Visa completed hundreds of AI agent-initiated transactions in 2025 and expects millions of consumers to use autonomous agents for purchases by the 2026 holiday season. That timeline is compelling on paper — but the infrastructure enterprise finance teams actually need is still being built.

The Most Common Misconception

Most executives assume that because payment rails exist, AI agents are ready to handle corporate financial decisions autonomously. They are not. Visa’s pilot numbers are real, but they describe structured tests inside controlled programmes — not enterprise-grade readiness. The trust protocols, liability frameworks, and compliance audit trails required for autonomous financial decision-making at corporate scale remain under active construction as of mid-2026.

The flawed logic runs like this: Visa processes billions of transactions daily, AI can plug into those rails, therefore AI agents can manage your company’s payments. That conclusion skips several unsolved problems.

What Research Actually Shows

Visa launched its Agentic Ready programme in Europe in March 2026, enrolling 21 issuing partners — including Barclays, HSBC UK, Banco Santander, Revolut, Commerzbank, and DZ Bank — according to Visa’s official announcement. The programme’s stated goal is to test how existing payment infrastructure handles AI-initiated transactions, which is precisely the point: banks are still in testing mode. Visa’s Trusted Agent Protocol, introduced in October 2025 alongside more than 10 partners, is an open framework designed to help merchants distinguish legitimate agents from malicious ones. Its existence confirms that the trust layer required for safe agentic commerce did not yet exist before last year.

500% Year-over-year increase in AI-enabled financial scams in 2025 — TRM Labs

AI-enabled financial scams increased roughly 500% year over year in 2025, according to TRM Labs, which also reported that illicit crypto volume reached $158 billion that year. Autonomous agents compress transaction timelines and redistribute accountability in ways current compliance frameworks were not built to handle. Deloitte’s financial services research, published in late 2025, flags centralised agent registries, role-based access controls, and human oversight checkpoints as requirements banks still need to implement before agentic payments operate safely at scale.

The liability question compounds this. At the ChargebackX 2025 conference, card scheme representatives stated that networks will not absorb liability for agent transactions they did not explicitly authorise. When an AI agent makes a purchase error, the customer disputes it, the issuer sides with the cardholder by default, and no party in the chain has clearly accepted responsibility, according to industry analysis published by Vendo Services.

FINRA’s 2026 Annual Regulatory Oversight Report puts financial services firms on direct notice: AI agents require company-wide governance frameworks that track logged outputs, enforce behavioural guardrails, and limit system access — standards most enterprise deployments have not yet met. A NASCUS analysis published in February 2026 further clarifies that as AI agents autonomously initiate and execute financial transactions, the legal line between human- and machine-initiated payments blurs in ways that existing consumer protection and compliance statutes were not written to resolve. Enterprise finance teams deploying agentic payment systems without audit-compliant logging risk violations of both FINRA oversight rules and GDPR data accountability requirements.

Key Takeaway: Payment rails exist. The trust, liability, and compliance infrastructure required to run autonomous AI transactions through them safely does not — not yet.

Where This Goes Wrong in Practice

Consider a mid-market procurement team deploying an AI agent to negotiate and pay supplier invoices autonomously. The agent operates within pre-set parameters, but an edge case triggers a $240,000 payment outside normal approval thresholds. Under current frameworks, the company owns that error entirely. No chargeback mechanism applies to B2B bank transfers the way it does to consumer card payments. The audit trail the agent creates may not meet FINRA or GDPR evidentiary standards, leaving compliance teams exposed.

A second scenario: a retail business integrates an AI shopping agent into its customer experience, allowing the agent to complete purchases on behalf of users. Visa’s controlled tests involved hundreds of transactions across a structured programme with named bank partners. Scaling to thousands of unvetted merchant integrations introduces fraud vectors the Trusted Agent Protocol is still being designed to close. Visa is building the standard; most merchants have not yet adopted it. According to the Gravitee State of AI Agent Security 2026 report,

80.9% of technical teams that have pushed AI agents into active testing or production — Gravitee
but only
14.4% of those agents went live with full security and IT approval — Gravitee
. That gap is especially dangerous when those agents carry payment authority.

What You Should Actually Do

Three steps apply now. First, map every payment workflow where an AI agent could act without human sign-off, and assign a named human owner to each one. Second, require any AI payment vendor to demonstrate audit-log outputs that satisfy your existing compliance framework — not a future one. Third, pilot agent-initiated payments in low-value, high-frequency categories — recurring SaaS subscriptions and small-ticket procurement — before touching anything that materially affects your balance sheet.

For deeper context on how the regulatory gap around agentic systems is forcing financial firms to make structural decisions before the rules are written, read how agentic AI is pushing fintech into regulatory gray zones. If you want to understand how infrastructure investment decisions map to this shift, the full analysis of AI as core fintech infrastructure covers what 80% of fintech firms are committing capital to — and why timing matters.

The Verdict

Believe the direction. Be sceptical of the timeline. Visa’s infrastructure work is real, and the 21-bank Agentic Ready programme represents genuine progress. But “hundreds of controlled transactions in a structured pilot” is not the same as “ready for your accounts payable workflow.” Companies that treat these pilots as proof of enterprise readiness will face liability gaps their legal teams have not priced in. The firms that move carefully now — defining scope, assigning accountability, and insisting on audit-compliant outputs — will scale faster once the standards harden. Watch Visa’s Trusted Agent Protocol adoption rate among merchants in Q3 and Q4 2026. That number will tell you when the infrastructure is genuinely ready — not the press releases.

Sources

  • Visa Agentic Ready Programme (March 2026)
  • Visa Trusted Agent Protocol (October 2025)
  • TRM Labs, AI-enabled Financial Scams Report (2025)
  • Deloitte, Financial Services AI Research (Late 2025)
  • ChargebackX 2025 Conference
  • Vendo Services, Industry Analysis on Payment Liability
  • FINRA’s 2026 Annual Regulatory Oversight Report
  • NASCUS Analysis (February 2026)
  • Gravitee State of AI Agent Security 2026 Report