Two Stacks, One Problem: How TradFi and Crypto See the Agentic Payments Future Differently
Everyone agrees that AI agents will handle payments. Everyone agrees that "Know Your Agent" is the missing piece. But two completely different architectures are racing to build the accountability layer, and neither has the full answer yet.
The Convergence
Something unusual is happening in payments. Two worlds that rarely agree on anything are converging on the same conclusion at the same time.
Traditional Finance
Google, Mastercard, Visa, Stripe, and OpenAI are building protocols to let AI agents discover products, negotiate prices, and execute payments on behalf of humans.
Crypto
Blockchain developers are building on-chain identity registries, programmable wallets, and smart contract escrow systems for the same purpose.
Both sides have independently arrived at a shared insight: the missing primitive is identity. When an AI agent spends money on behalf of a person, someone needs to know who that agent is, what it was told to do, and who is accountable when it gets things wrong.
Know Your Agent (KYA)
The industry has given this idea a name: Know Your Agent, or KYA. James Jerselius, a governance and risk commentator, put the problem plainly in a widely circulated piece: payment providers are required to Know Your Customer today, but tomorrow they will need to Know Your Agent. He argues that current protocols solve how agents pay but leave unsolved the harder question of how to govern autonomous economic actors at scale.
Trulioo & PayOS
Published a formal KYA framework built around a "Digital Agent Passport."
Mastercard Agent Pay
Requires that only registered agents can transact, governed and traceable through network tokens.
Tomer Jordi Chaffer (SSRN)
"Know Your Agent: Governing AI Identity on the Agentic Web" — proposes identity verification, behavioural monitoring, and accountability mechanisms for decentralised AI agents.
The consensus is real. But beneath it lies a fault line. These two worlds agree on the problem. They disagree, fundamentally, on where the solution should live.
The TradFi Stack: Accountability as Overlay
The traditional finance approach to agentic payments follows a top-down architecture. Standards are defined at the protocol level, enforced by institutions, and layered onto existing payment rails. The Paypers, in its 2026 Money Movement analysis, describes this as a three-layer model:
The Discovery Layer
Defines product and catalogue standards optimised for agents, making it easier to search, compare, and evaluate offers.
The Checkout Layer
Sets technical and operational standards from product selection through purchase finalisation and consent capture. Two protocols dominate: Google's AP2 (supported by ~60 companies) and OpenAI and Stripe's ACP.
The Payment Layer
Establishes how to execute and process agent-initiated payments using existing methods and rails. Mastercard's Agent Pay and Visa's Trusted Agent Protocol operate here, alongside adaptations to dispute and liability models.
The mental model is extension: take the enormous installed base of card networks, account-to-account rails, KYC/AML frameworks, and authentication standards, then adapt them for a world where AI agents act as delegated proxies. Stripe describes the ACP logic as an AI agent carrying the buyer's identity, payment method, and purchase context into the transaction, while the human remains the accountable principal. Google's AP2 achieves accountability through cryptographic audit trails layered onto card rails. Mastercard's Verifiable Intent framework creates a tamper-proof record of the user's instructions that can serve as a legal basis in disputes.
Strength
Billions of card credentials already in circulation. PSD2 and Strong Customer Authentication frameworks exist. Dispute resolution and chargeback mechanisms are well understood. The TradFi stack works by building agent-aware accountability on top of infrastructure that already touches every merchant, every bank, and every consumer.
Weakness
These systems were built for humans. Authorisation flows assume a person decides to pay. Fraud models assume human behavioural patterns. Authentication mechanisms like 3D Secure confirm who the human is but say nothing about which agent acted on their behalf.
Fime put this starkly: "Who is liable for a faulty agent transaction? Is it the developer? The wallet issuer? The API provider? We are entering a legal fog where the old rules do not map."
Raj Venkatraman, a payments strategist, captured the necessary evolution: payments must move from credentials to identities, from transactions to permissions, and from after-the-fact controls to real-time, embedded governance. The question is whether that evolution can happen on top of legacy rails, or whether the foundation itself needs replacing.
The Crypto-Native Stack: Accountability as Infrastructure
The crypto approach starts from a different premise entirely. Rather than layering accountability onto existing systems, it embeds identity, delegation, and settlement rules directly into the protocol. A useful way to understand this architecture is through a five-layer payment stack model, built from the bottom up:
Layer 0: End Users and Transactions
The humans and businesses that ultimately initiate commercial activity and bear economic risk.
Layer 1: Payment Standards
Protocols and plugin providers (Open CryptoPay, emerging POS and online payment standards) that define how crypto-native payments interface with merchants. Fragmented, numerous, and still early-stage.
Layer 2: Payment Service Providers
Companies like BitPay and RocketFuel that aggregate payment processing, compliance, and merchant services. PSPs collaborate with payment standards and integrate wallets and blockchains.
Layer 3: Wallets
The interface layer (Ledger, Trust Wallet, Coinbase Wallet) where users and, increasingly, AI agents interact with the payment infrastructure. Wallets hold credentials, manage permissions, and serve as the identity anchor.
Layer 4: The Blockchain as Settlement Layer
The base infrastructure that records transactions immutably, executes smart contracts, and, in some implementations, anchors identity at the protocol level.
The strategic implication is directional: a blockchain that wants to participate in the agentic commerce economy should integrate broadly at the PSP and wallet layers rather than chase individual payment standards, because payment standards are fragmented and constantly emerging, while PSP and wallet partnerships compound across the entire ecosystem.
Strength: Programmability
Delegation rules can be encoded directly in smart contracts: spending limits, approved counterparties, transaction scopes, time-bound permissions, and automatic revocation. Settlement happens on-chain, eliminating batch processing and end-of-day cut-offs. Coinbase's Agentic Wallets (2026) give AI agents non-custodial wallets with programmable transaction limits, shifting the model from approving individual transactions to setting policies upfront.
Weakness: The Identity Gap
Most crypto infrastructure has no mechanism to link an agent's on-chain action back to a real-world accountable party. Blockeden identified three unresolved bottlenecks: identity, payments, and trust. On-chain AI agents exist in a "permissionless void," making it difficult to verify that another agent is legitimate, competent, or honest.
As one widely cited CryptoNews analysis concedes: "some folks in crypto argue that decentralized identity has failed to gain traction and that enterprises will default to centralized cloud credentials and private APIs."
ERC-8004 (agent identity registries) and ERC-8128 (signed HTTP requests binding identity to each interaction) represent the crypto world's emerging answer to KYA. As CoinGecko concludes: Big Tech favours closed, controlled systems, while crypto advances open, protocol-based models.
Two Stacks Compared
The following comparison distils the structural differences between the TradFi and crypto-native approaches across every critical dimension of agentic payments infrastructure.
The Regulatory Pressure from Both Sides
Regulators are applying pressure that neither stack, in its current form, can fully absorb.
Europe: Mandated Accountability
The EU AI Act classifies agentic payment systems as high-risk AI systems, requiring explainability, logging, human override, and robust governance. PSD3, expected to formalise delegated initiation and harmonise liability rules, may mandate "Agent-Ready APIs" by approximately 2027. MiCA already touches how autonomous agents can manage crypto-assets and stablecoins, implying that regulated issuers and CASPs will need identity and compliance controls compatible with agent-driven flows.
Osborne Clarke's legal analysis emphasises that agent-initiated payments remain fully subject to PSD2 and Strong Customer Authentication: the core legal questions are who is providing the payment service, who holds the customer's funds, and what constitutes valid authorisation when activities are delegated to an agent.
United Kingdom: Conduct Standards
The FCA is embedding AI oversight into existing conduct standards. David Geale, the FCA's Executive Director for Payments and Digital Finance, has stated that explainability and governance for AI models are "non-negotiable," particularly where decisions affect consumers or market integrity. The FCA's approach pins liability on existing accountable individuals under the Senior Managers and Certification Regime, meaning firms are directly responsible for the actions of autonomous AI, including third-party systems.
United States: Regulatory Vacuum
Regulatory guidance on agent liability for payment transactions does not yet exist. The CFPB and federal banking agencies have focused on model risk, fairness, and explainability rather than agentic payments specifically. This regulatory vacuum is widely cited as the primary blocker for enterprise-scale adoption.
The pattern is clear: regulators are converging on a requirement that every agent-initiated transaction must trace back to an accountable real-world entity. TradFi's advantage is that this accountability chain already exists through banking relationships. Crypto's challenge is that on-chain identity, where it exists at all, is typically pseudonymous and disconnected from the regulatory identity that supervisors demand.
What the Complete Stack Actually Requires
Neither approach is sufficient on its own. TradFi is building accountability as an overlay on systems designed for humans, adding new seams with every protocol adaptation. Crypto is building programmable infrastructure that lacks the identity layer regulators will demand. Each has what the other is missing.
The complete agentic payment stack — the one that satisfies both the programmability that machine-speed commerce requires and the accountability that regulators and consumers will insist upon — must combine several elements:
1
Programmable Settlement
Batch processing and end-of-day cut-offs are structurally incompatible with AI agents that operate continuously, execute microtransactions at volume, and expect real-time responses. On-chain or near-real-time settlement is a requirement, not a preference.
2
Protocol-Level Identity Anchored to Real-World Accountability
Agent identity cannot be an afterthought bolted onto payment rails that were designed before agents existed. It must be embedded in the infrastructure itself, cryptographically verifiable, and linked to real persons or entities in a way that regulators can audit and courts can enforce. This is the piece that most crypto infrastructure lacks and that TradFi is attempting to retrofit.
3
Programmable Delegation
The rules governing what an agent can do, how much it can spend, with whom it can transact, and under what conditions its authority expires must be encoded in the transaction layer itself — inspectable and enforceable at machine speed, rather than described in policy documents that the agent never reads.
4
Open Standards Rather Than Platform-Controlled Walled Gardens
If agent-initiated commerce flows exclusively through proprietary protocols controlled by a handful of AI platforms, the payments industry recreates the same concentration risk it has spent decades trying to avoid. OpenAI's reported plan to charge merchants a 4% fee for checkout through ChatGPT illustrates how quickly this can happen.
The Four Requirements at a Glance
The infrastructure that combines all four elements does not yet exist as a unified stack. But the architectural requirements are becoming clear.
Programmable Settlement
On-chain or near-real-time. Always on. No batch windows. Compatible with continuous, high-volume agent activity.
Protocol-Level Identity
Cryptographically verifiable. Linked to real-world accountable parties. Auditable by regulators. Enforceable by courts.
Programmable Delegation
Spending limits, approved counterparties, time-bound permissions, and automatic revocation — encoded in the transaction layer itself.
Open Standards
Protocol-based, not platform-controlled. Prevents concentration risk. Avoids recreating the walled gardens the industry has spent decades trying to dismantle.
The agentic commerce revolution will reward those who build at the intersection of these four requirements, rather than doubling down on one side of the fault line.
The Fault Line in Numbers
The structural gap between the two stacks can be seen in how each approach performs across the four requirements of the complete agentic payment stack.
The heatmap illustrates the complementary nature of the two stacks. TradFi scores strongly on regulatory fit and real-world accountability but lags on programmable settlement and open standards. Crypto-native infrastructure excels at programmability and delegation but has critical gaps in identity and regulatory compliance. Neither stack scores well across all six dimensions — which is precisely why convergence is inevitable.
The Question Every Builder Must Answer
The question for every payment infrastructure builder, whether from TradFi or crypto, is the same: are you building for a world where humans click buttons, or for a world where agents act on instructions? The answer determines everything about where identity, accountability, and trust should live in your stack.
The "Trustless Autonomy" paper on decentralised AI agents (arXiv, 2025) highlights a deeper paradox: the tension between trustlessness and unreliable autonomy. Decentralised identity and smart-contract constraints do not resolve accountability for emergent agent behaviour, because the agent is a learning system that may act in ways its constraints did not anticipate. Andreessen Horowitz's fintech team has noted that stablecoins, with their programmable capabilities, could be particularly suited for machine-to-machine transactions like microtransactions for data access or automated service procurement.
TradFi's Advantage
The accountability chain already exists through banking relationships. Billions of credentials in circulation. Regulatory frameworks in place. The challenge is retrofitting for agents.
Crypto's Advantage
Programmable settlement, encoded delegation, and open protocol design are native to the stack. The challenge is anchoring on-chain identity to real-world accountability.
The Intersection
The infrastructure that combines programmable settlement, protocol-level identity, encoded delegation, and open standards does not yet exist as a unified stack. But the architectural requirements are becoming clear — and the agentic commerce revolution will reward those who build there.
The convergence is real. Two worlds that rarely agree on anything have independently arrived at the same conclusion. The missing primitive is identity. The race to build the accountability layer is underway — and the winner will be whoever bridges the fault line first.