Presentation - Operating Agents in GMP Quality
Regulatory Expectations for AI Agents in GMP
Regulatory Expectations for AI Agents in GMP
Essential Insights for Quality Leaders
Executive Summary
Global regulators now recognize that AI agents and Large Language Models (LLMs) play an active role in GxP environments.
Regulatory bodies focus on ensuring that AI agent integration remains:
  • Appropriately scoped
  • Risk-based
  • Transparent
  • Subject to human oversight
  • Fully traceable

A consistent regulatory principle guides all agencies:
AI agents may support quality operations, but they cannot replace human accountability.
Regulatory Consensus
FDA, TGA, EMA, MHRA
Regulators remain aligned across current guidance, draft annexes, and public statements on the following core principles:
AI agents constitute a computerized system under GMP
Intended use remains the primary regulatory anchor
Validation prioritizes fitness for purpose over model internals
Human oversight is mandatory for compliance-critical decisions
Traceability and data integrity remain non-negotiable
This consensus is reflected in:
  • FDA draft guidance on AI credibility and risk-based validation (2024–2025)
  • EU draft GMP Annex 22 (Artificial Intelligence)
  • MHRA participation in international AI principles and sandbox programmes
  • TGA consultation outcomes on software and AI in regulated use
Regulatory Control Expectations
Regulators do not expect GMP companies to validate or explain the internal workings of commercial AI agents. However, they do require you to control:
Rationale for AI agent use
Defined AI agent tasks
Data access parameters
Output review and application processes
Accountability framework
These expectations mirror the oversight currently applied to:
  • ERP systems
  • QMS platforms
Core Regulatory Expectations
1. Define Intended Use Clearly
Intended use is the single most important document you will produce for regulatory purposes. It defines the scope of your AI agent deployment, sets the boundaries for validation, and determines the level of human oversight required. Without a clear intended use statement, no other governance control can be properly assessed.
Define the AI agent's purpose
State what it cannot do
Identify where humans decide
A well-formed intended use statement is specific, bounded, and written in plain language. For example:
AI agents are used to assist with contextual review of GMP records. They do not approve, release, or certify data.

Intended use is a regulatory requirement, not a technical preference. Regulators will use it as the primary lens through which every other aspect of your AI agent deployment is evaluated — from validation scope to audit trail requirements.
2. Apply Risk-Based Validation
Validation depth must match the risk profile of the task. A low-risk AI agent used to draft internal summaries requires less rigorous validation than one used to flag deviations or support batch record review. The key question regulators ask is not 'how was the model built?' but 'does it perform reliably for its intended purpose?'
Regulators expect:
Scenario-based testing — covering both typical and edge-case inputs
Representative data testing — using real or realistic GMP data
SME review of agent outputs — by qualified personnel familiar with the process
Agent performance benchmarks — demonstrating equivalence or improvement over prior methods
Not required:
Mathematical proof of correctness
Access to model weights
Revalidation after every vendor model update
Regulators are pragmatic. They want evidence the agent works — not a mathematical proof that it always will.
Core Regulatory Expectations
3. Maintain Mandatory Human Oversight
Of all the regulatory expectations for AI agent use in GMP, human oversight is the most consistently and firmly stated. Every major agency — FDA, EMA, MHRA, and TGA — has made clear that AI agents may inform, assist, and accelerate quality work, but they may not replace the qualified human judgement that underpins GMP compliance.
AI agents must not operate autonomously in GMP decision-making.
The distinction regulators draw is between assistive use — where an agent supports a human decision — and autonomous use — where an agent makes or finalises a decision without human review.

Humans remain accountable at all times. Delegating a task to an AI agent does not transfer regulatory responsibility. The qualified person, reviewer, or approver retains full accountability for any decision informed by agent output.
4. Prioritize Evidence-Based Outputs
The status of AI agent outputs matters as much as their content. Regulators are not concerned only with whether an agent produces accurate results — they are equally concerned with how those results are treated within your quality system. An agent output that is accepted without review, challenge, or traceability is indistinguishable from an undocumented decision. That is a data integrity risk.
Treat all agent outputs as working papers or draft findings — never as final conclusions
Every output must be reviewable and challengeable by a qualified person before it influences any GMP decision
All outputs must trace back to the source data or records the agent reviewed — this is your audit trail

Unreviewed agent conclusions are unacceptable in GMP. If an inspector cannot see who reviewed an agent output, when they reviewed it, and what action followed — it will be treated as an uncontrolled process.
Core Regulatory Expectations
5. Traceability and Data Integrity
Traceability is not a new concept in GMP — but AI agent use introduces new points in the process where records can break down. Every interaction between an AI agent and your quality data must be captured, timestamped, and linked to a human action. If an inspector cannot reconstruct what the agent did, when it did it, and what a qualified person decided as a result, your process will not withstand scrutiny.
Inspectors expect a complete audit trail for every agent interaction:
Input data — what records or data were provided to the agent
Timestamp — when the agent was used and by whom
Agent output — the exact response or finding generated
Human action — the decision or action taken by the reviewer
This maps directly to ALCOA+ principles — Attributable, Legible, Contemporaneous, Original, Accurate — which apply equally to AI-assisted processes as to any other GMP record.

Opaque or untraceable AI agent use is a critical red flag in any GMP inspection. If you cannot show the full chain from input to human decision, you do not have a controlled process.
6. Segregation of Duties
Segregation of duties is a well-established GMP principle — and it translates naturally to AI agent workflows. Regulators respond positively to architectures where no single agent both performs and approves a task. A two-agent model, where one agent executes and a second independently reviews before a human decides, mirrors the author/reviewer and operator/verifier patterns already embedded in pharmaceutical quality systems.
Agent performs task
Second agent reviews
Human verifies and decides
This structure reduces the risk of compounding errors, introduces a layer of automated cross-checking, and — critically — gives inspectors a clear, defensible audit pattern they already recognise from traditional GMP workflows. It is not a technical requirement, but it is a strong signal of mature governance.
Core Regulatory Expectations
7. Explainability Expectations
One of the most common concerns quality leaders raise about LLM-based AI agents is explainability — specifically, the inability to trace exactly why a model produced a particular output. Regulators are aware of this limitation. Their position is pragmatic: they do not expect you to explain the mathematics of a neural network. They do expect you to explain your process — how the agent is used, how its outputs are evaluated, and what happens when those outputs are wrong.
Regulators acknowledge that LLMs are not inherently explainable. Their expectations are calibrated accordingly:
Regulators expect:
  • Clear, documented descriptions of the agent workflow
  • Transparent criteria for evaluating agent outputs
  • Honest acknowledgement of known system limitations
They do not expect:
  • Explanation of neural network internals
  • Deterministic behaviour from probabilistic systems
  • Reproducibility of individual outputs

Explain the process, not the mathematics. A clear workflow description, honest about limitations, is more valuable to a regulator than a technical white paper.
8. Change Control and Monitoring
AI agent deployments are not static. Prompts evolve, workflows are refined, and data sources change over time. Regulators expect these changes to be managed through your existing change control framework — not treated as informal configuration updates. At the same time, they are realistic about what you can and cannot control when using commercial AI platforms.
Within your change control:
  • Prompt iterations and revisions
  • Workflow adjustments and scope changes
  • Data source modifications or additions
Outside your direct control:
  • Vendor-managed model updates
  • Underlying platform architecture changes
Risk from vendor-side changes is mitigated through human verification, periodic output reviews, and defined escalation procedures — not through attempting to control what you cannot access. Document your monitoring approach and your response plan. That is what regulators want to see.
Auditor Expectations
Prepare clear, concise answers for the following questions:
Why use AI agents in this process?
How do you validate reliability?
Who verifies the outputs?
What is the contingency for errors?
Can you demonstrate an example?
Clear, direct responses typically ensure a smooth inspection.
What Auditors Usually Avoid
  • Model training methodology
  • Internal algorithmic function
  • Rationale for specific vendor selection
  • Technical proofs of mathematical correctness
Focus on governance, not technical architecture.
Key Takeaways for Quality Leaders
Adopt AI agents under robust governance
Retain full accountability
Anchor use in human oversight
Control commercial platforms
Manage governance—not AI agents—to reduce risk
Final Regulatory-Safe Position Statement
We use AI agents as a controlled, assistive tool within our quality system. Human authority drives all compliance-critical decisions, ensuring full traceability and oversight.
This position is:
  • FDA-aligned
  • TGA-aligned
  • EMA/MHRA-aligned
  • Commercially realistic
Regulatory Evidence Base
Key Sources & Citations
The positions outlined in this document rely on the following primary regulatory sources and publications.
FDA — United States
  • Draft Guidance: "Artificial Intelligence-Enabled Device Software Functions: Lifecycle Management and Marketing Submission Recommendations" — Docket FDA-2024-D-4488, issued January 6, 2025
  • Final Guidance: "Predetermined Change Control Plans for AI-Enabled Medical Device Software" — finalised December 4, 2024
  • IMDRF: 10 Guiding Principles for Good Machine Learning Practice (GMLP) — final document released January 2025, building on FDA/Health Canada/MHRA principles from October 2021
Source: fda.gov
EMA / European Commission — EU
  • Draft EU GMP Annex 22 "Artificial Intelligence" — published July 7, 2025; open for comment until October 7, 2025. This is the first standalone regulatory annex dedicated to AI in GxP environments.
  • Applies to static, deterministic ML models in critical GMP applications. It explicitly excludes Generative AI and LLMs from such uses.
  • Accompanies revised Annex 11 "Computerised Systems" and revised Chapter 4 "Documentation," both published July 7, 2025.
MHRA — United Kingdom
  • AI Airlock Regulatory Sandbox — pilot phase ran April 2024 to March 2025; full programme report published October 16, 2025.
  • Phase 2 cohort launched October 2025, covering seven additional AI technologies, including clinical note-taking, cancer diagnostics, and eye disease detection.
  • The AI Airlock serves as a world-leading regulatory sandbox for AI as a Medical Device (AIaMD).
Source: gov.uk/MHRA
TGA — Australia
  • TGA AI Review Outcomes Report: "Clarifying and Strengthening the Regulation of Medical Device Software including Artificial Intelligence (AI)" — published July 30, 2025.
  • Government approval received January 2025 to act on 14 key findings from the review.
  • Updated AI and medical device software regulation guidance published February 5, 2026.
  • The TGA framework remains technology-agnostic: products are regulated by intended purpose, not technology.
Source: tga.gov.au

Note on EU GMP Annex 22 and LLMs: The July 2025 draft of Annex 22 explicitly excludes Generative AI and Large Language Models from critical GMP applications. AI agents utilized in non-critical, assistive roles—such as drafting, reviewing, or flagging—remain outside this exclusion. Standard governance and human oversight requirements still apply.
All sources are publicly available as of March 2026. Regulatory guidance remains subject to ongoing revision; verify the current status before incorporating into compliance documentation.