COA-MAS Cognitive Organization Architecture for Multi-Agent Systems

The deployment of autonomous AI agents in enterprise software systems has outpaced the governance infrastructure required to make such deployments safe. This paper presents COA-MAS (Cognitive Organization Architecture for Multi-Agent Systems), a governance framework grounded in organizational theory, institutional design, and normative multi-agent systems research. The framework addresses the Distributed Cognitive Chaos (DCC) failure mode — the structural consequence of deploying agents without formal authority hierarchies, authorization contracts, or enforcement boundaries — through three integrated components: 1- A four-layer organizational architecture derived from Simon's bounded rationality and hierarchical decomposition principles 2- The Action Claim ontology, a formal authorization object whose design reflects Ostrom's institutional analysis framework 3- The AASG (Autonomous Agent Security Gateway), a protocol-agnostic enforcement proxy operating at the boundary between agent coordination (A2A) and tool execution (MCP) The framework introduces the Justification Gap metric — the first computable measure of semantic proportionality between a delegated mandate and a proposed action — and the Intentionality Termination Point concept as a response to the infinite regress problem in language-based governance. The problems addressed are independently recognized by the IETF Internet-Draft on AI Agent Authentication and Authorization (draft-klrc-aiagent-auth-00, March 2026) and by enterprise security practitioners. COA-MAS implements and extends the AIMS model with a semantic authorization layer absent from existing standards.