CRM as we know it is dead. What replaces it will expose every governance gap your organisation has been carrying.
Curia AI | AI Governance Advisory | Insights & Perspectives
CRM as we know it is dead. Not the data inside it, not the relationships it represents, not the decades of accumulated supporter history your organisation has built. The system your fundraisers navigate every day, the screen, the dashboard, the manual process of finding what they need, that is what is ending. And what is arriving to replace it will test every assumption your organisation has made about data governance, trustee accountability, and what it actually means to deploy AI responsibly.
The interface is ending. The governance question is just beginning.
The vendor announcements of the past few months are unambiguous, and they are arriving faster than most charities have registered. Salesforce’s Headless 360 launch in April 2026 exposed the entire platform as APIs, MCP tools, and operations designed to be executed by AI agents rather than navigated by humans. But Salesforce is not leading this shift; it is responding to it. Microsoft has been systematically dismantling the case for a standalone CRM interface for two years, embedding Copilot across Dynamics 365 and the M365 estate so that agents can read and write records, trigger workflows, and operate across an organisation’s full supporter data surface without anyone opening a browser. And the shift is no longer confined to the enterprise tier: Creatio, which sits much closer to the mid-market reality where many charities actually make technology decisions, now positions itself as an AI CRM and agentic workflow platform, with agents exposed through Outlook and Teams.
The connective tissue underneath all of this is MCP, the Model Context Protocol, an open standard created by Anthropic and now adopted by major enterprise platforms. It gives AI agents a universal way to discover, understand, and operate external systems through a single protocol. What Scott Brinker and Databricks described as the composable canvas in their March 2026 report is now being built in real time. The rigid vertical stack of the past two decades is being replaced by a fluid architecture where a unified data foundation sits at the centre, and agents and applications assemble what they need dynamically on top of it.
Standardise to diversify. By standardising the data foundation, you increase your ability to diversify what runs on top of it. This is the architectural liberation that good data governance has always promised.
The canvas is arriving. The data is not ready.
For charities already on the Microsoft 365 estate, which is the majority, this is not an abstract future. Microsoft Fabric is the practical expression of the composable canvas built on infrastructure they already pay for. OneLake provides the unified data foundation. Fabric IQ adds the semantic intelligence layer. Fabric data agents are now available within the platform. For those on M365, the composable canvas is arriving in the next Fabric release cycle. The governance question is not whether to engage with it. It is whether the organisation is ready for it.
And here the argument meets a reality that anyone who has spent serious time inside charity data systems will recognise immediately. The composable canvas assumes the data is ready. For most charities, it is not.
Duplicate records. Consent gaps. Inconsistent campaign data governance. Gift histories that do not reconcile across systems. Supporter journeys that exist in three different platforms with three different versions of the same person. The longitudinal view of a supporter or beneficiary that the architecture assumes as its asset is, in most charity databases, something that has never been properly defined, let alone consistently maintained.
The semantic layer that the composable canvas requires is, in practice, an organisational process before it is a technical one. Defining what supporter means, what beneficiary means, what a lapsed donor means, what permissions exist across different channels, and what the lineage of consent data looks like across years of collection: that requires cross-functional agreement on concepts that different teams have understood differently for years. It is not a configuration task. It is a data governance process, and no platform initiates it on your behalf.
The governance gap that no platform fills
Assuming the data foundation is ready, the next question is who governs what runs on top of it. And here the composable canvas has a more fundamental gap, one that the vendor tooling makes visible but does not fill.
Salesforce’s AgentScript, released as an open, schema-driven language for defining agents, their state, instructions, and behaviour, illustrates the distinction precisely. It gives developers a determinism dial: at one end, tightly governed and fully deterministic agents where every transition is explicitly defined; at the other, a single reasoning block and the model reasoning freely. The language, the specification states, does not take sides. But in any organisation handling personal data about real people, someone has to. AgentScript tells you how to configure where on that dial an agent sits. It does not tell you who in your organisation has the authority to make that decision, what process they should follow, or who is accountable for AI when an agent acts at a level of autonomy that turns out to have been inappropriate.
Control data is a tool for governance. It is not a system of authority. The distinction matters enormously for any organisation operating under trustee accountability.
Microsoft’s response is more developed. Agent 365, now generally available, provides a technical control plane for agent identity, observability, and security: every agent receives an Entra Agent ID, access policies are enforced through conditional access, and behaviour is monitored through Purview. But a technical control plane is not the same as an organisational authority plane. Agent 365 tells you which agents are running and what they are technically permitted to do. It does not tell you whether a named trustee has approved that level of autonomous action against beneficiary data, whether an AI impact assessment was conducted before deployment, or who bears accountability when something goes wrong.
Privacy and data protection risks in LLM-based and agentic systems cannot be adequately addressed through ad-hoc organisational practices or existing compliance tools alone. Effective governance requires combined technical, legal, organisational, and user-centred approaches, recognising that no single technical measure is sufficient.
Consultative Committee of Convention 108, Draft Guidelines on Privacy and Data Protection in the Context of LLM-based Systems, 12 May 2026
The draft guidelines Privacy and Data Protection in the Context of LLM-based Systems, published on 12 May 2026 are unambiguous on this point. On agentic systems specifically, they identify the accountability problem directly: in layered and distributed agentic environments, determining which actor acts as controller, joint controller, or processor may be complex, thereby complicating the allocation of responsibilities. Encoding AI governance policy as control data in a composable platform does not resolve that question. It obscures it.
Why this matters more for charities
For a commercial organisation deploying agents against customer data, the governance failure mode is primarily a reputational and legal risk. For a charity operating under the Charity Commission, the ICO, and the Fundraising Regulator, handling donor relationships, beneficiary needs, safeguarding signals, and consent records, it is a significant trust risk of a different order.
Guidance from the Fundraising Regulator and ICO is unambiguous on where accountability sits. Trustees bear personal responsibility for how AI is deployed in their organisations. Not the platform. Not the data team. Not the IT function. That accountability cannot be satisfied by a well-configured semantic layer. It requires a governance framework that exists above and independent of the technical architecture: policy-driven rather than rule-encoded, board-owned rather than platform-managed, and accountable in the way that regulators mean when they use that word, rather than merely auditable in the way that data engineers do.
The composable canvas creates a specific governance failure mode worth naming clearly. Because control data can be changed as easily as any other data, permission boundaries can be loosened quietly. An agent’s autonomy can be expanded incrementally. AI governance policies that were set with appropriate care can drift without anyone noticing, because the platform does not require organisational authority to change them. It only requires someone with the right platform permissions. For a charity operating under trustee accountability, that gap between platform permission and organisational authority is where the regulatory exposure lives.
What the composable canvas actually requires
None of this is an argument against the composable canvas. It is the right architectural direction, and the vendor convergence makes that increasingly clear. The argument is that the canvas remains infrastructure without an organisational authority plane sitting above it: a responsible AI governance system that determines who has the right to set the parameters, who reviews them, and who is accountable when autonomous agents act on the decisions encoded within them.
The answer begins with an honest assessment of whether the data foundation is ready to be the canvas on which agents operate. That assessment is not a technical audit. It is a governance process, one that requires the organisation to define what its data actually means, who owns it, how trustworthy it is, and what would need to be true before it could carry the weight of autonomous agent action. It then requires the cross-functional facilitation process that resolves the definitional disagreements that have always existed underneath the surface of the data. And it requires a governance system that is board-owned, policy-driven, and answers the question no tool can answer: who is responsible when something goes wrong, and what process exists to prevent it happening again.
Govern the foundation well, and the canvas becomes what its architects promise. Build it on ungoverned data, with ungoverned agents, and a technical configuration standing in for an organisational AI governance system, and the explosion of apps and agents becomes an explosion of ungoverned risk, operating at machine speed, on data that was never ready to carry the weight being placed on it. The organisations that understand that distinction now will be the ones that build the trust that makes the architecture worth having.
Headless CRM: The Composable Canvas Has Arrived. The Governance System Has Not.
The full paper, available for download below, sets out the evidence behind this argument in detail, including the vendor landscape, the regulatory context, and the practical governance questions that charity boards and technology leaders need to answer before the canvas arrives in their next Fabric release cycle.
Curia AI helps UK charities and purpose-led organisations build the governance foundations that make AI trustworthy, effective, and strategically valuable.
© 2026 Curia AI Limited · curiaai.co.uk · jcromack@curiaai.co.uk
