Key Takeaways
- AI agents are already handling billions of dollars in commerce, with AI‑driven traffic to U.S. retail sites up 805% YoY and projected global sales of $22 billion by Black Friday 2025.
- No scalable identity infrastructure exists to verify who an AI agent is, what it is authorized to do, or whether it is acting within sanctioned limits.
- A “Know Your Agent” (KYA) framework—building on the Know‑Your‑Customer model—is proposed, requiring four capabilities: agent identification, authorization confirmation, accountability, and continuous behavior monitoring.
- NIST’s AI Agent Standards Initiative seeks to close the standards gap through industry‑led standards, open‑source protocol development, and security research, with early work on identity/authorization and sector‑specific listening sessions.
- Financial regulators, per an IMF note, argue that traditional fraud detection fails for agent‑mediated payments and call for mandatory verifiable identities for financial bots, tokenized authorization, and cryptographic mandate frameworks.
- Without robust identity and accountability infrastructure, distinguishing legitimate commerce agents from malicious bots will be impossible, determining whether agentic commerce drives global prosperity or becomes a new frontier for fraud.
The Rise of Agentic Commerce
AI agents are no longer a futuristic concept; they are actively transacting across retail, finance, travel, and enterprise procurement at speeds that outpace any human oversight loop. As Johnny Ayers, CEO of Socure, notes in a World Economic Forum article, “By Black Friday 205, AI‑driven traffic to U.S. retail sites had risen 805% year over year, with agents driving over $22 billion in global online sales.” This explosive growth is reflected in market forecasts: the global AI agents market, valued at $5.4 billion in 2024, is projected to swell to $236 billion by 2034. The sheer volume of agent‑mediated transactions underscores the urgency of establishing trust mechanisms that can keep pace with automation.
The Trust Gap in Agentic Transactions
Despite their proliferation, the current trust infrastructure cannot answer a fundamental question posed by the WEF piece: “When a human is not the transacting party, how do we establish identity certainty?” Suppliers receiving an order from an AI agent have no way to verify whether that agent is legitimate, operating within authorized limits, or merely a malicious bot impersonating a buyer. The article warns that without a reliable way to distinguish bona fide agents from fraudulent ones, the agentic economy risks becoming a breeding ground for unprecedented fraud rather than a catalyst for prosperity.
Introducing the Know Your Agent Framework
To close this trust gap, the WEF article proposes a Know Your Agent (KYA) framework, modeled after the decades‑old Know Your Customer (KYC) regime that underpinned financial globalization in the 1970s. A functional KYA system, according to the article, hinges on four core capabilities:
- Establishing who and what the agent is – a verifiable identity tied to a legal entity or responsible party.
- Confirming what it is permitted to do – clear, enforceable authorization scopes.
- Maintaining accountability for every action – immutable logs that attribute each transaction to the agent.
- Continuously monitoring behavior against approved parameters – real‑time checks that detect deviations or prompt‑injection attempts.
These pillars aim to provide the same level of certainty that KYC offers for human customers, but adapted to the autonomous nature of AI agents.
NIST’s Move to Standardize AI Agents
Recognizing the urgency, the National Institute of Standards and Technology (NIST) launched the AI Agent Standards Initiative in February. The announcement stresses that while agents can operate autonomously for hours across code, calendars, and commerce, their real‑world utility is hampered by a lack of confidence in reliability and interoperability. Without standards, innovators face a fragmented ecosystem and stunted adoption. The initiative advances along three pillars: industry‑led development of agent standards, community‑led open‑source protocol development, and research in AI agent security and identity. Two active workstreams are already underway: NIST’s National Cybersecurity Center of Excellence released a concept paper on AI agent identity and authorization covering identification, authorization, auditing, and controls to prevent prompt injection; and NIST’s Center for AI Standards and Innovation is holding sector‑specific listening sessions on barriers to AI adoption in finance, healthcare, and education. The core message is clear: without agreed‑upon standards for who agents are and what they may do, the agent economy cannot scale trustfully.
Financial Regulators’ Perspective on Agentic Payments
The IMF’s note on agentic payments pushes the conversation further, arguing that as AI agents shift payments from human‑initiated instructions to agent‑mediated decisions, traditional fraud models built on human behavioral patterns become ineffective. “Agents do not behave like humans and the models trained to detect anomalous human behavior cannot reliably flag anomalous agent behavior,” the note states. Consequently, regulators should evolve from KYC to Know Your Agent requirements, mandating verifiable identities for financial bots that are linked to legal entities. The note highlights two technical mechanisms that could satisfy these demands: tokenized authorization, which lets agents initiate transactions using preapproved payment methods without exposing underlying credentials, and cryptographic mandate frameworks that cryptographically bind agent‑initiated actions to verifiable scope, limits, and permitted conditions. By treating autonomous agents as part of critical digital infrastructure, policymakers aim to enforce robust governance and oversight comparable to that applied to banking systems or utilities.
Why Identity and Accountability Matter
Without the four KYA capabilities—identification, authorization, accountability, and continuous monitoring—distinguishing a legitimate commerce agent from a malicious bot impersonating one becomes impossible. The WEF article warns that the identity and accountability infrastructure built today will determine whether agentic commerce becomes a catalyst for global prosperity or a new frontier for unprecedented fraud. In practical terms, this means that suppliers, payment processors, and regulators must be able to cryptographically verify an agent’s pedigree, confirm that its actions stay within pre‑agreed boundaries, and retain an auditable trail that can be inspected in real time or post‑event. Only then can the speed and efficiency of AI‑driven transactions be trusted at scale.
The Path Forward: Collaboration Across Sectors
Achieving a trustworthy agentic ecosystem will require collaboration among technology firms, standards bodies, regulators, and end‑users. Industry consortia can drive the development of interoperable agent protocols, while open‑source communities can provide transparent reference implementations that anyone can audit. Simultaneously, agencies like NIST and the IMF must translate these technical standards into enforceable regulations—much as KYC rules were codified into banking law—ensuring that compliance is not optional but a baseline for participation in the agent economy. As the quoted WEF observation reminds us, “The agent-driven economy is no longer emerging.” It is already here, and the infrastructure we build now will shape its trajectory for decades to come.