Google DeepMind Puts $10M Into Multi-Agent AI Safety Research
Google DeepMind and Schmidt Sciences are funding $10M in research on risks from millions of AI agents interacting online. Here's what that means for businesses.
LUMIEN4 min read
Google DeepMind and Schmidt Sciences announced a $10 million funding pool on June 11, 2026, aimed at researchers studying what happens when millions of AI agents interact with each other at scale. According to Rohin Shah, who directs DeepMind's AGI safety and alignment work, the risk is not just agents acting without human supervision. It is agents that take instructions from other agents, creating behaviour chains that no single person ever authorised or can easily trace.
What happened
Google DeepMind has joined forces with Schmidt Sciences and several other organisations to build a $10 million research fund focused on multi-agent AI safety. The announcement came on June 11, 2026, roughly a month after DeepMind put agent-based tools at the centre of Google I/O.
The money is intended for external researchers who want to study how large numbers of AI agents behave when they interact online and how to stop those interactions from producing unsafe outcomes.
Rohin Shah, DeepMind’s head of AGI safety and alignment research, described the problem clearly: agents that can act without human oversight, and that can receive and follow instructions from other agents rather than only from people, represent a genuinely new class of risk. That is different from the single-agent chatbot or automation tool most businesses are using today.
Why it matters
Most current AI deployments involve one model, one task, one user. The agent era changes that structure. A scheduling agent might instruct a purchasing agent, which instructs a payments agent, and so on. No human may review the middle steps.
That delegation chain is where things get complicated:
- Attribution breaks down. If an agent network makes a bad decision, it can be genuinely difficult to identify which instruction, from which agent, caused it.
- Attack surface grows. An agent that accepts instructions from other agents can potentially be manipulated by a malicious agent injected into the network.
- Scale amplifies errors. A flawed behaviour that would be a minor issue in one agent can propagate across millions of interactions before anyone notices.
DeepMind is already shipping agent products commercially, which makes this funding move notable. The company is publicly acknowledging that the technology it is selling at scale is generating research questions it does not yet have full answers to.
Our take
A $10 million research fund is not a large number for a company of Google’s size. But the signal here is worth paying attention to, separate from the dollar figure.
When the team building and selling a technology says “we need outside researchers to help us understand what happens when this scales,” that is an honest admission. It is more credible than a safety blog post written by the same people who ship the product.
For most businesses, the practical risk is not millions of rogue agents in 2026. It is smaller and more immediate: you adopt an agentic workflow, it integrates with a vendor’s agent, and suddenly a process runs that nobody on your team explicitly approved. The accountability gap exists at five agents, not five million.
The research DeepMind is funding will take time to produce usable guidance. In the meantime, if you are building or buying agent-based tools, the burden is on you to document what each agent is permitted to instruct, and what it is not.
What to do about it
If you are deploying AI agents in your business today, start with these basics before the research catches up:
- Map your agent graph. List every AI agent in your stack and document which ones can trigger actions in other systems or agents.
- Set hard permission limits. Define what each agent is allowed to do and enforce those limits at the integration level, not just in the prompt.
- Require a human checkpoint for consequential actions. Payments, contract changes, external communications. Put a person in that loop until you have logs good enough to audit without one.
- Watch the DeepMind research output. The funded studies on multi-agent behaviour will likely produce the most concrete safety frameworks available on this topic over the next one to two years.
The agents era is arriving whether the safety research keeps pace or not. Build your own guardrails now rather than waiting for industry standards to catch up.
