Designing for Delegation: Payments Infrastructure, Policy, and the Age of Agents

Katie Suskind is Head of Policy at Adyen, where she leads the company’s global work on payments, banking, and emerging technology policy. Before joining Adyen, she worked on policy at Ribbit Capital and policy and GTM strategy at Plaid, and served on two U.S. Senate committees, focused on education and small business.

Karan Katyal is VP, Digital Commercial Strategy at Adyen, where he focuses on long-term strategy, evaluating emerging technologies, new offerings, new verticals, and strategic partnerships. Previously, he was a strategy consultant at Bain & Company and held roles in client management and institutional sales at Novus Partners and Deer Isle Capital. 

Payments have always been made by humans (and, occasionally, by others in the animal kingdom). The infrastructure, user experience, and regulation that govern how money moves were all built around the assumption that a person decides to pay and executes that decision.

That assumption is starting to change. Agentic commerce describes a new kind of transaction where digital agents act on behalf of people. Imagine having a hectic week and telling an app, “Order me easy groceries and schedule the delivery for when I get home at six.” You decided what you wanted (easy groceries) but delegated the task and terms of that transaction (which items, how to pay) to your agent, trusting it to act in your best interest, using information it already holds.

As consumer intent shifts into conversational interfaces and automation becomes more capable, payments infrastructure and policy must evolve together to support secure delegation without weakening the trust, control, and accountability that underpin commerce today. 

Agentic commerce may be new, but the concepts that will make it work are not. The same familiar building blocks that have long guided payment system design — authentication (identity), authorization (intent), and accountability (liability) — can serve as a framework for understanding how trust, control, and accountability carry forward into this new model. 

We don’t need to abandon the bones of today’s system, but rather extend them to cover  new constructs. Both technical and regulatory foundations already exist to manage these risks. Emerging standards are making agent-initiated payments identifiable and auditable. Meanwhile, established regulatory frameworks, like Strong Customer Authentication, Reg E, and Open Banking provide an existing policy basis that can be extended to agent interactions. Together, they offer a credible path to permit safe innovation. 

But First Things First — Is Agentic Commerce Real?

We think so. Consumer intent is moving into conversational environments where agents help people discover and select products. A growing share of commerce-related searches now begin inside AI-driven interfaces rather than traditional search engines. 

By 2029, an estimated $2.3 trillion in global gross merchandise volume could flow through agentic commerce channels, according to our own (Adyen’s) internal analysis. 

But the problems with agentic commerce are just as real as its rise. Some of that activity will inevitably involve fraud or error — especially as agents begin to make purchasing decisions on behalf of consumers. The challenge will be ensuring that systems built for human transactions can still authenticate the actor, verify specific authorization, and determine accountability when something goes wrong. That includes distinguishing trusted agents from malicious automation, identifying when verified agents act outside their expected behavior, and dealing with consumers who dispute legitimate purchases made by their agents — “friendly fraud.” 

As this ecosystem evolves, preserving merchant and consumer control and interoperability will be essential to preventing concentration risks and maintaining competitive, open markets as automation scales. Some agents will be chosen directly by consumers or merchants, while others will be embedded by platforms. Maintaining user control over how and which agents act on their behalf will be essential to sustaining trust and choice.

Technology Is Already Adapting

The technology building blocks of payment systems to manage authentication, authorization, and liability are already being reimagined for the agentic world. Card networks, wallets, and technology platforms are mapping these familiar concepts to digital agents, using new technical solutions to verify who an agent is, what it is permitted to do, and how accountability is enforced. 

Mastercard’s Know Your Agent (KYA) framework verifies and registers agents that initiate payments, similar to Know Your Customer rules. Visa is expanding dynamic tokenization to create a persistent identity layer that follows a shopper across cards, wallets, and devices. Google’s Agents-to-Payments (A2P) Protocol uses an Intent Mandate to define user rules and a Cart Mandate to confirm execution once those conditions are met.

A consensus is emerging on how to meet the three requirements for a good payments system in the agentic world:

• Authentication (Identity): A persistent token is a long-lived, cryptographically bound, pseudonymous identifier that replaces raw payment credentials and acts as a stable handle for shopper identity across purchases. It lets merchants recognize returning customers, support loyalty, and maintain continuity for stored payments without exposing PII. The same model can authenticate an agent acting for a user by issuing the agent its own long-lived, cryptographically verified token that links back to the user’s payment profile without revealing sensitive data. Through emerging KYA standards and agent registries, the agent’s identity and permissions are validated so it can operate only within approved limits.

• Authorization (Intent Mandate): Just as consumers authorize a payment today, agent-led transactions require a clear, auditable intent mandate that defines what the agent is permitted to do and under what limits. These mandates set the boundaries of delegated authority — such as categories, amounts, or timeframes — and serve as pre-approved spending rules that satisfy authorization standards.

• Accountability (Liability): Verified agents maintain unique identities and signed intent records that make every action traceable, showing who authorized a payment, when it occurred, and under what terms. These records create a continuous chain of evidence that supports traceability, auditability, and liability assignment.

Existing Regulation Can Incorporate These Components

Policymakers need to quickly update existing regulation — which still assumes only humans make payments — to support agentic commerce. Fortunately, they don’t need to start from scratch. They can extend the same principles of identity, intent, and liability in existing frameworks to a new participant in the system.

• Authentication: Existing authentication frameworks can expand to verify both users and agents acting on their behalf. In Europe, the Payment Services Regulation (PSR) could clarify how an agent’s identity is linked to a verified user through secure credentials, tokenized identities, or wallet-based verification. A single Strong Customer Authentication (SCA) event, completed through 3-D Secure or Secure Payment Confirmation, could establish that link and allow agents to operate within an authenticated relationship without repeating SCA for each transaction. In the United States, Section 1033 provides a foundation for delegated, credential-based access by allowing consumers to authorize third parties to retrieve or share data through secure interfaces. As the rule is finalized, references to “authorized third parties” could be broadened to include agents acting under verified consumer consent.

• Authorization: In the United Kingdom, the Variable Recurring Payments (VRP) framework already provides a working model for structured, revocable authorization. It allows consumers to grant approved third parties the ability to initiate payments within defined constraints for amount, frequency, or purpose, balancing user control with delegated flexibility. In the United States, the combination of Section 1033 and open banking frameworks already provides the legal scaffolding for granular, revocable consent — creating a consistent basis for agents to act within verified parameters.

• Accountability: Regulation E could clarify that payments made by verified agents within a consumer’s documented intent count as authorized for liability and error resolution. When agents act outside that scope, losses should rest with the accountable operator, such as the agent platform or its licensed partner, not the merchant, consumer, or bank. Regulation E already allows consumers to dispute unauthorized or incorrect transfers, and that standard could extend to cases where an agent misinterprets a user’s request. If a stored credit card is used, Regulation Z and network rules would apply, requiring issuers to determine whether the charge was authorized. Necessary data sharing will be important so that merchants, banks, and payment providers retain enough transaction data to process refunds, chargebacks, and disputes even when an agent initiates a payment. 

Regulation should evolve with the systems it oversees and promote consistency across all payment methods. When we modernize how we apply long-standing principles of authentication, authorization, and accountability, we preserve the trust that makes payments work while allowing technology to move at its natural speed.

The opinions shared in this article are the author’s own and do not reflect the views of any organization they are affiliated with.

Open Banker curates and shares policy perspectives in the evolving landscape of financial services for free.

If an idea matters, you’ll find it here. If you find an idea here, it matters. 

Interested in contributing to Open Banker? Send us an email at [email protected].

Last Time the Market Was This Expensive, Investors Waited 14 Years to Break Even

In 1999, the S&P 500 peaked. Then it took 14 years to gradually recover by 2013.

Today? Goldman Sachs sounds crazy forecasting 3% returns for 2024 to 2034.

But we’re currently seeing the highest price for the S&P 500 compared to earnings since the dot-com boom.

So, maybe that’s why they’re not alone; Vanguard projects about 5%.

In fact, now just about everything seems priced near all time highs. Equities, gold, crypto, etc.

But billionaires have long diversified a slice of their portfolios with one asset class that is poised to rebound.

It’s post war and contemporary art.

Sounds crazy, but over 70,000 investors have followed suit since 2019—with Masterworks.

You can invest in shares of artworks featuring Banksy, Basquiat, Picasso, and more.

24 exits later, results speak for themselves: net annualized returns like 14.6%, 17.6%, and 17.8%.*

My subscribers can skip the waitlist.

Skip waitlist

_{*Investing involves risk. Past performance is not indicative of future returns. Important Reg A disclosures: masterworks.com/cd.}