant. AI can perform routine risk assessments faster and more accurately than humans, helping identify vulnerabilities in ways previously impossible. In these frameworks, AI is seen as a tool to free up valuable time for teams involved in risk, compliance, regulatory functions, engineering, product development, operations, and strategy. This allows these teams to focus on adding value through innovation and efficiency, ultimately leading to better organizational outcomes - and so it comes as no surprise that the companies that successfully adopt AI will gain a clear competitive edge.

There is an often overlooked aspect of this debate that isn’t adequately addressed in the current narrative surrounding AI transformation.

What neither argument accounts for is what happens when you accelerate the technology while simultaneously eliminating the risk and compliance functions that Deloitte explicitly identifies as the prerequisite for making that acceleration safe.Hack HTB’s benchmark data confirm the other half of the same finding: despite massive gains in speed, automated systems were 70% more likely to solve routine tasks but failed to replicate the creative chaining of exploits required to breach hardened systems. A tool can find a logic override, but only a human can assess whether that override threatens a regulated data store or a public-facing portal. Speed without that human judgment is not a strategy -it serves as the foundation for the upcoming case study on catastrophic consumer data failures.

Precedence and The Prisoner’s Dilemma

The patterns here have a precedent that predates AI entirely. Accountability infrastructure did not disappear overnight. As with many things, and as I have written about before, the path to failure was created through a series of consequential but sometimes unassuming decisions, one leading to another until all dominoes topple.

Economists call a version of this the prisoner’s dilemma: the individually rational choice, when made by everyone simultaneously, produces the worst collective outcome. Each decision to cut a compliance function, reduce a risk team, or reclassify oversight as overhead is defensible in isolation, made under competitive pressure, with a plausible narrative attached. The cumulative effect only becomes visible in the collapse. This is the story of what happens when those functions are treated as friction rather than as the last line of defense. And it is happening now.

WorldCom subordinated its internal audit function to the executives it was supposed to scrutinize, resulting in an $11 billion accounting fraud that was the largest in U.S. history at the time.[38] Lehman Brothers had a risk management infrastructure that was systematically overruled by its own leadership in the years before the 2008 collapse, with the chief risk officer sidelined and the board kept in the dark on the firm’s true leverage exposure.[39]Theranos dismantled its scientific oversight in the name of disruption and kept moving until the fraud could no longer be contained.[37] And let’s not even begin to discuss the fiasco of FTX…

The most obvious explanation in each case is fraud. But the underlying story is the same in all three. It occurs when companies systematically weaken or eliminate essential internal functions responsible for oversight, compliance, risk, legal, and audit teams, often in pursuit of speed, efficiency, or innovation. This dismantling leaves the organization without the necessary structures to identify and prevent impending issues or manage catastrophic risk.

Could History Be Repeating?

The current trends in fintech, technology, and financial services show multiple well-known behavioral patterns occurring simultaneously. Recent workforce reductions across parts of the technology sector, including at firms such as Bill.com, Cloudflare, Meta, and Bolt, have increasingly coincided with broader industry efforts to prioritize AI investment, operational efficiency, and cost restructuring, including functions perceived internally as non-revenue-generating or operationally redundant during aggressive efficiency initiatives. This does not imply equivalence between these firms or historical corporate failures. However, prior cases involving companies such as WorldCom, Lehman Brothers, and Theranos have demonstrated that periods of intense market pressure, growth expectations, and narrative-driven decision-making can create environments in which institutional incentives become misaligned with long-term governance and risk management. These environments often foretell behavioral reasoning that includes:

• Moral Hazard, where decision-makers capture the short-term benefit of cutting oversight while the long-term exposure lands elsewhere.

• Regulatory Arbitrage, the calculated bet that the enforcement window will prove more forgiving than the threat window.

• Short-termism, at scale, the prioritization of near-term cost reduction and investor narrative over institutional integrity, visible in its most explicit form when a company announces a workforce reduction and a share buyback program on the same day.

Another example from history is Enron, which exhibited all three behavioral issues simultaneously: moral hazard in Special Purpose Entities (SPEs) structures that personally benefited executives while concealing corporate debt; regulatory arbitrage via mark-to-market accounting that exploited permitted practices; and short-termism driven by a compensation system that rewarded quarterly results regardless of underlying economics. The board disregarded its conflict-of-interest policies to enable this, and management was responsible for the audit. The internal whistleblower was ignored - and the rest, as they say, is history.

For the purpose of this piece, Enron serves as a highly relevant example precisely because the fraud was not the root cause. While Enron is remembered primarily as a case of extensive financial fraud, hidden debt transferred into off-balance-sheet shell companies to manufacture an illusion of profitability, mark-to-market accounting that booked future revenues before they ever materialized, criminal convictions for CEO Jeffrey Skilling and founder Kenneth Lay, and the destruction of documents by its own auditor Arthur Andersen,[42][43][44][45] it was about considerably more than the fraud itself.

Beneath the headlines was a story about the systematic removal of the internal functions whose job it was to say no, dismantled under the banner of innovation and efficiency until there was no one left to question what was happening. The board deferred to management. Internal audit was subordinated to the executives it was supposed to oversee. When the collapse came, the accountability architecture that should have surfaced it earlier had already been sidelined, exposing structural similarities that became difficult to ignore.

This moment's historical significance lies not only in the patterns themselves but also in their propensity for co-occurrence. Research after the 2008 financial crisis identified major failures in corporate governance and risk management as key causes, highlighting risks that were hiding in plain sight. A Federal Reserve study revealed that banks with better-compensated chief risk officers, indicating a more valued risk function, experienced significantly lower volatility during the crisis. The organizational structure before the crisis largely predicted its outcome. Similarly, IMF research across 59 economies showed that combining multiple behavioral signals could predict financial crisis years in advance. And while these signals are rarely invisible, they are often ignored, individually rationalized, or subordinated to short-term performance pressures until their cumulative effect makes the collapse unavoidable.

However, while the doom-and-gloom is real, not all leaders are making misguided choices or taking the same approach. In a study published last year in 2025, 82% of companies plan to boost spending on compliance technology, and the enterprise governance, risk, and compliance market is expected to grow from $72 billion to over $200 billion by 2033.[11] However, while many are increasing their investments, a significant number are not, and this article focuses on some of those organizations.

Share

Capital Mismanagement Disguised as AI Efficiency

If the behavioral patterns discussed earlier shape institutional decision-making outcomes, then the financial aspects reveal how those behaviors materialize economically. The prisoner’s dilemma helps explain how institutions can collectively reinforce outcomes that few participants would independently design. But this only persists when capital continues to reward and finance the behavior at scale. In the current AI cycle, understanding where that capital comes from, how it is financed, and what it displaces turns the governance debate from an abstract cultural concern into a measurable economic one.

Between 2022 and 2025, the combined capital expenditure of the five largest U.S. hyperscalers increased from $162 billion to $448 billion, with an average annual growth rate of 72% since mid-2023. Morgan Stanley forecasts that hyperscaler capital expenditure will surpass $800 billion in 2026 and reach $1.1 trillion in 2027, nearly matching current U.S. national defense spending.[49] In an effort to finance a portion of this, major tech companies issued $100 billion in bonds in 2026 alone, with investors seeking record-level protection against default risk through credit default swaps. Business fixed investment rose by 10.4% in Q1 2026 and accounted for three-quarters of all U.S. economic growth, despite consumer confidence falling to its lowest level since 1952, as measured by the University of Michigan.

The mechanism connecting capex to headcount decisions is not subtle. Jason Schloetzer, faculty affiliate at Georgetown University’s McDonough School of Business, is direct: “CEOs may say these cuts are because of AI, when they really mean to say that they don’t have enough cash flow generation to fund the investments they would like, so they need to trim headcount to free up capital,” he said. For investors, he added, “reduced expenditures are boosts in profit. The reason doesn’t matter.” Evan Sohn, managing director at Revelio Labs, put it more plainly: “Payroll is being converted into capital expenditure.”[12]

Noah Smith’s analysis of U.S. government debt this week explored the more macroeconomic consequences of this logic:[28] the government borrows to pay the interest on prior borrowing, a self-reinforcing process that breaks only when something breaks it from outside. Firms are running the same playbook: borrow at scale to fund AI infrastructure, cut the human functions that generate near-term costs, report a leaner operating model to investors, and use the AI narrative to make both decisions appear to be a single coherent strategy.

The May 2026 layoff wave made this explicit in ways that are difficult to misread. Bill.com announced a 30% headcount reduction alongside a new $1 billion share repurchase program,[36] simultaneously cutting people and returning capital to shareholders on the same day. Cloudflare cut more than 1,100 jobs globally, roughly 20% of its workforce, citing an increase in internal AI usage of more than 600% over three months. Upwork cut approximately 25% of its workforce the same week.[35] The capital return programs announced alongside the headcount reductions make the financial logic transparent: the timing and sequencing make the relationship between workforce reductions and shareholder return initiatives difficult to overlook, not the AI buildout.

Efficiency Reductions, or Something Else…?

From an external lens, it is not always clear which functions are being reduced, compressed, redistributed, or reframed as operationally redundant during periods of aggressive efficiency restructuring. The deeper issue is not workforce reduction itself, but as cited previously, multiple firms discussed in this piece have gone through restructuring efforts tied to AI adoption, flatter operating models, or cost compression, which have coincided with reductions affecting governance-oriented functions. These have included areas spanning legal, compliance, privacy, audit, people operations, trust and safety, content moderation, risk management, and other institutional control layers responsible for escalation, accountability, operational continuity, and organizational oversight.

The optics become more visible when compared against the broader governance environment in which organizations are simultaneously operating. ISACA’s 2026 State of Privacy survey found that the median privacy team size fell from 8 to 5 in just 1 year, while 47% of technical privacy roles and 37% of legal and compliance privacy roles were already reported as understaffed.[50] 62% identified compliance pressure as a major challenge, and 52% reported increasing difficulty managing risks associated with emerging technologies.[50] Diligent’s 2026 GC Risk Index similarly found that 67% of general counsels are now spending more time on enterprise-wide risk and compliance oversight than a year earlier.[51]

AI can meaningfully augment portions of this work, particularly repetitive analysis, monitoring, administrative workflows, and other time-intensive operational tasks. The issue arises when task-level automation is misrepresented as a substitute for the institutional judgment, contextual decision-making, governance oversight, and organizational memory that those functions are meant to provide. Many of the same teams being compressed are also responsible for identifying and containing risks associated with AI deployment, operational leverage, regulatory exposure, and the debt structures that finance the current buildout. The margin for error beneath the current narrative is considerably smaller than many organizations appear willing to acknowledge.

Share The RWA Ledger

The People Reality

What the financial picture does not capture is what happens inside organizations after governance and compliance functions are cut, leaving the people who remain to absorb work they were never resourced or trained to manage.

IBM cut 8,000 employees to replace them with AI systems and later had to rehire because the automation did not meet expectations. Klarna’s AI-driven staff reductions backfired when customer service quality declined, prompting the return of human agents. Both are cautionary tales about confusing automation with governance, not about AI itself.

Reports from employees across financial services and technology sectors describe a consistent pattern: skeleton teams inheriting critical functions, executives absorbing roles outside their depth, and institutional knowledge walking out with the people who were let go.

In a recent correspondence between The RWA Ledger and Paul van der Stam, who served as an accounting manager at Bolt on a contract basis during a major restructuring period:

"Once People Ops was reduced to a single seat, the function lost its capacity to operate as a business partner. The remaining person managed a significant organizational reduction largely alone. That's a structural impossibility, not a performance failure."

On the AI framing specifically, van der Stam was direct about the gap between what was announced and what was actually deployed. "The headcount reductions preceded any meaningful AI implementation that could have absorbed the work those teams were doing. The sequencing alone contradicts the narrative."

His account is broadly consistent with recent Gartner research examining workforce reductions tied to automation initiatives at large enterprises. In a late-2025 survey of 350 global business executives at organizations with more than $1 billion in annual revenue, Gartner found that companies reporting significant ROI from AI and autonomous technology deployments reduced headcount at roughly the same rate as firms reporting only modest or negative returns.[14]The strongest outcomes were associated less with workforce reduction itself and more with reinvestment into employee training, operational redesign, and AI-enabled workflow integration.

That finding becomes more significant when viewed alongside the governance and staffing pressures discussed earlier in this piece. Across the broader operating environment, legal, compliance, privacy, audit, and risk functions are already reporting increasing workload complexity alongside resource and staffing strain.[50] [51] The contradiction is difficult to ignore: many organizations are accelerating technological complexity while simultaneously compressing portions of the institutional control layers responsible for governing it.

AI Transformation vs. AI-Washing

Major outplacement and executive coaching firm Challenger, Gray & Christmas tracked 54,836 U.S. job cuts explicitly attributed to AI in 2025 alone. [12] By comparison, the firm recorded roughly 3,900 AI-related cuts in 2023, the first year the category was separately tracked, and approximately 13,000 in 2024, reflecting a rapid acceleration in AI-linked restructuring narratives over a two-year period. [12] At the same time, Challenger’s broader data showed total announced U.S. job cuts exceeding 1.2 million in 2025, the highest annual level since 2020, suggesting that AI-related restructuring is unfolding alongside a much larger environment of cost reduction, operational compression, and macroeconomic pressure.[12] Oxford Economics, reviewing the same period, capitulated that the role of AI in recent layoffs may be overstated, and that attributing cuts to AI conveys a more positive message to investors than citing weak demand or past over-hiring.[13] The pattern now has a name: AI-washing, companies reaching for the investor-friendly framing regardless of whether AI is actually performing the functions the announcement implies.

Some of those reductions are real, justified, and likely inevitable. AI can already automate portions of compliance, operations, monitoring, administrative review, and other repetitive workflows, and when implemented responsibly, those systems can improve efficiency and coverage in certain contexts. But many of the roles reduced in recent restructuring cycles were not simply repetitive administrative jobs. They involve legal review, escalation management, policy enforcement, contractor disputes, risk assessment, fraud monitoring, regulatory coordination, and operational decision-making when systems fail or unexpected events occur.

Automating part of a workflow does not eliminate the need for someone to investigate incidents, challenge bad decisions, resolve disputes, interpret regulations, approve exceptions, manage counterparties, or take responsibility when controls break down. Those responsibilities still exist even if portions of the work become automated.

Leave a comment

Governance Drift Across The Control Layer

Bolt

The Bolt story gained widespread attention after CEO Ryan Breslow spoke at Fortune’s Workplace Innovation Summit on May 19, 2026, discussing a broader restructuring effort that included a reported 30% workforce reduction and the elimination of the company’s HR function. [2]Breslow framed the changes as part of a return to a leaner “wartime” operating model centered around efficiency, startup execution, and AI-enabled productivity.

“We had an HR team, and that HR team was creating problems that didn’t exist. Those problems disappeared when I let them go.”[1]

The internal Slack message to employees framed the same decision differently: leveraging AI at the core. [2] The public statement sparked a heated debate within the community and highlighted significant experiences from Bolt employees and others affected by recent mass layoffs.

Former SVP of Legal and People, Olta Andoni, publicly clarified that she had resigned after approximately one month in the role and disputed aspects of the characterization of the department's departure. The sequence of departures moved quickly. The Head of HR, Kelly Lawson Pihl, left five days after Andoni joined in January 2026. Andoni resigned in February 2026. By April 2026, Breslow cut roughly 30% of Bolt's remaining workforce, the fourth round of reductions since 2022.[2]

In subsequent conversations with The RWA Ledger, van der Stam provided attributed commentary describing what he viewed as the operational consequences of the restructuring.

According to van der Stam, the Legal and People Operations functions had been handling responsibilities extending beyond administrative coordination, including onboarding and offboarding processes, payroll continuity, contractual review, escalation management, and segregation-of-duties controls."People Ops maintained the operational infrastructure most organizations take for granted: structured onboarding and offboarding, process continuity across turnover, and adequate segregation of duties between mid-level and executive functions. The cultural dimension is harder to quantify but equally real. Monthly all-hands, team recognition, structured communication: these disappeared in sequence with each departure. By the time the function reached zero seats, there was no remaining architecture for collective accountability or basic organizational cohesion."

On the company’s broader AI framing, van der Stam argued that the operational sequencing did not align with the public narrative surrounding automation-driven replacement. According to his account, Bolt had implemented enterprise productivity tools such as Gemini Enterprise and Claude, but the underlying governance, legal, compliance, payroll, and operational responsibilities previously handled by eliminated functions had not themselves become technologically obsolete.

"Bolt had rolled out Gemini Enterprise and was ramping Claude at the team level. These are productivity augmentation tools. They assist individuals in doing their work more efficiently. They do not replace the governance, compliance, legal review, or people management functions that were eliminated. There is no prompt that handles a contractor dispute, reviews an employment agreement for legally required carve-outs, or manages a payroll remittance cutoff."

Reflecting on the broader AI narrative across the industry, van der Stam argued that even among teams actively building with advanced AI tooling, the practical consensus remained centered on augmentation rather than wholesale functional replacement.

"Even among technical thought leaders actively building with the most advanced AI tooling available today, including agentic frameworks and MCP infrastructures, the honest consensus is augmentation of scope, not elimination of function. Augmentation is the honest description. Replacement is the convenient one." - Paul van der Stam, US CPA candidate.

Whether one agrees with Bolt’s restructuring approach or not, the episode illustrates a broader institutional question increasingly surfacing across technology, fintech firms, and adjacent firms: what happens when organizations accelerate operational complexity while simultaneously reducing the internal functions responsible for governance continuity, escalation management, contractual oversight, payroll administration, and organizational accountability?

Meta

The Bolt story was the immediate surface event. Pulling that thread led back to a pattern with a longer and more consequential timeline, and Meta is where it becomes most legible and understandable at scale.

The arc begins in late 2022 and runs through this week. During Zuckerberg’s declared Year of Efficiency, Meta ended a six-month fact-checking project, terminated contracts with approximately 200 content moderators in January 2023, and made broader reductions to its privacy and integrity teams. It also cut at least 16 members of Instagram’s well-being group, a team responsible for tracking and reducing harms to users - specifically teenagers - including harassment, unwanted sexual advances, and exposure to self-harm content, along with more than 100 positions related to trust, integrity, and responsibility across the company.[5] Meta said the function had been folded into its broader content integrity team. Sources familiar with the matter told CNBC that, following the layoffs, the company had fewer people working on those issues, regardless of the function's name. It is worth noting that Meta declined to provide historical Trust and Safety staffing data to the Senate Judiciary Committee when directly asked.

On October 23rd, 2025, two separate memos were sent simultaneously within Meta. Chief AI officer Alexandr Wang announced 600 cuts to the Superintelligence Labs AI division, framing them as a move to reduce bureaucracy and speed up product development. On the same day, in a separate communication, Chief Compliance and Privacy Officer, Michel Protti, notified more than 100 employees in the risk organization that their positions were being eliminated.[3] The risk organization cuts were not part of the AI Labs restructuring - they were a parallel action targeting a different function entirely. The company was shifting to automated compliance review, replacing the team built specifically in response to its $5 billion FTC settlement over Cambridge Analytica. Under the prior system, product updates required sign-off from dedicated risk assessors before reaching billions of users. Under the new model, engineers assess their own risk. Zvika Krieger, former director of responsible innovation at Meta, described what that shift means in practice: most product managers and engineers are not privacy experts, it is not the focus of their job, and it is not what they are incentivized to prioritize.[4]

In March 2026, Meta published a blog post framing the redesigned system as progress, describing manual processes as the fallback, not the default.[6] The risk team Meta retired had existed because regulators had already decided, backed by a $5 billion FTC fine, that the company could not be trusted to assess its own compliance.

The consequence arrived the same month. In mid-March 2026, an internal AI agent at Meta triggered a Sev-1 security incident after a colleague acted on the agent’s recommendation and inadvertently broadened access permissions, exposing sensitive company and user data to engineers without proper clearance for roughly two hours.[33] The agent had passed all identity checks and carried valid credentials. Security assessors identified the root cause as an AI agent operating with over-privileged access and insufficient human oversight. The incident occurred four months after the risk organization responsible for evaluating exactly this category of exposure was eliminated. The questions those people would have asked were no longer being asked.

Then, on May 20th, 2026, Meta notified roughly 8,000 employees via email at 4 am local time that they were being laid off, approximately 10% of its global workforce.[7] Of those, approximately 7,000 are being redeployed into AI-focused teams, including the Agent Transformation Accelerator, units explicitly tasked with building autonomous AI agents to handle tasks previously managed by human staff. This means the net reduction is roughly 1,000 new exits after reassignment, with 6,000 additional open roles simultaneously frozen. Meta raised its full-year 2026 capital expenditure guidance to between $125 billion and $145 billion following its Q1 earnings, a 73% increase over its 2025 actual spend of $72.2 billion, and more than it spent in 2024 and 2025 combined.[48] Unlike Alphabet and Amazon, which reported AI-driven cloud revenue growth alongside their spending, Meta has no AI-specific revenue line. The infrastructure buildout is being financed entirely against advertising income.

The period from 2022 to May 2026 reflects more than just a series of restructuring choices; instead, it represents a deliberate strategic move: the belief that governance, safety, and compliance functions, developed in response to regulatory demands and public oversight, can ultimately be replaced by automation. Additionally, the remaining human workforce can be reskilled to develop the systems that might eventually take over their roles.

Cloudflare

The Cloudflare story surfaced the same week as Consensus and offers something that the Bolt and Meta cases do not: a CEO who publicly named the target category and explained the reasoning in writing, making it the clearest articulation of the pattern this section documents.

On May 7th, 2026, Cloudflare announced it was cutting approximately 20% of its workforce, more than 1,100 employees, despite reporting record quarterly revenue of $639.8 million the same day.[10] Two weeks later, CEO Matthew Prince published a Wall Street Journal opinion piece explaining exactly which jobs were eliminated and why. Drawing on Peter Drucker’s 1954 management framework, Prince divided his workforce into three categories: builders, who develop products; sellers, who generate revenue; and what he called “measurers.”[52] He defined measurers as employees in middle management, finance, legal review, internal auditing, compliance, and operations. Those were the people who went first.[53]

Prince’s argument was direct: AI systems can now perform the measurer function with greater precision than humans, making the category structurally obsolete. The claim is worth examining carefully on its own terms, because Cloudflare is not a generic tech company. It is a cybersecurity firm. Its commercial purpose is protecting organizations from exactly the categories of threat this piece documents later: AI-assisted exploitation, prompt injection, social engineering, and unauthorized access. The functions that Prince dismissed as easily replaceable by AI and subsequently eliminated were, in fact, the independent judgment layer that provided oversight and the capacity to evaluate whether the organization's actions were legal, sustainable, and within appropriate bounds. This judgment layer could also act on that evaluation, even when the answer was inconvenient.

Prince's May 22nd Wall Street Journal op-ed positioned the cuts as a proactive strategy rather than financial pressure, a forward-looking restructuring decision by a profitable company anticipating what AI will make possible. It is also the most articulate public version of the same reasoning visible at Bolt and Meta, where governance and compliance functions were reduced under efficiency- or innovation-based narratives before the consequences of their absence became apparent.

At Bolt, the elimination of HR operations left no architecture to review contract modifications before they went out. At Meta, the risk organization was gone four months before an AI agent with overprivileged access triggered a Sev-1 incident that exposed sensitive data company-wide for two hours, with no one left to ask whether the exposure had occurred. To say that humans, especially those serving in oversight functions, are redundant in nature minimizes their role, function, and purpose as a stopgap, and the institutional record of what happens when it is removed is no longer there.

Share

Speed Without Oversight Is Not a Strategy

Speed and scale are not, on their own, a strategy. They are amplifiers. When the underlying governance is strong, AI can enhance judgment, strengthen controls, and expand what responsible organizations can achieve. When that governance is hollowed out, the same technology magnifies blind spots, accelerates bad decisions, and pushes risk through the system faster than anyone can catch.

That is the real fault line emerging beneath the current AI narrative. Not whether companies adopt AI, but who they remove from the room in order to fund it - and what questions stop getting asked when they do.

Enron, Lehman Brothers, WorldCom, and others are remembered for the moment the fraud was revealed, not for the quieter years when oversight was sidelined, internal skeptics were sidelined, and control functions were treated as a source of friction. By the time the headlines arrived, the architecture that could have prevented collapse had been dismantled for years.

The pattern showing up today is not identical, but it is recognizable. Firms are simultaneously increasing technological complexity and operational leverage through AI and automation, compressing or eliminating legal, compliance, risk, privacy, people operations, and audit functions; framing the resulting headcount reductions as “AI transformation” or “efficiency,” even when the systems to safely absorb that work do not yet exist.

This is not primarily an AI story. It is a governance story playing out in an AI-shaped environment. For leaders who are genuinely pro-innovation and pro-speed, the question is not whether to adopt AI, that debate is already over. The questions that matter now are governance questions:

Who, inside your organization, has both the mandate and the independence to say no when an AI system recommends the fastest path that is also the most dangerous? When an autonomous agent touches regulated data, customer funds, or critical infrastructure, who is accountable for determining what level of access is acceptable? If a regulator, counterparty, or customer asks whether your public narrative about AI and risk matches operational reality, who owns that answer, and what information do they actually have?

The organizations that navigate this transition well will not be the ones that cut the most people or ship the most agents. They will be the ones who treat governance, risk, compliance, and people operations as design constraints of the system, not as line items to be swapped out for infrastructure spend.

AI will not save institutions from the consequences of eroding their own accountability architecture. It will simply bring those consequences forward in time.

The bet being placed right now, often implicitly, often dressed up as efficiency, is whether accelerated complexity can safely coexist with diminished oversight. History has given a clear answer to earlier versions of that bet. The only open question is which firms choose to treat that history as a warning, and which decide to learn the lesson the hard way.

Marina Mendenhall-Valente is the Founder and Principal of The RWA Ledger and Founding Treasurer of the AWIC San Francisco Chapter. She writes at the intersection of tokenization, financial infrastructure, and institutional adoption.

Sources

1. Ella Chakarian, “Bolt CEO Says Firing His HR Team Made the Company’s Problems Disappear,” Fast Company, May 20, 2026

2. “Bolt CEO Says He Let Go of His Entire HR Team for Creating Problems That Didn’t Exist,” Fortune, May 19, 2026

3. “Meta Replacing Humans with AI for FTC-Mandated Privacy Reviews,” CNBC, October 23, 2025

4. “Meta Plans to Replace Humans with AI to Assess Privacy and Societal Risks,” NPR, May 31, 2025

5. “Tech Layoffs Ravage the Teams That Fight Online Misinformation and Hate Speech,” CNBC, May 26, 2023

6. “How AI Is Ushering in the Next Era of Risk Review at Meta,” Meta Newsroom, March 2026

7. “Meta Layoffs 2026: 8,000 Jobs Cut in AI Restructuring,” Yahoo Finance, May 2026

8. “Fed Ends Wells Fargo Enforcement Order After Decade of Reforms,” CEFPro, March 2026

9. Catherine Leffert, “Wells Fargo Sheds Fourth Consent Order in a Month,” American Banker, February 14, 2025

10. “Cloudflare Announces More Than 1,100 Job Cuts Amid Growing AI-Driven Layoff Trend,” Yahoo Finance, May 2026

11. “25 Critical Stats Every Chief Compliance Officer Needs to Know in 2025,” Compliance & Risks, 2025

12. “The AI Layoffs Narrative: Real Transformation, or Scapegoat?” SHRM, May 2026

13. “AI Is Becoming a Go-To Reason for Layoffs — But Is It Actually Replacing Workers?” Sherwood News, February 2026

14. “AI-Driven Layoffs Aren’t Making Business Sense,” CIO, May 2026

15. “Corporate Debt Market Outlook in a Transforming World,” OECD Global Debt Report 2026, March 2026

16. “Tech IPO Hype Gets Drowned Out by Prospect of $1 Trillion in Debt Sales,” CNBC, February 12, 2026

17. “The AI Debt Deluge Hitting Bond Markets,” M&G Investments, March 2026

18. “Colorado Joins States Favoring AI Disclosure Over Audit Mandates,” Bloomberg Law, May 2026

19. “CertiK on Why AI Is Making Crypto Security More Urgent,” Blockster, May 2026

20. “$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation,” The Hacker News, April 6, 2026

21. “North Korea Stole 76% of All Crypto Hack Value in 2026 — With Just Two Attacks,” TRM Labs, April 2026

22. “76% of All Crypto Stolen in 2026 Is Now in North Korea,” Dark Reading, May 2026

23. “Researchers Warn Malicious AI Agent Routers Can Steal Crypto in New Attack Vector,” CoinSpeaker, April 13, 2026

24. “Encoded Prompt Injection: Why LLM Guardrails Are at the Wrong Layer,” Security Boulevard, May 7, 2026

25. “AI Agents Move Beyond Demos: Payments and Security Take Center Stage,” DailyCoin, April 7, 2026

26. AWIC, “Official Statement on the Consensus 2026 After-Party and the Path Forward,” May 15, 2026

27. “Consensus 2026 Miami — Employer Report,” consensus2026report.netlify.app, updated May 20, 2026

28. Noah Smith, “America Is Heading for a Debtpocalypse,” Noahpinion, May 23, 2026

29. Jeff John Roberts, “The Crypto Industry Is Obsessed With Conferences. The Vibe at Them Is Changing,” Fortune, May 4, 2026

30. Vicky Ge Huang, “Out With the Lamborghinis, In With the Suits: The Changing Face of Cryptoland,” Wall Street Journal, May 8, 2026

31. “Ripple’s Garlinghouse at Consensus 2026 Declares a ‘Big Positive Shift’ for Crypto,” HedgeCo.net, May 7, 2026

32. Nicholet R., “Wall Street’s Crypto Migration Turns Real, Industry Leaders Say at Consensus Miami,” Crypto Economy, May 6, 2026

33. “Two Hours, Zero Control: How a Meta AI Agent Sparked a Major Data Leak,” Trending Topics / The Information, March 2026

34. Noah Smith, “AI Has the Worst Sales Pitch I’ve Ever Seen,” Noahpinion, March 26, 2026

35. “Layoffs Accelerate in May 2026 as Firms Restructure Around AI,” Yahoo Finance, May 2026

36. “BILL Reports Q3 FY2026 Financial Results: 30% Headcount Reduction and $1B Share Repurchase Program,” StockTitan / BILL 8-K, May 2026

37. “POV: Justice Served for Elizabeth Holmes, But What About Theranos’s Board?” Fast Company, June 2023

38. “WorldCom’s $11B Fraud: The Scandal That Changed Business,” CEO Today Magazine, March 2025

39. Madelyn Antoncic interview, “The Good Reasons Why Lehman Failed,” Knowledge at Wharton, September 2018

40. Nancy Albinson and Deborah Golden, “Use Speed to Outpace the Cyberthreat Paradox,” Deloitte / Wall Street Journal, 2019

41. Aruna Ravichandran, “The Multiplier Effect: Solving the AI Paradox in 2026,” Cisco Blogs, April 2, 2026

42. “Enron Scandal Summary,” Investopedia

43. “The Enron Business Tactics That Still Haunt Us,” Washington Post, December 2, 2021

44. “Enron Scandal,” Britannica

45. “More Than 20 Years After the Enron Scandal, What Have We Learned?” Colorado State University, Biz Source

46. Dr. Makelaris, “The Automation Paradox: A New Era of Systemic Risk,” Hack The Box Research Labs, April 24, 2026

47. “INTERPOL Report Warns of Increasingly Sophisticated Global Financial Fraud Threat,” INTERPOL, March 16, 2026

48. “Meta’s ‘AI Efficiency Push’ Is Capex Discipline Dressed in Propaganda,” ainvest, May 19, 2026

49. Nicholas Sargen, “AI Capital Spending Is Offsetting Soft Consumer Spending — For Now,” The Hill, May 22, 2026

50. ISACA, “New ISACA Study: Privacy Teams Are Shrinking, Increasingly Stressed,” ISACA, January 15, 2026

51. Jordan Gingrich-Hadley, “Two-Thirds of General Counsels Report Rising Risk and Compliance Workloads,” Diligent, April 21, 2026

52. Matthew Prince, “AI Is Replacing the Measurers,” summarized in Brian Contreras, “The Real Reason Cloudflare Just Laid Off 20 Percent of Its Staff,” Inc., May 21, 2026

53. “Cloudflare Posted Record Revenue, Then Cut 20% of Its Workforce,” Fortune, May 21, 2026

54. “Cloudflare CEO Prince Says Builders and Sellers Are Safe but AI Is Coming for the Measurers,” The Decoder, May 2026