As the financial services sector evolves, experts are raising urgent concerns regarding compliance frameworks amid the rise of artificial intelligence (AI) and autonomous transaction agents. Nejc Korosec, Head of Compliance at Moneyhub, contends that traditional Know Your Customer (KYC) protocols, built on the assumption of human agency in financial transactions, are increasingly inadequate. The shift towards AI-driven, agent-based transactions raises fundamental questions about accountability and oversight, necessitating the development of a new compliance standard—Know Your Agent (KYA).
KYC has served as the cornerstone of compliance architecture for decades, relying on the verified identity of individuals acting with genuine intent. However, Korosec warns that a paradigm shift is underway where customers may no longer engage directly in transactions. Instead, they will delegate this authority to AI agents that autonomously negotiate and execute financial dealings on their behalf.
This transformation promises remarkable efficiency but poses significant compliance challenges. The crux of the issue lies in the absence of human oversight at the transaction level, leading to complications in ensuring that actions taken by AI agents align with the customers’ intent. Korosec emphasizes the need for KYA to complement KYC, extending the principles of identity verification and accountability to these new digital agents.
The challenge is exacerbated by the existing liability frameworks that struggle to address the complexities of AI-driven decision-making. In January 2026, FCA Executive Director Sheldon Mills reaffirmed that accountability under the Senior Managers and Certification Regime (SM&CR) extends to AI systems. Yet, as Korosec points out, the traditional model, which tracks human decisions, falters in a landscape where machines autonomously interpret and negotiate terms.
For instance, when a lending AI agent agrees to repayment terms that exceed a customer’s pre-approved limit, the current compliance frameworks offer no clear path for accountability. This liability vacuum leaves compliance teams without the ability to trace decisions back to a human judgment call, complicating enforcement and regulatory oversight.
The speed at which these transactions occur further complicates matters. Autonomous agent-to-agent transactions can execute in milliseconds, making it nearly impossible for compliance teams to address policy breaches before they cascade into further issues. Korosec argues that the financial sector must proactively build KYA frameworks to mitigate these risks before the agentic economy becomes the norm.
Implementing a KYA framework requires a nuanced approach that does not call for a complete overhaul of existing compliance structures. Instead, it necessitates extending current principles into new territory where verification and accountability must be rigorously maintained. Korosec suggests that each AI agent should carry a credential issued by the financial institution, detailing specific transaction types it is authorized to perform. This would create an auditable record, essential for establishing whether an agent has operated within its mandate.
However, verification alone is insufficient. Korosec stresses the importance of distinct separation between the reasoning and execution layers of AI systems. By ensuring that the execution of transactions adheres to predetermined limits—regardless of the reasoning behind an agent’s decision—financial institutions can ensure compliance and accountability. For high-stakes transactions or unanticipated scenarios, a human risk officer should retain final approval to ensure adherence to regulatory expectations.
At Moneyhub, the Smart Payments infrastructure exemplifies these principles. Built on Variable Recurring Payments, the platform hard-codes consent at the authorization stage, ensuring that transaction limits remain static and cannot be altered by the reasoning model. This safeguards against unauthorized movements of money, fostering a compliance environment that professionals can confidently endorse.
With 2030 approaching, a significant portion of commerce is projected to operate through autonomous agents. As this transformation unfolds, financial institutions that prioritize the establishment of verification and oversight frameworks today will be better positioned to navigate the complexities of the future. Korosec concludes that proactive adaptation is crucial; those who lay the groundwork for KYA now will set the benchmark for compliance in the evolving landscape of finance.
See also
OpenAI’s Rogue AI Safeguards: Decoding the 2025 Safety Revolution
US AI Developments in 2025 Set Stage for 2026 Compliance Challenges and Strategies
Trump Drafts Executive Order to Block State AI Regulations, Centralizing Authority Under Federal Control
California Court Rules AI Misuse Heightens Lawyer’s Responsibilities in Noland Case
Policymakers Urged to Establish Comprehensive Regulations for AI in Mental Health
