Governance is the conversation that happens after the AI demo, not during it. The demo is about velocity. Governance is about what velocity costs you the first time the model makes a wrong call, the vendor goes down, or the client's compliance officer asks for an audit. Here are the five questions every agency should be able to answer before signing the order form.
Every agency I talk to this year is running an AI experiment. Most of them started with the same shape: an MCP plugged into Google Ads, a chat agent with broad permissions, a vendor promising leverage. The demo lands. The contract gets signed. Six weeks later the same operator pings me asking whether I think it is safe.
The honest answer is that safe is the wrong word for it. The right word is governed. Safety is a property of a single decision. Governance is a property of the system around those decisions — who can do what, who watches, what fails when a vendor disappears, and whether you can walk away with your operation intact.
The more automation you push into an agency, the more governance matters. That sentence is obvious. What I see almost no one doing is treating it as the first question instead of the last. So here is the framework I now use when I evaluate any AI-for-PPC tool — including my own.
Governance loses every demo. It is the slide nobody clicks on. It is the section of the security questionnaire that gets copy-pasted from last year's vendor. The reason is structural: governance only pays off in negative outcomes that didn't happen. Nobody throws a party because their AI vendor did not accidentally pause a campaign.
What I have watched happen, more than once, in the agencies I work with:
None of those failures are about AI quality. They are about governance. And the operators on the receiving end were not careless — they just hadn't asked the five questions before the system was already live.
This is the question that should come first because every other question gets easier when you answer it correctly. Write access is the variable that decides what kind of governance you need.
An AI with broad write access into Google Ads can pause campaigns, raise tCPAs, adjust budgets, push negatives, and rewrite RSAs. Every one of those actions is reversible in theory and expensive in practice. A bad call on a tCPA mid-day can blow up a week of conversions. A pause applied to the wrong campaign can cost an account a Monday.
The right way to ask the question is not "is your AI safe?" — vendors will all say yes. The right way is to ask what is the scope of write? Be specific:
If any of those answers is yes-without-approval, your governance has to be heavy. If they are all no, your governance becomes much lighter because the failure surface is just "the AI produced a bad analysis," which a strategist catches in review.
Audit is the question that distinguishes a managed risk from a hidden one. If something goes wrong with the AI's behavior, can you reconstruct exactly what it saw and what it did?
This breaks into three sub-questions. First, can you see every action the AI took? Not summaries — the actual list of every change applied to every account, with timestamps and the upstream prompt or trigger. Second, can you see what data the AI saw before each action? An agent that wrote a bid change based on stale data is a very different failure from one that wrote it based on correct data. Third, can a non-engineer read this log? Because if only the vendor can interpret it, you don't have an audit trail. You have a black box with a CSV export.
The honest version of this question for any vendor is: show me what happened in account X yesterday between 9am and 11am. If the answer involves a support ticket, you are not in audit territory. You are in trust-me territory.
This is the question I see skipped most often, because the default assumption is "more data is better." For governance, the opposite is true. The minimum data surface is the safest one.
Two reasons. The first is compliance: every data scope you grant is a scope you have to document, defend, and re-defend every time the client's legal team asks. Healthcare and behavioral health agencies feel this most acutely, but it shows up everywhere — finance, legal services, even education. The second is failure containment: the data the AI cannot see, it cannot mishandle.
The governance question is not "what does this tool need?" It is "what is the smallest possible read surface that still produces the value?" If a tool can do its job reading a structured Sheet of metrics instead of having full API access to the ad platform, the Sheet is the better answer. Every time.
The data the AI does not have access to is data you do not have to govern, audit, or explain to a compliance officer. Build for the smallest possible read surface, then add only what is necessary.
Every AI workflow I have seen in production this year sits on top of at least one external dependency that the agency does not control. An MCP broker. An LLM API. A vector store. A model provider. Sometimes three of them in a chain.
The governance question is not "is this vendor reliable?" — they all claim 99.9% uptime. It is: "if this dependency disappears for 24 hours on a Monday, what is broken and what still works?"
If the answer is "the entire diagnostic layer goes dark and the strategists can't see the portfolio," you have a problem. If the answer is "the AI summaries stop generating but the underlying dashboards and Sheets still run, and the strategists can do the work the old way until the vendor recovers," you are governed.
The test I now apply: does the operation degrade gracefully, or does it stop? The architectures that degrade gracefully are the ones where the data layer is independent of the AI layer. Scripts pulling into Sheets do not care whether Claude is reachable. Dashboards reading from Sheets do not care either. The AI is an enrichment on top, not the foundation.
This is the question that exposes vendor lock-in faster than anything else, and it is the one operators ask last. By the time they think to ask it, the workflow has been built on top of the vendor for six months and the cost of extraction is steep.
Ask it on day one. If your AI vendor disappeared tomorrow — or you decided to switch — what comes with you and what stays behind? Specifically:
You want the answer to be "all of it comes with me." That doesn't mean the vendor adds no value — they do, in the intelligence layer on top. But the data architecture has to be portable, because portability is what gives you negotiating power, continuity, and the option to switch when the next better tool ships.
I am building actcenter on top of these five questions, not retrofitting them. The architecture is deliberate, and the trade-offs are visible:
| Question | How actcenter answers it |
|---|---|
| Write access | None. The AI never holds a write token to your ad platform. Strategists apply changes. |
| Audit trail | Every script run, Sheet update, and AI output is logged in artifacts you own. No black box. |
| Data scope | Minimum surface — Claude reads structured Sheets, not the raw Google Ads API. |
| Vendor fallback | Scripts and Sheets keep running without the AI. Dashboards stay live. Degrades gracefully. |
| Portability | Scripts, Sheets, and dashboards are yours. If you ever leave, your data architecture leaves with you. |
That is not because I think write-access tools are wrong for every agency. Some teams want autopilot, accept the risk, and have the governance maturity to handle it. But most of the operators I talk to don't. They want AI's leverage without giving up the keys, and they want to be able to answer their client's compliance officer without spending a week building a story.
The five questions are how you tell which kind of tool you are buying. Run them against any vendor before you sign, and run them against your current setup if you have one running. Governance is not the conversation after the demo. It is the conversation that decides whether the demo's promise survives contact with a production account.
Velocity without governance is the same thing as concentrated risk. The five questions — write access, audit trail, data scope, vendor fallback, portability — are how you turn AI from a liability into infrastructure. If your current tool cannot answer them in plain English, you are not governed. You are exposed.
The fastest way to feel the difference is to run actcenter on a slice of your own portfolio for two weeks. The pilot is two strategists, free for 30 days, no credit card. We install the scripts on your MCC, wire the Sheets, and turn on the briefcase the next morning. You can run the five-question audit against it before, during, and after.
By day three you will know whether governance-first AI is the model you want to bet your agency on.
Two strategists, 30 days, no credit card. Scripts wired to your MCC, data routed through Sheets, briefcase ready the next morning. The AI never gets a token to your account.
Request a pilot → See pricing