Every week, another vendor emails me a deck titled "agentic AI at enterprise scale." Most of them are pilots. A few are proofs of concept dressed up as production. The slide that closes the deck always says something about "the future of work."

This week, EY stopped talking about the future and shipped it.

On April 7, EY announced it was embedding a multi-agent AI framework into its global Assurance practice — 130,000 professionals, 160,000 audits a year, more than 150 countries, on a platform that already chews through 1.4 trillion lines of journal entry data annually. The agents are live inside EY Canvas, the audit platform auditors already use. This is not a lab. This is not a sandbox. It is the most operationally consequential deployment of agentic AI in an enterprise I've seen since the technology left the demo circuit.

And it matters — not because EY is unique, but because it is the first Big Four firm to say out loud that agents are now infrastructure, not experiments. That sentence has implications for every CIO, CISO, and head of AI engineering in the Fortune 500. Including mine.

Let me break down what actually happened, what's technically interesting, and what I'm taking away for how we think about enterprise AI at Zscaler.

The Numbers That Matter

The press release is loaded with the usual superlatives, so I stripped it down to the numbers a practitioner cares about:

• 130,000 professionals using the agents — not a cohort, not a rollout wave, the entire Assurance workforce.
• 160,000 audit engagements per year touched by the system.
• 150+ countries — which means the compliance surface area spans PCAOB (US), FRC (UK), AASB (Australia), CPAB (Canada), and dozens of local audit regulators, each with its own stance on AI.
• 1.4 trillion lines of journal entry data processed annually on EY Canvas.
• Multi-billion dollar total investment in audit quality and technology (EY's phrasing).
• Full production by 2028 — meaning every phase of the audit (planning, risk assessment, fieldwork, completion) will be AI-supported.
• Training running through 2026 — they're not pretending this is push-a-button rollout.

For context: the average Fortune 500 company has somewhere between 10,000 and 80,000 employees. EY just deployed agents to more users, across more jurisdictions, with more regulatory scrutiny, than nearly any enterprise AI project the rest of us are working on. And they did it on a platform where a mistake doesn't get you a support ticket — it gets you a PCAOB inspection.

The Stack: Microsoft Azure + Foundry + Fabric + EY Canvas

If you've been following the platform wars, you won't be surprised by the architecture.

• Azure is the cloud substrate.
• Microsoft Foundry handles agent orchestration, tool-calling, and the agent runtime — this is the piece that turns a model into a worker.
• Microsoft Fabric is the data plane where journal entries, trial balances, and engagement artifacts live.
• EY Canvas is the audit-specific application layer — the system auditors actually sign in to.

Notice what's missing from that stack: a new foundation model. EY didn't build one. They bought orchestration and data infrastructure from Microsoft and wrapped it in a workflow layer they already owned. The insight is simple and load-bearing: the competitive moat in enterprise AI is not the model, it's the context the model operates in. EY has 40 years of audit methodology, a billion-line engagement repository, and a regulator-approved workflow. Dropping agents into that substrate is far more valuable than training a bespoke LLM.

This is the pattern I'm seeing across every serious enterprise AI project in 2026. The people who win are not the ones building models. They're the ones who have proprietary context, a workflow users already trust, and the discipline to connect the two. Pretty much exactly the playbook Zscaler is running with Zchat and AI Guard — use the best frontier model for the task, put our security context around it, and deploy where users already work.

What the Agents Actually Do

EY was careful — deliberately, I think — to avoid making this sound autonomous. The agents aren't signing opinions or approving audit reports. They're doing the grunt work that keeps first-year associates awake until 2 AM:

• Risk assessment augmentation — parsing journal entries for anomalies, flagging transactions that deviate from client norms, suggesting additional test procedures.
• Workflow tailoring — adjusting standard audit programs based on engagement-specific risk, industry, and prior-year findings.
• Evidence gathering — pulling supporting documentation, reconciling figures, drafting workpapers.
• Administrative burden reduction for clients — the quiet one. Audit clients hate the tenth request for the same trial balance. Agents can assemble packages automatically from systems they already have connectors to.

The human in the loop is non-negotiable. EY is explicit that "judgment, skepticism, and insight" remain with the auditor. The agents are leverage, not replacement. This isn't PR-speak — it's how you ship AI into a regulated profession without getting your SOC 1 report qualified by your own regulator.

And that matters for the rest of us. If you're a CIO staring at an agentic AI initiative, the EY playbook is the one the risk team will actually accept: narrow the agent's scope, keep the judgment with the human, automate the steps that are deterministic enough to audit. Don't build the AI lawyer. Build the paralegal.

Why This Is a Watershed Moment

I've read the Accountancy Age take — "a watershed moment for audit quality" — and I think they're underselling it. This isn't about audit quality. It's about whether agentic AI has reached the threshold where regulated industries can deploy it without the legal department blocking the door.

Three things shifted this quarter that made this announcement possible:

1. Agent orchestration got enterprise-grade. A year ago, running 130,000 concurrent agents with reliable tool-calling, governed memory, and auditable traces was a research problem. Microsoft Foundry, LangGraph, and the MCP ecosystem collectively crossed the line where you can actually deploy this stuff without hiring a research team.

2. The regulators started to move. The PCAOB has been signalling for 18 months that AI-assisted audits are acceptable if the firm can demonstrate methodology, governance, and auditor judgment remain intact. EY wouldn't have shipped this without quiet engagement from multiple regulators, and the Microsoft Frontier Firm AI Initiative (of which EY is one of 14 members) exists in large part to codify those governance patterns.

3. The economics flipped. The fully-loaded cost of a senior associate running an audit hour is something like $300. If agents can compress 30% of the fieldwork, the ROI is obvious — and the investment has a multi-year payback at enterprise scale. Below a certain token price, every knowledge-work profession has the same calculus. We crossed that threshold somewhere in late 2025.

Put together: the technology is ready, the regulators are tolerant, and the math works. That's why EY went first. It's also why PwC, Deloitte, and KPMG will all have equivalent announcements within 90 days. The Big Four never moves alone for long.

The Enterprise AI Pattern Hiding in Plain Sight

If you read the EY release carefully, there's a deployment pattern that generalizes. I've seen the same shape at every enterprise AI success story I've looked at this year — Morgan Stanley's wealth advisor copilots, Walmart's supplier negotiation agents, JPMorgan's COiN contract analysis, and now this.

Here's the pattern:

1. Start with a platform users already live in. EY Canvas, not a new app. Your agents need to meet users where they work, not ask them to learn something new.
2. Wrap the agent around proprietary data, not a general model. The moat is the context — client history, prior engagements, internal methodology.
3. Scope agents to well-defined sub-tasks. Risk assessment, document assembly, reconciliation. Not "do the audit."
4. Keep human judgment at every decision that has legal or financial consequence. This isn't a governance compromise — it's the entire point.
5. Invest in training at rollout scale. EY is spending a year training 130,000 people. The model isn't the hard part; adoption is.
6. Build auditability into the agent substrate. Every agent action needs a trace. If the agent made a call, a human needs to be able to reconstruct why.

If your enterprise AI roadmap doesn't have all six of these, you are going to ship a pilot that dies on contact with the risk committee. I have watched this movie three times already in the last year.

What I'm Taking Back to My Team

I run AI engineering at Zscaler, and my team ships for sales, marketing, finance, customer support, HR, and security — six very different domains, each with its own regulatory gravity. The EY announcement forced me to write down a few things I'd been half-thinking.

Stop framing agent rollouts as pilots. A pilot implies optionality. The EY move signals that in regulated, audit-adjacent workflows, "pilot" is the wrong posture. Either you're deploying production agents with proper governance, or you're learning things that won't transfer to production. Pick one.

The moat is inside the workflow, not inside the model. We've been right to resist the pull to train our own foundation models. Our moat is Zscaler's security telemetry, our policy engine, our incident history. Pair that context with frontier models via AI Guard-governed access, and the competitive position is defensible. Chasing a proprietary LLM is a distraction.

Governance is the feature. EY's release emphasizes human judgment, workflow auditability, and regulator engagement. For us, the equivalents are DLP, prompt-injection guardrails, and compliance mapping. These aren't overhead — they're the reason enterprise customers will deploy our agents at all. I'm pushing the team to treat governance features like product features, not like compliance checkboxes.

Assume your competitors are 90 days behind the announcement, not 18 months. The Big Four lockstep phenomenon applies across industries. If PwC, Deloitte, and KPMG will ship within 90 days, then every major bank, every large manufacturer, every top-tier law firm is quietly building the same thing. The window where "we have an agent" is a differentiator has nearly closed. What still differentiates is agent quality, governance posture, and deployment scope.

Training is the second-largest line item. EY is spending meaningful money on workforce enablement. I'm betting most enterprise AI budgets underfund this by a factor of 3-5x. If your rollout plan has a $10M infrastructure bill and a $500K training bill, something is off. Humans using the agents well is the return on the investment.

What I'm Watching Next

A few things I'll be tracking through Q2:

• Will PCAOB publish formal guidance on AI-assisted audits? Expected by September, would remove a large overhang for the rest of the industry.
• How do Deloitte, PwC, and KPMG respond? Betting on Deloitte first, given their Gen-Studio push last year.
• Does EY open Canvas's agent layer to clients? That would be the unlock — audit agents that integrate with client ERP systems directly, rather than requesting PDFs.
• What does the Microsoft Frontier Firm cohort tell us about who else is deploying at this scale? Only 14 organizations. The list is going to be instructive.
• Quality incidents. A high-profile AI-related audit failure in the next 12 months would reset the entire industry's posture. The risk isn't zero.

Calculate your potential AI savings: Try our AI ROI Calculator to see projected cost reductions and payback timelines for your organization.

---

The Takeaway

Here is my one-sentence summary, for the "didn't read" crowd: EY just normalized agentic AI for regulated enterprise workflows, and every CIO who still has agents scoped to a pilot is now running a year behind.

The right response isn't panic. It's clarity. Know which of your workflows look like audit — high-volume, rule-rich, compliance-adjacent, with meaningful leverage from automation. Scope agents narrowly inside them. Build the governance substrate first. Invest real money in training. Ship.

The technology is no longer the bottleneck. The discipline to deploy it well is.

---

Rajesh Beri is Head of AI Engineering at Zscaler, where he leads the team building AI infrastructure across sales, marketing, finance, customer support, HR, and security. Views are his own.

---

Continue Reading

• SAP’s €1B Bet on the Other Half of Enterprise AI
• IBM Think 2026: The AI Operating Model Stack Bet
• SAP Locks AI Agents Out. Salesforce Opens Every API.