Partner content: As enterprise networks expand across locations, vendors, clouds and operational domains; managing access policies is becoming a critical operational challenge
The Catalyst C26.0.921 Trusted agentic AI for access management, addresses this challenge by bringing AI-driven compliance into the network itself. The project focuses on secure access control, with the ambition to make user management, network and system engineering faster, risk-free and trusted through auditable access control.
The challenge is clear: compliance, agentic AI and competitive telecom economics have converged on the same technical problem. Operators need to turn regulation and enterprise customer requirements from a downstream audit burden into an upstream, automated property of the network.
The Catalyst demonstrates this progression on a running system: regulatory obligation, AI-interpreted policy, human-reviewed rule change in a Digital Identity Management layer, enforced access decision and tamper-evident audit record.
Mobile Europe spoke with Steffen Krippner of Vodafone, Karsten Thon of Deutsche Telekom Wholesale and Marc Seidemann of Tallence to understand why trusted agentic AI is becoming a strategic requirement for enterprise connectivity, how the Catalyst approaches risk and explainability, and what it could mean for secure network operations.
Interview participants
- Steffen Krippner, Senior Manager OSS Fulfilment, Vodafone
- Karsten Thon, Senior Business Architect Wholesale, Deutsche Telekom
- Marc Seidemann, Chief Data Officer, Tallence AG.
Catalyst partners
Champions: Vodafone and Deutsche Telekom
Participants: Tallence, CELFOCUS and GIP Exyr + Xyna
The partners are collaborating on a standards-based blueprint for trusted agentic AI in telecom access management, showing how regulatory obligations and enterprise bid requirements can be translated into AI-interpreted policy, human-reviewed rule changes, enforced access decisions and tamper-evident audit records.
“This Catalyst proves that AI-guided Identity & Access Management is no longer a vision. It is an engineering reality.” Steffen Krippner, Vodafone
Mobile Europe: Steffen, why is this Catalyst relevant now?
Steffen Krippner: Enterprise customer networks have reached a level of complexity where traditional operating models are under real pressure. We are dealing with distributed infrastructure, multiple technology domains, different vendor environments, and a growing number of human and machine identities that require access to network capabilities.
The issue is not simply whether a configuration can be changed. The issue is whether every access decision and every configuration action can be checked against current policy, contract and regulation before it creates risk.
That is why this Catalyst is so relevant. It focuses on turning compliance and secure access into a live, automated, and auditable property of the network. Instead of treating permissions management as a reactive, paper-based burden, we are showing how it can become continuously validated and enforceable.
Mobile Europe: Karsten, from a Deutsche Telekom Wholesale perspective, what is the strategic importance of this work?
Karsten Thon: Secure connectivity is becoming a foundation for every digital business model. Enterprises depend on networks not only for communication, but for production, customer interaction, cloud access, data exchange, and increasingly AI-enabled operations.
That means network configuration and permissions management are no longer purely technical tasks. They are part of enterprise resilience and critical infrastructure protection.
The strategic importance of this Catalyst is that it connects AI-driven automation with trust, accountability, and operational control. In complex environments, the question is not simple: can AI recommend a change? The question is: can we understand why it recommends that change, which policy basis it used, what risk it identified and whether a human or system boundary should approve or block the action?
This is where the Catalyst creates value. It brings together a TM Forum-aligned Digital Identity Management layer, an AI Compliance Agent and Zero-Trust safeguards, including policy dry-runs, human-in-the-loop controls, controlled rollout and test data injection.
“In a world where network infrastructure underpins critical public and government services, getting permissions management right is not optional. It is existential.” Karsten Thon, Deutsche Telekom
Mobile Europe: Marc, Tallence brings deep expertise in IAM. How does that shape your perspective on this Catalyst?
Marc Seidemann: Tallence has been designing and operating large-scale IAM systems for over a decade. What we have learned, above all, is that trust is not a feature you add at the end. It has to be the foundation from which everything else is built.
That is exactly what makes this Catalyst compelling for us. The Digital Identity Management layer is not a wrapper around existing tooling. It is a principled enforcement architecture that reflects how IAM must work in high-stakes environments: every access decision is grounded in verifiable policy, every change is bounded, and the audit trail is part of the system, not an afterthought. As Steffen and Karsten have described, the challenge for operators today is precisely this convergence of compliance, agentic automation and real-time enforcement. Tallence brings the IAM engineering depth to make that convergence reliable.
From a data governance perspective, what we also see is that identity is the primary data problem in network operations. Who is allowed to do what, based on which policy, under which contractual obligation? That data must be consistent, current and authoritative. Without clean identity data, no AI agent can make trustworthy decisions. The Catalyst shows how a well-architected IAM layer solves that data quality challenge at the source.
The safeguards Steffen described — the policy dry-run, the human-in-the-loop review, the controlled rollout — are not just technical mitigations. They reflect a mature understanding of how trust is established in IAM systems. In our experience, the organizations that operate IAM well are those that treat every policy change as a formal event: documented, validated and traceable. The Catalyst encodes that discipline into the AI-assisted workflow itself.
“Trust in AI-driven operations starts with trustworthy identity data. Without that foundation, no automation can be truly accountable.” Marc Seidemann, Tallence
Mobile Europe: Steffen, what pain point does the Catalyst address most directly?
Steffen Krippner: The biggest pain point is complexity in access requirements. In large-scale environments, permissions and configuration policies often evolve across different systems, teams, and vendor domains. Even when organizations have strong governance principles, operational implementation can become inconsistent.
That creates risks. A policy may be correct in one system but outdated in another. A permission may have been appropriate at one point, but no longer matches the current legal, contractual or operational context.
The Catalyst addresses this by consolidating enforcement into a single Digital Identity Management layer aligned with TM Forum concepts. The goal is to check access decisions, whether humans or machines, against current policy. That helps move organizations from periodic review to continuous enforcement.
Mobile Europe: Karsten, how does this align with Zero Trust and industry standards?
Karsten Thon: Zero Trust is based on the principle that access should never be assumed. It must be continuously verified, context-aware, and policy-driven. That principle is highly relevant to enterprise network operations.
This Catalyst applies Zero Trust thinking to permissions and access management. The Digital Identity Management layer acts as the enforcement point for access decisions. The AI Compliance Agent helps interpret regulatory and contractual requirements into candidate policy updates. The safeguards then ensure that changes are tested, reviewed, and rolled out in a controlled manner.
That is why the project is grounded in TM Forum standards such as TMF720 and TMFC020. The goal is not only to demonstrate an AI use case, but to contribute to a practical blueprint for standards-based, auditable and adaptable IAM in telecom environments.
Mobile Europe: What business impact does the Catalyst aim to demonstrate?
Steffen Krippner: The business impact is very concrete. The Catalyst aims to reduce the time required to turn new regulatory or contractual requirements into enforced network access policy from weeks to hours. It also targets a reduction in IAM integration effort by replacing per-system access logic with a single DIM enforcement point.
Another important outcome is auditability. Operations and compliance teams need near-real-time answers to questions such as: who accessed what, when and under which authority? Today, that often requires multi-day cross-system log stitching. The Catalyst shows how this evidence can become part of the access control architecture itself.
For operators, this also supports addressable market expansion. Sovereign, defence and critical-infrastructure contracts increasingly demand contractually enforceable, auditable access control. Static, role-based models will struggle to qualify for those environments.
Mobile Europe: Marc, what does Tallence’s IAM expertise contribute to the broader data and trust story of this Catalyst?
Marc Seidemann: What enterprises and operators should take away is that IAM is no longer a backend IT concern. It is the operational backbone that makes AI-driven network management possible. Identity is the control plane for everything else: for access, for compliance, for data integrity, and ultimately for trust.
Tallence has built and operated IAM systems for some of the largest and most regulated organizations in Europe. The consistent lesson is that data quality, governance and access control are inseparable. When one breaks down, the others follow. What the Catalyst demonstrates is that AI can help maintain that coherence at scale, but only if the IAM layer itself is authoritative. The AI is only as reliable as the identity data it reasons over.
From a data perspective, this Catalyst also demonstrates something important about how organizations should think about regulatory compliance. Compliance is not a reporting function. It is a data discipline. You need to know, at any given moment, exactly who has access to what, why they have it, and whether that access is still appropriate. That requires clean data, strong governance, and an enforcement layer that keeps pace with change. That is what IAM provides, and what this Catalyst operationalizes at network scale.
The organizations that will lead in this space are those that invest in the foundation: trustworthy identity data, consistent governance frameworks and IAM systems that are genuinely interoperable. The Catalyst shows that AI and Zero Trust can work together effectively when these foundations are in place. Tallence is here because we have spent years building exactly that. We look forward to continuing this work with Vodafone and Deutsche Telekom to make trusted agentic AI a scalable reality for the industry.
Project coordination and communications
The Catalyst was coordinated and supported from a communications perspective by Nicole Schroeder, Head of Marketing at Tallence AG.
Meet the Catalyst at DTW Ignite 2026
C26.0.921 Trusted agentic AI for access management will be presented at DTW Ignite 2026, taking place from 23 to 25 June 2026 in Copenhagen, Denmark.
You can find the project in the Trustworthy AI and Data Innovation Zone, Kiosk I 2.8.
The Catalyst team will also present the project in the Innovation Arena at 10:10am CEST on 25 June.
Join us to see how trusted, auditable and explainable agentic AI can help enterprises strengthen access management, reduce configuration risk, and create a secure foundation for next-generation network operations.
Trusted agentic AI is not about removing control. It is about making control scalable.
