Cowork extends Claude Code's architecture to non-developers: designate a folder, and Claude can read, edit, create, and delete files within it. The feature integrates with existing connectors (Asana, Notion, PayPal) and pairs with Claude in Chrome for browser automation. Anthropic explicitly warns that prompt injection remains "an active area of development" and that agents can take destructive actions if instructed. The honesty is strategic—setting expectations before incidents, not after.

Do now: Map every agent in your org that has write access to production systems. Create an inventory: which tools each agent calls, which data it touches, and whether destructive operations (delete, modify, send) are gated by human approval or policy engine. If you can't answer these questions, you're not ready for Cowork-style deployments.

Allianz's global partnership with Anthropic has three components: Claude Code access for all employees, custom AI agents for motor and health claims workflows, and—critically—an interaction logging system designed for transparency and regulatory review. The emphasis on human-in-the-loop for sensitive cases and auditable decision trails isn't window dressing; it's the product. For a company managing €761 billion in assets across 70 countries, governance is the enabler, not the blocker.

Do now: Audit your current AI deployments for logging completeness. For each agent interaction, can you reconstruct: who triggered it, what inputs it received, which tools it called, what outputs it produced, and what changed? If any link is missing, you don't have an audit trail—you have a liability.

Anthropic signed a term sheet for $10 billion at a $350 billion pre-money valuation—nearly doubling from $183 billion just four months ago. Coatue and GIC (Singapore's sovereign wealth fund) are leading. This is separate from the $15 billion Microsoft-Nvidia commitment. The math tells the story: enterprise agent platforms are being priced like infrastructure, not software. Run-rate revenue reportedly jumped from $1 billion to $5 billion through 2025, with Claude Code alone generating $500M+ ARR.

Do now: Review your AI vendor contracts for lock-in exposure. If your primary agent platform is raising at these multiples, they're building for the long term—which means your switching costs are about to compound. Negotiate data portability and model-agnostic architecture clauses now, before renewal.

TrendForce projects DRAM prices rising 50–55% in Q1 2026 versus Q4 2025—unprecedented in the industry's history. SK Hynix has presold its entire 2026 HBM output. Micron is exiting consumer memory (Crucial brand) to redirect wafers to AI customers. Relief won't arrive until new mega-fabs reach volume production in 2027–2028. Every HBM wafer produced "cannibalizes" 3–4 standard DRAM chips. Your inference cost model just broke.

Do now: Recalculate your AI inference budget with 40–50% higher memory costs. Benchmark current serving efficiency: cost per 1K tokens, GPU utilization rates, batch sizes. Set Q2 2026 targets for 20–30% efficiency gains through quantization, speculative decoding, or workload consolidation. The companies that optimize now will have margin when competitors are scrambling.

France's Ministry of Armed Forces awarded Mistral AI a framework agreement covering all military branches, directorates, and affiliated entities (CEA, ONERA, SHOM). The non-negotiable condition: deployment on French-controlled infrastructure. No foreign cloud. No extraterritorial jurisdiction exposure. Mistral will fine-tune models on defense-specific data under AMIAD (Ministry Agency for Defense AI) oversight. This isn't a pilot—it's policy.

Do now: If you're selling to European public sector, map your infrastructure against data residency requirements by member state. Identify which workloads can run on in-region capacity today versus which require hybrid architectures. The procurement teams asking "where does the data live?" aren't going away.

The European Commission will decide whether to clear, conditionally approve, or escalate Google's acquisition of cloud security firm Wiz to Phase II investigation. US regulators cleared the deal in November. At stake: whether Google Cloud can bundle Wiz's multi-cloud security capabilities (AWS, Azure, Oracle support) into enterprise contracts—or whether regulators force structural concessions. A $3.2 billion breakup fee concentrates minds.

Do now: If you're evaluating cloud security platforms, delay major commitments until post-February 10. The decision will clarify whether Wiz remains multi-cloud or tilts toward Google Cloud integration. Either outcome changes your vendor calculus.

Apple and Google announced a multi-year collaboration: Apple Foundation Models will be based on Gemini and Google Cloud technology, powering a revamped Siri launching later this year. Bloomberg previously reported the deal is worth approximately $1 billion annually, with Google building a custom 1.2 trillion parameter model for Apple. The deal is non-exclusive—OpenAI's ChatGPT integration remains—but Gemini is now at the center of Apple's AI strategy.

Do now: Reassess your enterprise mobile security policies for AI-enabled assistants. When Siri becomes a front door to Gemini, employee queries through personal devices gain new data exposure vectors. Update acceptable use policies and consider MDM configurations that govern assistant access to corporate data.

South Korea becomes the second jurisdiction (after the EU) with comprehensive AI legislation. The law requires risk assessments, user notification, documentation, and human oversight for "high-impact AI" in healthcare, hiring, finance, and public services. Foreign AI operators must designate a Korean representative. A one-year grace period prioritizes guidance over penalties, but enforcement will follow.

Do now: If you operate AI systems affecting Korean users, begin high-impact classification assessment now. Map which deployments fall into regulated categories (employment decisions, loan screening, healthcare). The grace period is for preparation, not delay.

Parliament passed amendments to the Public Sector (Governance) Act on January 12, allowing government agencies to share data with authorized external parties—social service agencies, community groups, trade associations—for seven prescribed public-interest purposes. Criminal liability for misuse (up to S$5,000 fine, 2 years imprisonment) now extends to external partners. The pattern is clear: controlled data sharing, not data hoarding, with accountability boundaries that survive the sharing.

Do now: Review your data-sharing agreements with government partners globally. Singapore's model—ministerial authorization, contractual safeguards, criminal liability for misuse—is likely to propagate. Ensure your data governance frameworks can accommodate delegated access with audit trails.

Deep Dive

The mental model most organizations use for AI is outdated. They think of it like an API: send text, get text, wrap it in a UI, call it a pilot. That model collapses the moment agents can read files, move money, update tickets, change configurations, or trigger workflows. The risk shifts from hallucinations to actions taken on real systems.

This week's news crystallizes the transition. Cowork shows the capability direction: agents with filesystem access, service connectors, and browser control. Allianz shows the enterprise requirement: if agents operate inside a regulated company, interaction logging and traceability aren't features—they're the product.

The gap between these two realities is the governance stack nobody has finished building.

Most agent frameworks focus on orchestration: tool selection, memory management, planning loops. But orchestration without observability is a liability. When an agent takes an action, you need to answer six questions:

Who triggered the agent? (Identity and authorization) What did it receive as input? (Prompt, context, attachments) Which tools did it call? (External services, databases, APIs) What parameters did it use? (Arguments passed to each tool) What outputs did it produce? (Responses, side effects, state changes) What changed in the real world? (Files modified, messages sent, records updated)

If you can't answer all six for every agent interaction, you don't have an audit trail. You have a log file that will fail the first serious incident review.

Allianz's partnership with Anthropic is notable precisely because it treats this as a first-class requirement. They're not bolting logging onto existing deployments—they're designing systems where every AI interaction produces reviewable records for regulatory needs. That's the difference between a pilot and a platform.

So what? Companies that treat agent logging as an afterthought will face two failure modes. First, incident response becomes archaeology: reconstructing what happened from partial traces across multiple systems. Second, regulatory conversations become adversarial: explaining why you can't demonstrate what your AI did with customer data. Both are avoidable with upfront design.

If you're a CTO or CISO trying to move beyond pilots, here's the practical control plane:

1. Permissioning is the new prompt engineering. Define what the agent can do, not only what it should do. Treat agents like privileged service accounts: least privilege, scoped tokens, explicit tool allowlists. If the agent can't call an API, it can't cause an incident through that API.

2. Irreversible actions require gates. Agents are fast, but governance is about stopping the wrong fast. Any destructive or irreversible step—deleting files, changing production configs, executing payments, sending external communications—requires either human approval or a policy engine that enforces change windows and risk thresholds.

3. Continuous evaluation, not demo-time validation. Once agents connect to real tools, you need ongoing assessment: regression tests for tool use, prompt-injection red teaming, and drift monitoring of outputs over time. The cost of "it worked in the demo" becomes operational debt measured in incidents.

4. Immutable interaction logs with business context. Raw API logs aren't enough. You need structured records that capture the business meaning of each interaction: what task was being performed, what decision was made, what the human-readable outcome was. Compliance officers don't speak JSON.

5. Capacity planning includes governance overhead. Every logged interaction consumes storage. Every human-approval gate adds latency. Every policy check requires compute. Factor these costs into your agent architecture from the start, not as a retrofit.

So what? The European constraint makes this sharper. GDPR requires demonstrable accountability for automated decisions affecting individuals. The AI Act mandates conformity assessments and human oversight for high-risk systems. If your agent architecture can't produce the evidence these frameworks require, your deployment timeline just extended by the time it takes to rebuild.

Here's the uncomfortable truth beneath the governance discussion: most enterprise AI roadmaps assume elastic inference capacity. The physics disagree.

SK Hynix has presold its entire 2026 HBM output. DRAM prices are up 50–55% quarter-over-quarter. Every HBM wafer diverts capacity from three to four standard DRAM chips. Relief—new mega-fabs reaching volume production—won't arrive until 2027–2028.

This matters for agent governance because agentic systems are inference-hungry. Multi-step reasoning, tool use, and context management multiply token consumption compared to single-turn completions. If you can't secure predictable inference capacity at acceptable cost, you can't run agentic systems reliably. And if you can't run them reliably, your governance controls don't matter—because you can't deploy.

So what? Capacity and cost are now governance variables. Your agent rollout needs to answer not just "is this compliant?" but "can we afford to run this at scale with 40% higher memory costs?" The companies that optimize inference efficiency now—through quantization, speculative decoding, request batching—will have deployment options when competitors are capacity-constrained.

Forget model leaderboards. The metric that matters this year is: can your agent architecture pass internal audit, survive regulator questions, and scale under real infrastructure constraints?

That requires three things most organizations don't have yet:

The Cowork announcement shows where capability is heading. The Allianz partnership shows where enterprise requirements are heading. The HBM shortage shows where infrastructure constraints are heading.

The winners in 2026 will be the ones who build at the intersection of all three.

Regulatory guidance:

Infrastructure analysis:

Enterprise case studies:

The agent era doesn't reward capability—it rewards control. Cowork proves agents can do the work. Allianz proves enterprises need to prove what they did. The HBM squeeze proves you can't assume infinite scale.

Build the audit trail first. Optimize for constraints second. Ship features third.

Stay curious, stay governed, and keep optimizing the stack.

Until next week, thanks for reading.
João

OnAbout.AI delivers strategic AI analysis to enterprise technology leaders. European governance lens. Vendor-agnostic. Actionable.