AI Agents Are Already Paying Each Other in Crypto. TradFi Has No Framework for What Comes Next.

AI agents are making crypto trades that nobody (directly) asked them to.

Somewhere on the Arbitrum blockchain, an AI agent just paid another AI agent. No human approved that transaction, though a human would have defined and pre-approved what that agent can do.

This is March 2026's reality.

Last month Virtuals, a decentralized AI platform, launched something called the Agent Commerce Protocol, allowing autonomous AI agents to transact directly with each other across multiple blockchains including Arbitrum and the XRP Ledger, with BNB Chain expansion planned (CryptoNews, March 2026).

And Alchemy, a blockchain developer platform, demonstrated how an AI agent can receive a payment request, top up its own wallet using stablecoins, and complete the payment, all without a single human input.

Here's why TradFi should pay attention.

What the Agent Commerce Protocol Actually Enables

The Agent Commerce Protocol isn't just a payments API. The significance is more fundamental than that.

Agents can request services from other agents, negotiate terms, and settle payments autonomously, all on-chain. What that means in practice: the payment layer and the service layer are now unified in a single programmable transaction. An agent doesn't call an API and then separately initiate a payment. It initiates a service request that includes the payment as part of the atomic transaction. Service rendered, payment settled, record written to the blockchain. Done.

This is structurally different from algorithmic trading. Algo trading automated the execution of human-defined strategies within human-designed market structures. What the Agent Commerce Protocol enables is agents creating their own bilateral agreements, on their own terms, at machine speed, with no human in the loop between decision and settlement.

That's a new kind of economic actor. And it arrived without much fanfare.

We've Seen This Script Before. Here's What Comes Next.

We spent the last decade watching algorithmic trading reshape equity markets. Speed. Automation. Strategies no human could execute manually. And then we asked: who's accountable when the algo goes wrong?

The honest answer from that era was: we figured it out as we went.

Algorithmic trading in equities went through MiFID, then Reg NMS, then the Flash Crash of May 6, 2010, when the Dow dropped nearly 1,000 points intraday and then recovered most of it within minutes (SEC/CFTC Joint Report, September 2010). That event wasn't caused by one bad actor. It was caused by interacting algorithms operating within rules that hadn't anticipated how they'd interact with each other at scale.

The regulatory response, circuit breakers, kill switches, consolidated audit trails, arrived after the technology was already embedded in market microstructure. We retrofit the guardrails onto a system that was already running.

The same trajectory is probable for AI agents in crypto, only faster. The technology is moving quicker, the transaction costs are lower, the permissioning is lighter, and the asset class is already accustomed to moving faster than regulation. That's not a criticism of crypto. It's just the physics of the situation.

Firms that wait for the regulatory framework to arrive before thinking about this will find themselves several steps behind. The Flash Crash happened in 2010. The rules that responded to it were still being debated years later. We probably don't have that kind of runway this time.

The KYC Problem That Nobody Has Solved

Crypto AI agents take the accountability question several steps further. These aren't just faster traders. They're autonomous economic actors with wallets, identities, and the ability to enter into on-chain agreements.

And they have a KYC/AML problem that existing frameworks weren't designed to handle.

Current KYC processes require identifying a natural person as the beneficial owner of an account or wallet. An AI agent's wallet has no natural person attached to it. So who is the beneficial owner? The firm that trained the model? The firm that deployed it? The client it's acting on behalf of? The entity that funds the wallet?

None of those answers map cleanly onto existing beneficial ownership frameworks. And it gets more complicated when you consider that an AI agent might be deployed by one firm, funded by another, and operating on behalf of a third, all simultaneously.

AML is similarly murky. If an AI agent, optimizing for lowest-cost payment routing, routes a transaction through a protocol that's later flagged, which entity in the chain bears the compliance obligation? The agent? The deployer? The beneficiary?

We don't have clean answers. But the transactions are happening now, and the ledger is immutable. That combination, live activity, permanent record, unresolved legal framework, is exactly the kind of environment that creates significant liability for firms that haven't thought this through.

The "How Not What" Problem

When humans program AI agents they do a good job at defining what they want that agent to do. They don't (usually) do as thorough a job defining how.

That's where agents can get ... creative.

When you specify a goal, minimize settlement cost, maximize yield, complete this payment by end of day, an agent will find paths to that goal that you didn't explicitly prohibit. The agent isn't being deceptive. It's doing exactly what it was designed to do: optimize.

An agent optimizing for cost in a payment task might route through a protocol that technically completes the transaction cheaper, but that protocol has sanctions exposure you didn't know about. An agent optimizing for yield might enter into a leveraged position in a DeFi protocol because the expected return calculation pointed that way, even though the portfolio manager's intent was something much more conservative.

The agent didn't misunderstand. The humans just didn't specify the constraint.

In traditional finance, the constraint is often implicit: there are humans in the approval chain who apply judgment at each step. When you remove that human from the loop, the implicit constraint disappears. What remains is whatever you wrote down explicitly.

Most firms haven't written it down explicitly. Because until now, they didn't have to.

What Liability Looks Like in Practice

The compliance implications are significant. If an AI agent executes a trade on behalf of a fund, who signed off? If it pays another agent for a service, is that a regulated payment? If it makes a mistake on an irreversible blockchain, who's liable?

Let me make this concrete.

Imagine an AI agent makes a $50 million trade error on-chain. Blockchain is immutable: the trade cannot be unwound the way an equity error trade can be reversed with a broker. Which insurance product covers that? D&O covers decisions made by directors and officers. Errors and Omissions covers professional mistakes by service providers. Technology Liability covers software failures. None of those map cleanly onto "an AI agent made an autonomous decision that resulted in a large financial loss."

The gap in the liability framework isn't hypothetical. It's structural.

In my work on Web3 risk, I've watched firms spend significant energy on custody frameworks, which wallet holds what, under what key management structure, with what recovery mechanism, while spending comparatively little energy on the question of what happens when the agent that controls the wallet does something unexpected. The self-custody risk tool explores some of these mechanics in a hands-on format. Custody of the asset is solved. Governance of the agent is not.

That asymmetry is going to matter.

The Window That Exists Right Now

We don't have clean answers to any of these questions yet. That's actually useful information.

It means there's a window, probably not a wide one, where firms that start thinking through the compliance, custody, and liability questions now will build genuine structural advantage. Not just regulatory readiness. Actual operational capability that competitors won't have if they start this work two years from now when a high-profile incident forces everyone's hand.

The firms that designed algo trading risk frameworks before the Flash Crash didn't predict the event. But they had language for what happened and processes to respond. The firms that hadn't thought about it were scrambling.

The question isn't whether AI agents are coming to finance. They're already here. The governance failures that enabled the $292M KelpDAO exploit are a preview of what happens when automated systems operate without the controls that TradFi takes for granted.