AI agents create identity crisis as autonomous systems transact without human oversight

Your AI opens a bank account for you. Who goes to jail if it lies?: By Moritz Cremer

Most people still view artificial intelligence through the lens of a chat box. We tend to think of AI as a glorified autocomplete tool: a helpful assistant that answers queries, drafts emails, or summarises long PDFs. This view is dangerously out of date. We have entered the era of agentic AI. Today, there are at least ten to twenty advanced AI models capable of doing virtually everything a human can do behind a computer screen. These systems do not just chat: they act. They can take virtual control of a user's operating system, navigate websites, move cursors, copy data, and click buttons exactly like a human sitting at a desk. Within the next three to five years, this will fundamentally dismantle how we interact with the digital economy. The era of manually logging into apps, navigating complex drop-down menus, and completing web forms is drawing to a close. Instead, the primary interface will shift to these LLM-Clients (Claude, ChatGPT, etc). We will simply instruct our AI: "Find me the best savings rate, open an account, and move my balance," or "Find a cheaper energy provider and switch my service." For the consumer, this sounds like an overdue digital utopia. For like banks, payment companies, and utilities, it is a compliance and identity nightmare. But even regular webshops will have to adjust when trying to take a slice of the agentic commerce cake that's building up on the horizon. The numbers behind this shift are staggering. Analysts at Morgan Stanley and Bain estimate that AI agents could drive 15 to 25 percent of US e-commerce by 2030, worth somewhere between 300 and 500 billion dollars. Faced with a prize of that size, most merchants will not wait to be found: they will begin directing their technical implementations and marketing efforts straight at AIs and agents, optimising their product feeds, APIs and checkout flows to be discovered and transacted by machines rather than by humans. We are hurtling towards an interface paradox. Building an interface that allows an AI client to read data is a simple technical task. But allowing a machine to independently execute actions on a human's behalf creates a monumental crisis of trust. Consider the foundational act of navigating the modern web. On virtually every website, users must explicitly click to accept terms and conditions, opt-in to trcking cookies, or consent to privacy policies. These simple clicks are, in the eyes of the law, regulated actions. They carry immense legal weight. Yet, when an AI agent autonomously navigates a site and clicks "I agree" to terms the human user has never seen, the entire legal concept of consent begins to unravel. If a business cannot definitively prove who authorised these actions, the digital economy faces a catastrophic vulnerability. Without a robust trust layer, we will see an explosion of disputes, unchecked data-harvesting, and a terrifying new reality: orphaned liability. When an AI makes an unauthorized financial commitment, shares sensitive medical data, or signs a binding contract (Yes, agreeing to terms and conditions in the checkbox is also a binding contract), who takes the fall? The developer who wrote the model? The business that accepted the automated click? Or the user who gave a vague verbal prompt over breakfast? To survive this shift, every business operating online must be able to answer four crucial questions the moment an AI agent attempts any regulated action: Our existing digital identity infrastructure is utterly unprepared for this. For two decades, we have focused exclusively on verifying the identity of a human sitting directly behind a screen. Now, we must solve a far more complex riddle: how to verify a machine acting on a human's behalf. The answer is not a complex new technological gimmick, but a digital reimagining of a highly successful legal tool: a Power of Attorney for AI (POAA). Just as a traditional power of attorney allows a trusted professional to sign documents and make decisions on your behalf, we urgently need an international, standardized framework that extends identity and authorization to autonomous systems. This requires three non-negotiable layers. First, what we can call a "Proof of Human": a high-assurance verification of the natural person behind the screen. Second, a "Proof of Authority", which is the scoped, signed mandate dictating exactly what the AI is permitted to do. Finally, a "Proof of Authenticity", creating an immutable audit log of who did what, and when, for the regulator's and audit eyes. Crucially, this transformation is not just external. The very operations of regulated businesses (risk assessments, compliance, and customer support) will increasingly rely on "internal AI twins". Yet, no sensible regulator will ever permit a financial institution to be fully automated from end to end. The successful AI-first organisation will not be defined merely by how much it automates, but by how cleanly it specifies the checkpoints where fresh, provable human authorisation is mandated. We are moving from a world where identity is about access to a world where identity is about delegation. The organisations thriving in this new era will be those that offer services that are fully accessible to AI customers, not forgetting that every machine-mediated action must be demonstrably authorised, have a strictly defined scope and be fully auditable. If we fail to build this trust framework today, the agentic AI revolution will stall. The bottleneck is no longer raw algorithmic capability, but basic systemic safety. Until we can verify who is pulling the strings behind the machine, we cannot afford to hand algorithms the keys to our digital lives.

Why It's Time to Know Your Agent | PYMNTS.com

That is the operating reality of agentic commerce today. AI agents are already transacting across retail, finance, travel and enterprise procurement at speeds no human oversight loop can match. The identity infrastructure that would allow any party to verify who an agent is, what it is authorized to do, and whether it is acting within sanctioned limits does not yet exist at scale. A World Economic Forum article written by Johnny Ayers, CEO of identity company Socure, argues that the agent-driven economy is no longer emerging. By Black Friday 2025, AI-driven traffic to U.S. retail sites had risen 805% year over year, with agents driving over $22 billion in global online sales. The global AI agents market, valued at $5.4 billion in 2024, is projected to reach $236 billion by 2034. The article argues this acceleration raises a fundamental question current trust infrastructure cannot answer: When a human is not the transacting party, how do we establish identity certainty? The article frames the answer as a Know Your Agent framework, building on the Know Your Customer model established during financial globalization in the 1970s. A functional KYA framework, the article says, hinges on four capabilities: establishing who and what the agent is, confirming what it is permitted to do, maintaining accountability for every action it takes, and continuously monitoring its behavior against approved parameters. The article warns that without these capabilities, distinguishing between a legitimate commerce agent and a malicious bot impersonating one becomes impossible. The identity and accountability infrastructure built today, the article argues, will determine whether agentic commerce becomes a catalyst for global prosperity or a new frontier for unprecedented fraud. The Standards Gap the Government Is Moving to Close A February announcement from NIST launched the AI Agent Standards Initiative to ensure the next generation of AI agents is widely adopted with confidence, can function securely on behalf of users, and can interoperate smoothly across the digital ecosystem. The announcement says that while agents can now work autonomously for hours across code, calendars and commerce, their real-world utility is constrained by their ability to interact with external systems. Absent confidence in agent reliability and interoperability, NIST warns that innovators face a fragmented ecosystem and stunted adoption. The initiative advances along three pillars: industry-led development of agent standards, community-led open-source protocol development, and research in AI agent security and identity. Two active workstreams are already underway. NIST's National Cybersecurity Center of Excellence published a concept paper on AI agent identity and authorization covering identification, authorization, auditing, and controls to prevent prompt injection. NIST's Center for AI Standards and Innovation is holding sector-specific listening sessions on barriers to AI adoption in finance, healthcare and education. The announcement's main point is that without standards for who agents are and what they are allowed to do, the agent economy cannot be trusted at scale. What Financial Regulators Are Demanding The IMF's note on agentic payments goes further than either the WEF article or the NIST initiative in naming what regulators specifically need to require. The note argues that as AI agents shift payments from human-initiated instructions to agent-mediated decisions, traditional fraud models built on human behavioral patterns become ineffective. Agents do not behave like humans and the models trained to detect anomalous human behavior cannot reliably flag anomalous agent behavior. The note calls for regulators to move from Know Your Customer to Know Your Agent requirements, with mandated verifiable identities for financial bots linked to legal entities. It points to tokenized authorization mechanisms that allow agents to initiate transactions using preapproved payment methods without accessing underlying credentials, and cryptographic mandate frameworks that bind agent-initiated actions to verifiable scope, limits and permitted conditions. The note frames this as a critical infrastructure problem. As autonomous AI agents become integrated into financial and public systems, policymakers increasingly view them as part of critical digital infrastructure requiring robust governance and oversight.