InformationWeek Says Control AI Agent Costs With Process. Here's Why That Won't Scale.

InformationWeek recently published "A Practical Guide to Controlling AI Agent Costs Before They Spiral" — a solid rundown of nine recommendations for managing AI agent spending. The advice is sensible. Track costs per workflow. Use cheaper models for low-stakes tasks. Set token quotas. Cache where you can.

If you're running a handful of agents on well-defined tasks, this is perfectly adequate guidance. The problem is that nobody's staying at a handful of agents on well-defined tasks.

When a single agent makes 1,500 API calls to resolve one prompt — and you have 200 agents running 24/7 across a dozen business units — organizational processes can't keep pace. Spreadsheet reviews, quarterly audits, and manual quota-setting weren't designed for systems that make economic decisions at machine speed. InformationWeek's recommendations describe the what. What's missing is the how — specifically, how to enforce these controls without humans in the loop.

The Scale Problem Is Already Here

This isn't hypothetical. The numbers are already ugly.

Gartner projects that more than 40% of AI agent projects will fail by 2027 specifically due to runaway costs — not technical failure, not poor model quality, but uncontrolled spending. Fortune 500 companies collectively leaked an estimated $400 million in unbudgeted AI spend last year, much of it from agent workloads that nobody was tracking at the right granularity.

One widely reported incident involved a single agent loop that ran up $47,000 in 11 days without anyone noticing. The agent was functioning correctly — it was doing exactly what it was told. It just kept doing it, and nothing stopped it from spending.

Process didn't catch any of these. Not because the processes were bad. Because agents operate faster than humans can review.

The 9 Recommendations, Mapped to Infrastructure

Let's take InformationWeek's nine recommendations seriously and ask: for each one, is this an ongoing human process, or is it automatable at the infrastructure layer?

#1: Choose Flexible Platforms

Good advice. Pick platforms that let you swap models, adjust configurations, and avoid lock-in. But this is a one-time architectural decision, not an ongoing control. You make it during procurement, not during operations. It doesn't need enforcement — it needs good engineering leadership.

#2: Use Low-Cost LLMs for Low-Stakes Tasks

This is model routing — sending cheap queries to cheap models and reserving expensive models for complex reasoning. It's absolutely the right instinct. But doing it manually, per workflow, per team, is a full-time job that grows linearly with your agent fleet.

At the infrastructure layer, this becomes per-tool cost attribution with model routing policies. The gateway knows what each tool costs, routes accordingly, and enforces the policy without anyone reviewing a spreadsheet. The decision is encoded once; enforcement is continuous.

#3: Use LLMs to Predict Workflow Costs

InformationWeek suggests using one LLM to predict what another will cost. It's clever, but it's a forecasting approach — you get an estimate, then hope actual costs match.

The infrastructure-level version is pre-execution budget enforcement. Don't predict the cost after the fact. Check the budget before every call. If the budget is exhausted, the call doesn't execute. No prediction needed — just a hard check at wire speed, every time.

#4: Track Actual Costs Per Workflow

Tracking is necessary. But tracking alone is observability, not governance. A dashboard that shows you spent $47K last week is useful for the post-mortem. It's useless for preventing the next one.

Infrastructure-level cost tracking means real-time shadow reporting with per-agent, per-tool attribution — not batch reports that arrive after the damage is done. Every API call is metered, attributed, and visible in real time. You see the spend as it happens, not after.

#5: Optimize Cost-Effective Workflows

Once you know what works, encode it. But "optimize workflows" as a manual practice means someone has to study every agent's delegation tree, identify waste, and restructure it. At scale, this requires a governance graph that shows delegation trees and spend flow — a visual, queryable map of which agents delegated to which sub-agents, what tools they called, and what each branch cost. The optimization opportunities become obvious when you can see the flow.

#6: Repeat Cost-Effective Workflows

Once you find a workflow that's cost-effective, replicate it. InformationWeek frames this as institutional knowledge. At the infrastructure layer, it's policy templates that encode cost-effective patterns. Instead of hoping teams share best practices, you define a governance policy once and apply it across agents. The pattern is reusable, version-controlled, and enforced automatically.

#7: Cache Data and Content

Caching is legitimate and important. If an agent asks the same question twice, don't pay for the answer twice. This is orthogonal to enforcement — it reduces costs, but it doesn't control them. A well-cached agent without budget limits can still overspend. Caching and enforcement are complementary layers, not substitutes.

#8: Set Token Quotas

This is the most important recommendation in the article. It's also the one where the gap between process and infrastructure is widest.

InformationWeek says "set quotas." That's policy. The question is: who enforces them?

If the quota is a configuration value in the orchestration layer, the agent can read it, respect it, or ignore it. If the quota is a soft limit that triggers an alert, someone has to be watching. If the quota is a setting in a dashboard that requires manual action when exceeded, you've built a process that fails at 3 AM on a Saturday.

The infrastructure-level version is budget caveats baked into bearer tokens. The agent's credential — the thing it presents to authenticate every API call — has the budget limit cryptographically embedded in it. The agent literally cannot overspend because the gateway rejects any call that would exceed the budget. Not because the agent chooses to stop. Because the credential enforces the limit. This is the difference between a policy and a control.

Macaroon-based caveats make this possible. The budget is attenuated — delegated downward and never inflated. A sub-agent can receive a fraction of the parent's budget, but never more than the parent has. The math is cryptographic, not organizational.

#9: Avoid Unnecessary Deployments

Like #1, this is sound architectural hygiene — a one-time decision about what to deploy and when. It's not an ongoing control that needs real-time enforcement. Good governance, not automation.

The Scorecard

Of InformationWeek's nine recommendations, seven map directly to infrastructure-level controls that can be automated, enforced continuously, and scaled without adding headcount. The remaining two (#1 and #9) are one-time architectural decisions that don't require ongoing enforcement at all.

Zero of the nine require ongoing human process to be effective — if the infrastructure is there.

Full Autonomy, Hard Boundaries

There's a temptation to solve cost problems by restricting what agents can do. Limit their tool access. Reduce their scope. Put a human in the approval chain for expensive operations.

But that defeats the purpose. You deployed agents to do work autonomously. Every approval chain you add is latency, bottleneck, and a reason the agent exists in the first place.

The better framing: enterprises should get all the what. The economic firewall controls the how much.

Don't restrict what agents can do. Restrict how much they can spend doing it. Give them full autonomy within hard economic boundaries. The agent can call any tool, delegate to any sub-agent, pursue any strategy — as long as the total cost stays within the cryptographically enforced budget.

This is the difference between a cage and a budget. One limits capability. The other limits liability.

The Missing Layer

Read InformationWeek's article again. Search for the words "gateway," "firewall," or "enforcement." They don't appear. The entire framework assumes humans are in the loop — setting quotas, reviewing costs, optimizing workflows, choosing models.

But the whole point of agents is that humans aren't in the loop. That's the value proposition. An agent that needs a human to review every spending decision is just an expensive chatbot.

You need infrastructure that enforces constraints at wire speed — not organizational processes that review spreadsheets quarterly. The enforcement layer sits between the agent and the APIs it calls, checking every request against a budget that the agent cannot modify. It's not monitoring. It's not alerting. It's an economic firewall — a hard boundary that operates at the speed of the agent, not the speed of human review.

Process or Infrastructure. Pick One.

The question isn't whether you need AI agent cost control. InformationWeek got that right — the need is urgent and growing. The question is whether those controls are baked into the infrastructure or bolted on as process.

Process-based controls work when you have a few agents, a dedicated team watching them, and time to iterate. Infrastructure-based controls work when you have hundreds of agents, no one watching at 3 AM, and costs that move faster than any human can react.

One scales. The other doesn't.

Every enterprise will eventually move from process to infrastructure. The ones that do it proactively will save the $47K incidents. The ones that do it reactively will fund the case studies.