KYC is dead, the Agent economy is rewriting the underlying financial regulation

Core Viewpoint

1. A Scenario: Your Agent Helps You Plan a Two-Week Deep Dive Trip to Europe

During the Spring Festival, OpenClaw shrimp farming became very popular. Its essence is actually an open-source AI Agent that can autonomously execute tasks in an infinite loop (I also wrote an article titled "The Blame for OpenClaw Ultimately Lies with AI People," just as the past DeepSeek's complaint about blindly following trends is a major source of consumption for contemporary AI practitioners). Fu Sheng from Cheetah built 8 Agents to work for him, sending New Year greetings to 611 people, producing 6 public account articles, and creating a short video that garnered 300,000 views — all for a total cost of less than 50 yuan.

These are essentially simple tasks generated once. But if you tell your Agent tonight:

"Help me arrange a two-week deep dive trip to Europe next month. Enter Paris and exit Zurich, and I want to see an opera in Milan and hike in the Alps for two days. Book flights, trains, hotels, the opera tickets, and a hiking guide, with a total budget of 30,000 yuan."

It sounds like the future — you sleep, the Agent works, and when you wake up, everything is ready.

But actually, it dies at the third step.

Let’s look at the problems that Agents will actually encounter:

In the first step, buying a ticket from Hong Kong to Paris. The Agent selects a good flight from Cathay Pacific and prepares to pay. The airline's system pops up a dialog box: 3D Secure verification, please enter the SMS verification code sent to your phone. The phone is not unlocked, and the Agent cannot read the SMS; you are asleep, and this transaction dies here.

In the second step, assuming you authorized the Agent to use your card the next day, and 3DS goes through. The Agent then books the flight from Paris to Milan, the train from Milan to Zurich, and the flight back from Zurich. Three countries, four currencies (RMB, Euro, Swiss Franc, Hong Kong Dollar), and five different payment systems. Each anti-fraud model will see: "This card has been used in four countries and five airlines/rail companies within five minutes — this is high-risk fraudulent behavior." Your card is frozen.

In the third step, assuming the card is not frozen. The Agent wants to book tickets for the opera in Milan. The La Scala opera house's ticketing system is a small local agency, and its KYC system only accepts local Italian credit cards or bank accounts within the EU — your Chinese credit card cannot go through. The Agent tries to bypass this using a Stripe international card, which is approved, but La Scala's system says, "Your billing address does not match the card's issuing country, please provide identification." The Agent has no identity.

In the fourth step, for the hiking guide. You want a small independent studio in the Alps, and their payment method is a transfer from a local Swiss bank account — they do not accept credit cards at all. The Agent wants to pay with stablecoins, but the studio does not accept cryptocurrencies. This route is also dead.

In the fifth step, assuming you compromised and only let the Agent book the flights and hotels, handling the hiking and opera yourself. The Agent prepares to pay, but it needs to produce a tax reconciliation statement for all transactions related to this trip — EU VAT refunds, Hong Kong tax exemptions, and accommodation taxes in Italy and Switzerland need to be calculated separately. The Agent does not know who to consult for this tax — traditional accounting software does not accept the Agent's API, and the tax authority does not have a category for "Agent tax reporting."

In the sixth step, you check and find that the Agent booked you a remote hotel in Milan. You want a refund, and the bank asks, "Did you authorize this?" You say, "It was booked by the Agent, not me." The bank asks, "Did you authorize the Agent to use your card?" You say, "I authorized it to book a hotel, but I didn't specify this one." This chain of responsibility is broken — the Agent platform says, "I am just a tool," the hotel says, "I only see a normal order," and the bank says, "I only see a normal authorization." No one can refund you.

Every link in this scenario is a failure point of traditional payment infrastructure in the Agent era.

It is not that a specific link has a bug — the underlying assumptions of the entire infrastructure are no longer valid.

Understanding this is the core of this article. The Agent economy is not "traditional payments with an AI button"; it is an entire layer of economic infrastructure that needs to be rebuilt.

And the 288 updates from Stripe Sessions 2026 are essentially paving the way for this.

2. The True Weight of Patrick Collison's Statement

Patrick Collison said at Sessions 2026:

"AI is the biggest platform shift for the economy since the internet, and in the not-too-distant future agents will account for most transactions online."

I quoted this statement in the first article. In this article, I want to elaborate on it — because the true weight of this statement is easily underestimated.

Many people read this statement and assume its meaning is "AI will make payments more convenient." This is wrong. What this statement is really saying is: economic decision-making power is, for the first time, partially handed over from humans to machines.

Let me break this down.

What the internet has done over the past 50 years is digitize the "flow of information" —

Communication has changed from letters to email
Reading has changed from newspapers to websites
Video has changed from television to streaming
Social interaction has changed from face-to-face to WeChat

But there is one thing the internet has not done: it has not digitized "economic decision-making power." All economic decisions — what to buy, how much to pay, when to pay, who to pay — have always been in human hands.

The evolution of payment infrastructure over the past 50 years (credit cards → online banking → mobile payments → QR code payments) has been about making "humans make economic decisions" more convenient. But the decision-making subject has always been humans.

The Agent economy represents a paradigm shift: it begins to delegate part of the "economic decision-making" process to machines.

When you tell the Agent, "Help me book a two-week deep dive trip to Europe, with a budget of 30,000," — you are making a decision at the intent level (I want to go to Europe, I have a budget of 30,000). But all execution-level decisions (which day to buy tickets, which hotel to book, which train route to choose, how much tax to pay) are made autonomously by the Agent.

This is what Patrick means by "the biggest platform shift since the internet" — it is not a shift in technology, but a shift in economic decision-making power.

For the first time in human history, economic decision-making power is being transferred on a large scale and systematically from humans to a non-human entity.

The implications of this go far beyond "payments becoming more convenient."

It means that the underlying assumptions of the entire financial regulatory framework need to be rewritten. Because the financial regulations of the past 200 years (from 19th-century banking laws to 21st-century anti-money laundering frameworks) have all been based on the assumption that "economic decisions are made by humans."

When the initiator of economic decisions becomes an Agent, this assumption no longer holds.

3. The Agent Economy is Not One Thing, But Three Forms

At this point, I must clarify one thing — the "Agent economy" is not one thing, but three completely different forms.

Confusing them will prevent you from seeing what Stripe is doing.

Form One: Consumer Proxy (B2C Proxy)

Agents help people buy things. The European trip mentioned at the beginning is this form — the user gives the Agent an intent, and the Agent completes multi-step purchase decisions and payments on behalf of the user.

Characteristics:

Amount: tens to thousands of dollars
Frequency: several times a day
Responsibility Chain: user - Agent platform - merchant
Typical Scenarios: booking flights and hotels, buying clothes, ordering takeout, reserving restaurants

This is the form that the public is most aware of, and it is also the entry point that giants like OpenAI, Google, Meta, Honor, Doubao, and Qianwen are competing for.

Form Two: API Micropayments (M2M Micropayments)

Agents pay each other. This form is outside the view of ordinary people, but it will have the highest frequency and largest scale in the future.

For example: your research Agent needs to write a report; it needs to call a search Agent for data, call a translation Agent to process foreign materials, and call a generation Agent to create charts. Each call is a micropayment — it may be a fraction of a cent, but it could happen thousands of times in a second.

Characteristics:

Amount: a few cents to a few dollars
Frequency: thousands of times per second
Responsibility Chain: Agent A - Agent B (with no humans in between)
Typical Scenarios: API calls, model inference services, data asset exchanges

This form cannot be handled by traditional payment systems at all — a transaction of a fraction of a cent incurs a fixed fee of $0.30 on the Visa network, making the cost of a single transaction hundreds of times higher than the transaction amount itself.

This is why Stripe is developing Tempo (a self-built payment blockchain) and why it is integrating Coinbase's x402 — only on-chain settlements with stablecoins can support this "sub-cent, nanosecond-level" micropayment.

CZ (Changpeng Zhao), the founder of Binance, made a bold statement last year at the University of Hong Kong, explaining this more plainly — "AI buying coffee from each other for $0.01, traditional banks find it troublesome, blockchain settles instantly with zero fees." This is not a technical imagination; it is the real form of the AI economy that is coming: when the frequency of machine-to-machine transactions is so high that traditional payment systems cannot bear the fixed costs, stablecoins will become the only viable track.

Form Three: Merchant Automation (B2B Automation)

Corporate Agents help companies manage money. This is the largest, least glamorous, but most profitable form.

For example: a global e-commerce company has an inventory management Agent that monitors stock in global warehouses, finds that the Southeast Asia warehouse needs restocking, and automatically negotiates contracts with suppliers, places purchase orders, makes payments, reconciles accounts, and reports taxes — all without human intervention.

Characteristics:

Amount: tens of thousands to millions of dollars
Frequency: dozens to hundreds of times a week
Responsibility Chain: enterprise - Agent - supplier - bank - tax authority
Typical Scenarios: supply chain procurement, cross-border settlement, financial automation, foreign exchange hedging

This layer introduces a new concept called Agentic Treasury — enterprises delegate all financial management authority to Agents; managing stablecoin positions, optimizing cash flow, automatically hedging foreign exchange, and cross-border settlements. This is the direction Stripe is directly paving through the acquisition of Bridge (cross-border stablecoin) + Privy (embedded wallet) + Tempo (payment blockchain).

The 288 updates from Stripe Sessions 2026 are, in fact, paving the way for these three forms:

Issuing for Agents, Link Agent Wallet, ACP → serving B2C
MPP, x402, Tempo → serving M2M
Agentic Commerce Suite, Bridge, Privy → serving B2B

It must walk on all three legs simultaneously because in the future, these three forms will appear simultaneously in the same transaction — your research Agent (M2M calling APIs) helps the company (B2B Treasury) conduct market analysis and then helps you (B2C) book a celebratory dinner. Stripe must have native support in all forms.

4. Why KYC Will Completely Fail in the Agent Era

At this point, we can discuss a truly hardcore issue — KYC.

KYC (Know Your Customer) has been the core of the global anti-money laundering framework for the past 30 years. Every account opening, every large transfer, every cross-border payment must go through KYC — verifying "are you who you say you are," verifying "is your money clean," and verifying "are you on the sanctions list."

This system is built on three underlying assumptions. All three assumptions fail in the Agent economy.

Assumption One: Customers are humans, and humans have indivisible identities.

Human identity is physical — a face, a DNA, a birth certificate, an ID number. The essence of KYC is to bind the "financial account" to "this unique physical person."

The Agent economy breaks this: Agents are software. They can be cloned, split, shared among multiple people, and run different instances on multiple Agent platforms simultaneously.

I run an Agent to help me book travel, and you run an Agent to help you book travel — these two Agents may be the same open-source model + the same prompt template, just with different configurations. Where can they be "separated"? What is their "identity"?

In more extreme cases: one Agent can temporarily call another Agent to complete a step during its operation — which Agent initiated the transaction at that time?

The KYC assumption of "unique physical identity" does not hold for Agents.

Assumption Two: Humans can be fully responsible for their actions.

Legal and regulatory assumptions: If a transaction goes wrong, the human subject can be held accountable, sued, or bear responsibility.

The Agent economy breaks this: Who is responsible when an Agent makes a mistake?

The user? — But the user only gave a vague instruction "help me book a trip to Europe," and the detailed decisions were not made by the user.
The developer? — But the developer only wrote the general Agent framework; what prompt is run is not controlled by the developer.
The model company? — But the model company only provides the underlying capabilities; how the Agent uses the model is not something it can manage.
The platform? — But the platform only provides the environment for the Agent to run.
The merchant? — But the merchant only fulfills the order.

This is a distributed chain of responsibility. The traditional single-subject accountability framework completely fails.

California's AB 316 law, signed in October 2025 and effective January 1, 2026, has drawn the first line on this issue at the legal level — it blocks a specific defense: defendants (not limited to commercial entities, including individuals) who develop, modify, or use AI cannot use "AI autonomously causing harm" as a defense. The law does not create new liabilities but clearly tells all Agent deployers: you cannot hide behind AI autonomy. The true intention of this law is to designate a legally meaningful "defendant" within the distributed chain of responsibility.

However, this legal-level forced designation is only a transitional solution. The real solution requires cryptographic evidence of the chain of responsibility — this is what KYA aims to achieve.

Assumption Three: Authorization is discrete and one-time.

Traditional authorization is "I press the confirm button now, I authorize this transaction." One press = one authorization = one transaction.

The Agent economy breaks this: you tell the Agent, "From now on, transfer 2,000 yuan to mom every month, and ask me if she has a large expense" — this is a long-term, conditional, delegable, and branching authorization.

Traditional payment systems do not know how to handle this authorization structure. They can only handle two states: authorized / unauthorized. They cannot handle structured authorizations like "authorize under condition X, do not authorize under condition Y, come back to ask me under condition Z."

All three of these assumptions fail. Therefore, KYC must evolve into KYA.

5. What is KYA: Five Layers of New Infrastructure

KYA (Know Your Agent) is not a product; it is a collection of new infrastructure. It includes at least five layers.

Layer One: Agent Identity Layer (Verifiable Credential)

Every Agent must have a cryptographically verifiable identity credential before being deployed in financial scenarios — it includes:

The issuer of this Agent (developer/company)
The version number of this Agent
The scope of authority of this Agent
The mission of this Agent (what it is used for)

This credential is cryptographically signed, tamper-proof, and verifiable by any participant.

Analogy: This is like the Agent's "birth certificate + business license."

Layer Two: Authorization Scope Layer (Mandate)

The authorization given to the Agent by the user must be cryptographically locked within boundaries —

Single transaction amount limit
Cumulative amount limit
Valid time window
Which merchants can be paid (whitelist)
Which merchants cannot be paid (blacklist)
Under what conditions the Agent needs to come back and ask the user

Google's AP2 protocol refers to this as Mandate; it has three types:

Intent Mandate (intent authorization) — "Help me book a trip to Europe, budget 30,000."
Cart Mandate (shopping cart authorization) — "I agree to this specific order."
Payment Mandate (payment authorization) — "I agree to this specific payment."

These three layers of Mandate form a complete authorization chain. Any transaction can be traced back to an original intent signed by the user.

Layer Three: Intent Signature Layer (Intent Verification)

Every transaction must prove "this transaction is consistent with the user's original intent" —

If the user says "book a 4-star hotel," and the Agent books a 5-star → intent inconsistent, transaction invalid.
If the user says "budget 30,000," and the Agent spends 35,000 → intent inconsistent, transaction invalid.
If the user says "from Paris to Zurich," and the Agent books from Paris to Berlin → intent inconsistent, transaction invalid.

This layer is done through cryptographic comparison — user Intent signature vs. Agent's actual execution signature; either party can verify afterward whether "this transaction was executed in compliance."

(Cryptography is really interesting; I had Claude write a cryptographic tarot sandbox, and I will share it with everyone another day.)

Layer Four: Accountability Chain Audit Layer (Accountability Chain)

The complete chain of each transaction must be traceable —

Who is the initiator (user)
Who authorized it (user's Mandate signature)
Who executed it (Agent's identity credential)
Who settled it (payment protocol)
Who fulfilled it (merchant)

Each step has a cryptographic signature. No party can deny their role afterward — this is called "non-repudiation" in cryptography.

Layer Five: Credit Rating Layer (Agent Trust Rating)

This layer is a new concept that will emerge in 2026 — a dynamic credit score based on the historical behavior of the Agent.

Traditional KYC is static: your credit score mainly looks at your past (repayment records, income proof).

Agent Trust Rating is dynamic: how many transactions this Agent has executed in the past, how many have gone wrong, how many have been disputed by users, how many have been flagged by anti-money laundering systems — this data is aggregated in real-time into a credit score, determining the limits and permissions this Agent can obtain in the next transaction.

The essence of this layer is to extend "credit scoring" from "human credit" to "Agent credit."

Ant Group has been doing "human credit" (including small and micro) for over a decade. As a former participant, I have reason to believe: it is likely to extend to the Agent credit layer in the Agent era — expanding "credit scores" from "humans" to "Agents," allowing each Agent to have a verifiable credit record, which is its most likely next step on the path to internationalization.

However, I have not seen Ant publicly disclose specific Agent credit rating products, and I invite Ant colleagues to supplement some publicly available information.

These five layers together constitute KYA.

It is not a product; it is a new foundation for financial infrastructure.

Google's AP2, Stripe's ACP, Coinbase's x402 — they all operate within these five layers, just with different emphases.

6. The Distributed Nature of the Chain of Responsibility — Why the Agent Economy Must Have "Full-Stack Players"

After discussing the five layers of KYA, we should have realized one thing —

The chain of responsibility in the Agent economy is structurally completely different from that in the traditional economy.

The chain of responsibility in the traditional economy is linear:

User → Bank → Merchant

Three parties, each responsible for their part. When issues arise, the dispute chain is simple.

The chain of responsibility in the Agent economy is networked:

User → Agent platform (developer) → Model company → Payment protocol → Bank → Merchant simultaneously: Agents may also call other Agents → introducing more platforms + more model companies

Each transaction involves 5-7 entities, each bearing partial responsibility.

What is the real implication of this?

It means that only one type of company can become "infrastructure" — that is, a company that operates from the protocol layer to the settlement layer in a full-stack manner.

The reason is: only full-stack players can provide a complete evidence chain to regulators/legal entities/users afterward.

For example: if an Agent transaction goes wrong, and the user wants to assert their rights. They go to court, and the court asks, "What is your evidence?"

If Stripe is a full-stack player, it can provide: the user's Intent Mandate signature + Agent's identity credential + complete audit chain of the transaction + merchant's fulfillment record — a complete cryptographic evidence chain.
If it is a patchwork of different companies (identity layer done by Google, authorization layer done by Visa, settlement layer done by Coinbase, merchant layer done by Shopify) — the user has to go to each company separately for evidence, and the formats may not be compatible.

This is why Stripe must be full-stack, why Visa is pursuing it, why Google is pursuing it, and why Ant cannot afford to be absent from this battle.

It is not a matter of commercial ambition. The structural characteristics of the chain of responsibility in the Agent economy require "full-stack infrastructure."

California's AB 316 law has legally blocked the defense of "AI autonomously causing harm" — this is a top-down designation of responsibility.

The five layers of KYA provide bottom-up evidence of responsibility.

These two things must complement each other — the law designates the defendant, and cryptography provides evidence. Only full-stack players can do both simultaneously.

7. So When Will All This Really Happen?

Having discussed the structure, let's talk about timing.

Many people will ask, "The Agent economy sounds very sci-fi; when will this actually happen?"

I monitor the external call data of our trading platform's official MCP/Skills/CLI every day. In fact, transaction types are basically in single digits, with most still being information/data/research interfaces. Even though we have implemented sub-account isolation to make Agent autonomous trading risk controllable, it still seems a bit far from today's perspective.

But when I look up at the changes happening in the outside world, this judgment seems very close: 3-5 years.

The reason is as follows:

2026 is the period for protocol stabilization.

AP2 has been released (Google + 60 partners)
ACP has been adopted by OpenAI / Microsoft / Meta
x402 has been implemented at Coinbase
Stripe Sessions 2026 has rolled out 288 updates at once
Mainstream players are all in position

2027-2028 will be the period for infrastructure deployment.

Agent wallets (Link Agent Wallet, Privy) will be deployed at scale — in fact, within our company, two different product managers from different business lines are actively promoting the implementation of Agent Wallet.
The KYA system will begin to enter enterprise-level adoption.
Regulatory frameworks in various countries will start to take shape (from local laws like California's AB 316 to federal levels and extensions of the EU AI Act).
Agentic Treasury will begin piloting in leading enterprises.

2029-2030 will be the period for large-scale adoption.

Consumer proxy Agents will enter the mainstream (ordinary users will use Agents to complete multi-step purchases).
Enterprise Agents will enter mainstream financial processes (inventory, procurement, reconciliation, tax reporting).
M2M micropayments will become the default settlement method in the API economy.

By 2030, the proportion of transactions initiated by Agents in online transactions may exceed 30% — this is a conservative estimate. An aggressive estimate is over 50%.

According to industry estimates, the global Agent proxy business market is expected to reach $28 billion by 2030, with a compound annual growth rate of 46%.

This is the future Stripe is betting on.

It is not something that will happen in 5-10 years; it is something that must have its infrastructure laid out within 3-5 years. Those who lay it out a year earlier will gain the discourse power for the next 30 years.

Those who lay it out a year later will become users of the infrastructure rather than definers of the infrastructure.

Next: How Stripe plans to realize this future.

In the first article, we discussed Stripe's genes — it has never been a payment company since day one; it is an economic infrastructure company.

In this article, we discussed the future Stripe is betting on — the Agent economy is not "AI helping people pay," but a paradigm shift in economic decision-making power that requires the entire new infrastructure of KYA to support it.

In the third article, we will connect the genes and the future — breaking down how Stripe actually implements all of this.

Among those 288 updates, the truly important parts are five interlocking products: