I’ve seen a lot of agent demos this year. An agent that books flights. An agent that writes SQL. An agent that summarizes your inbox. They all look impressive in a three-minute video.
Then someone asks: “Can we run this in production?” And the room gets quiet.
The gap between a demo agent and a production agent system is enormous — and it’s not about the model. It’s about the architecture around it. After 25 years of building data infrastructure in financial services — systems that have to work at 3 AM when nobody’s watching and billions of dollars are on the line — I’ve developed strong opinions about what “production-grade” actually means. Here are three patterns that separate toy agents from real systems.
Pattern 1: The Supervisor Loop
The most common failure mode for production agents? They hallucinate an action, execute it, and nobody catches it until the damage is done.
The fix is deceptively simple: never let an agent be its own judge. Every consequential action needs a supervisor — and that supervisor can be another agent, a rule engine, or a human in the loop.
In prime brokerage, this is non-negotiable. I built trade entry systems at a major investment bank where every order went through multiple validation layers before hitting the wire. The same principle applies to agents. An agent processing margin calls might flag a counterparty exposure breach, but the resolution — issuing the call, adjusting collateral requirements, or escalating to risk management — goes through a supervisory layer that validates against regulatory thresholds before anything touches the books.
At an asset management firm, a portfolio rebalancing agent might recommend allocation changes based on drift analysis and market signals, but a supervisor validates that no trade violates concentration limits, regulatory constraints, or client-specific investment policy statements.
The pattern looks like this:
Agent (propose) → Supervisor (validate) → Executor (act) → Observer (log)Each stage is a separate concern. The agent proposes. Something else decides whether to proceed. A third thing executes. A fourth records what happened. You can swap any component without touching the others.
Pattern 2: Structured Fallback Chains
Production agents need to degrade gracefully. If the primary model is down, you don’t just fail — you fall back. If the tool server is unreachable, you queue the action. If the agent can’t parse the response, you have a default behavior that’s safe.
I’ve seen this done well in risk management. A real-time VaR calculation agent at a multi-strategy hedge fund uses a three-tier fallback:
- Full autonomy: Agent evaluates positions, market data, and correlation matrices in real-time, computes portfolio-level risk metrics and flags breaches.
- Constrained mode: If the market data feed is degraded, agent falls back to last-known-good prices with a staleness flag, and widens confidence intervals to compensate.
- Pass-through: If the agent itself is unavailable, requests route to the existing batch risk engine — no risk reports get missed.
The key insight: the system works without the agent. The agent makes it better, faster, smarter — but it’s not a single point of failure. This is the difference between an AI-enhanced system and an AI-dependent one. When you’re managing billions in client assets, that distinction matters.
Pattern 3: Observable Agent State
You can’t debug what you can’t see. Every production agent system needs to answer these questions in real-time:
- What is the agent currently doing?
- What did it decide, and why?
- What tools did it call, with what parameters?
- What data did it read and write?
- How long has it been stuck?
This isn’t logging — it’s observability. Structured traces, not printf statements.
At a major mortgage agency where I’ve been building AI solutions for the last several years, observability over data operations is critical. When an agent processing mortgage pipeline data produces an unexpected result, you need to trace backward from the output through the model’s reasoning to the specific data inputs — and usually the problem is upstream data quality, not the agent itself. We built our observability around three artifacts: the decision log (what the agent chose and its reasoning), the data lineage (which datasets informed the decision), and the action receipt (what actually happened downstream).
This is where the data layer matters enormously. If your agent is reading from and writing to a platform that tracks lineage, validates quality, and logs every operation, you get observability almost for free. If your agent is stitching together raw API calls to six different services… good luck debugging that at 2 AM.
The Common Thread
Every one of these patterns comes back to the same principle: treat agents like any other distributed system component. They need fallbacks, observability, and supervision. The model is impressive, but the architecture around it is what makes it production-worthy.
The exciting part? We’re past the “can agents do useful things?” phase. They can. The question now is whether we build the infrastructure to let them do those things reliably, safely, and at scale.
That’s exactly the problem space we’re focused on with Datris Platform — building data infrastructure where agents are first-class operators, not afterthoughts. Config-driven pipelines, built-in MCP server, AI-native data quality, full operation logging. The patterns above get a lot easier when your data layer was designed for them.
If you’re moving agents from demo to production, check out the docs or grab the repo. And if you’ve found patterns that work in your domain — I’d genuinely love to hear about them.
Todd Fearn is the founder of Datris.ai and has spent 25+ years building data infrastructure and AI solutions across financial services, including at major investment banks, hedge funds, asset managers, and government-sponsored enterprises.