Designing a non-human identity governance framework for autonomous AI agents in a regulated financial services environment — covering identity lifecycle, least-privilege enforcement, Conditional Access for workloads, and real-time detection of agent credential abuse.