‘Know Your Agent’ is a Must When Autonomous Payments Can Be Fraudsters’ Entry Point
By Dan Holmes, VP of product planning & strategy at Feedzai
Simple Subscribe
Subscribe Now!
Artificial intelligence is gaining financial autonomy. As agents begin to transact on behalf of humans, early signs of this shift are appearing first in e-commerce and digital purchasing environments. Consumers can lean on AI agents to make purchases for them at speed and scale — but so can criminals.
Banks are not yet contending with widespread agent-initiated transactions, but the trajectory is clear. The behaviors emerging across the e-commerce space today are a signal of the agentic risks and benefits that financial institutions will soon need to manage.
Financial crime is no longer limited to human behavior, yet treating all automation as suspicious introduces friction and undermines legitimate opportunity. To be ready to protect customers while enabling progress, banks must develop a clearer comprehension of how autonomous agents behave.
The Bottom Line: As AI systems gain authority to transact, fraud prevention must evolve from stopping AI-assisted fraud to preparing for AI-executed fraud. That shift requires moving beyond blocking automation toward a “Know Your Agent” approach focused on continuously understanding how agents behave and when that behavior changes.
Identity alone is no longer sufficient to distinguish legitimate agents from malicious ones. Know Your Agent introduces a behavioral control layer designed for a world where AI does not just assist fraud, but may initiate it.
Need to Know:
- More than 50% of fraud now involves artificial intelligence, according to Feedzai’s 2025 AI Trends in Fraud and Financial Crime Prevention report.
- 92% of financial institutions report that criminals are already using GenAI, accelerating the scale and sophistication of scams.
- Deepfakes and AI-driven social engineering are proliferating, making traditional signals less reliable.
- Today, AI primarily supports fraudsters in researching, impersonating, and scaling attacks. Tomorrow, those same systems could be empowered to execute transactions autonomously.
How Agents Are Reshaping Everyday Commerce
AI agents are beginning to earn permissions to initiate payments, move funds, manage subscriptions, and optimize purchasing decisions on behalf of consumers and businesses. These systems operate continuously and at scale, executing financial actions that once required explicit human approval.
As delegation expands, transactions are no longer controlled solely by the account owner but by the systems empowered to act within the purchasing ecosystem.
This shift compresses decision timelines and increases exposure to fraud that unfolds at machine speed. Fraud decisions often need to be made in milliseconds, leaving little opportunity for post-transaction review or manual intervention without eroding the customer experience.
The evolving challenge: Fraud controls designed for human-initiated fraud struggle when machines transact autonomously.
The way forward for financial institutions:
- Identify where agent-initiated transactions are already occurring across channels and products.
- Evaluate whether existing fraud controls assume human initiation.
- Prioritize real-time risk assessment for irreversible financial actions.
- Align fraud strategy with emerging agent-driven customer behaviors.
Read more: Your Customers Will Blame You When Their Shopping Bots Go Rogue
Rethinking Automation as Suspicious Activity
For years, automated activity was treated as inherently suspicious. In an agent-driven environment, that approach creates blind spots. Legitimate agents and malicious ones can appear similar, particularly as criminals use AI to imitate trusted behavior.
Blanket blocking introduces friction, undermines customer experience, and squashes opportunity without addressing the underlying risk.
As GenAI lowers the barrier to sophisticated impersonation, static automation-based flags lose effectiveness. Malicious actors can replicate normal transaction patterns, making it difficult to distinguish intent based solely on surface-level signals. The focus must shift from whether an action is automated to how that automation behaves over time.
Why it matters: As AI enables fraudsters to better replicate real customer behavior, static rules become less effective at preventing financial crime.
Next steps for fraud fighters:
- Review strategies that automatically penalize non-human activity.
- Separate detection strategies for unauthorized automation versus authorized agents.
- Shift from one-time checks to behavior-based evaluation.
- Measure customer impact of automation-related friction.
Read more: The Identity Dilemma: How AI Blurs the Line Between Reality and Fraud
Why ‘Know Your Agent’ is the Way Forward
A Know Your Agent approach extends established risk principles into a new operating reality. Rather than relying solely on identity verification or static permissions, this approach emphasizes continuous understanding of how autonomous agents behave, what authority they exercise, and whether their actions align with expected outcomes.
An insidious risk: An agent may begin operating legitimately but change over time due to model drift, compromised credentials, or fraudster manipulation. One-time authorization cannot account for these dynamics. Continuous behavioral assessment allows banks to detect deviation early, before losses escalate.
Importantly, Know Your Agent complements existing identity and customer controls. Identity confirms who granted authority. Behavioral intelligence determines whether that authority is being exercised appropriately, consistently and safely as conditions change.
Key takeaway: Trust in autonomous systems must be earned continuously rather than assumed.
Best practices for implementing a “Know Your Agent” approach:
- Define expected behavioral baselines for authorized agents.
- Monitor deviations across transaction patterns, timing and outcomes.
- Correlate agent behavior with customer intent and historical norms.
- Establish escalation paths when agent behavior changes materially.
Read more: How the Marriage of Open Banking and Payments Will Change Everything
The New Fraud Prevention Paradigm
Agent-driven fraud operates at machine speed, leaving little margin for delayed response. Effective prevention requires real-time intelligence capable of evaluating context, behavior and risk within fractions of a second. Systems must act before transactions complete, not after losses are recorded.
Human judgment remains essential alongside automation. Analysts provide oversight, context and ethical governance, particularly when new or ambiguous behaviors emerge. The strongest fraud programs combine machine intelligence and speed with human expertise for interpretation and control.
Finding the right balance: The strongest defenses combine machine speed with human insight.
How to excel in the next phase of fraud prevention:
- Invest in real-time, behavior-driven fraud detection.
- Integrate analyst feedback into model learning loops.
- Design workflows that support rapid escalation and intervention.
- Align fraud prevention with long-term customer trust, not short-term blocking.
AI will continue to reshape how we transact and shop, and fraud will evolve alongside it. As agentic commerce becomes more mainstream, banks must not resist automation but instead deepen their collective understanding of its applications to adapt to changing consumer behavior.
As autonomous agents gain a greater role in financial activity, Know Your Agent is becoming a necessary foundation for managing risk while maintaining trust and minimizing unnecessary friction. The window to adapt is narrowing, and financial institutions need to move quickly to prepare for the agentic era.
Read next: Does Your Bank Belong in Stablecoins, Tokenized Deposits … or Both?
