Agent-to-Agent Interoperability and the Emerging Agentic Commerce and Payments Stack
Most of the architectural discussions in this series have assumed a particular shape for agentic AI: a human initiates a task, agents execute it, and a human (or a governed autonomous system) concludes it. That shape is accurate for the current mainstream of enterprise agentic deployments. But a meaningfully different shape is emerging at the frontier, and understanding it now matters for any architect or strategist working in payments, financial services infrastructure, or platform strategy — because the decisions being made right now about interoperability standards and protocol design will shape this emerging landscape for years.
That shape is agent-initiated commerce: AI agents, acting on behalf of humans or organizations, autonomously discovering, negotiating with, and transacting with other AI agents — without a human actively directing each individual interaction. The implications for payments infrastructure, identity, trust, and financial services regulation are significant and largely unresolved. This post maps the emerging architecture and the open questions honestly.
The Conceptual Shift: From Tool Use to Peer Coordination
In the MCP/A2A post in the Intermediate series, we established A2A as a protocol enabling agents to discover and coordinate with each other. That discussion focused primarily on agents within the same institution’s ecosystem coordinating on shared tasks. The more forward-looking application of the same protocol infrastructure is agents from different organizations — or acting on behalf of different end users — transacting across organizational boundaries, fully autonomously.
This isn’t purely hypothetical. Early-stage examples are already observable: an AI travel planning agent negotiating a hotel booking through a hotel chain’s booking agent without a human approving each step, or a supply chain optimization agent negotiating delivery terms with a logistics provider’s agent. These are comparatively low-stakes domains. The trajectory points toward higher-stakes domains — and financial services is both one of the most natural destinations for this trajectory, and one of the most complex, precisely because financial transactions carry the full weight of regulatory, liability, and consumer protection frameworks that were written with humans as the transacting parties.
The Emerging Technical Stack
A coherent agent commerce stack is assembling from several independently-developing layers:
Discovery layer. Before two agents from different organizations can transact, they need a way to find each other and understand what each offers. This is the “agent directory” or “agent registry” problem — analogous to DNS for the web, or the card network directory for payments. Several approaches are being developed: well-known URL conventions that allow an organization to publish a machine-readable description of its agents’ capabilities, centralized registries operated by platform providers, and decentralized discovery mechanisms built on open protocols. No single approach has emerged as a clear standard, and the design choices made here have real implications for centralization of power in the resulting ecosystem.
Capability negotiation layer. Once discovered, agents need a structured way to communicate what they can do, what they need, and what constraints apply — prices, availability, terms, authentication requirements — in a form the requesting agent can parse and act on. This is where A2A’s structured message format does much of the work, defining how agent capabilities are described and how requests and responses are structured. The open question here is how rich this negotiation can become — simple request-and-fulfillment versus more complex, multi-round negotiation with conditional terms — and how ambiguity and failure cases are handled cleanly.
Authorization and consent layer. Who authorized this agent to transact, and how is that authorization verified by the agent being transacted with? This is arguably the hardest unsolved problem in the stack, and it connects directly to the identity architecture discussed in the previous post. A payment agent executing a purchase needs to demonstrate, to the receiving agent, that it holds a legitimate, verified authorization from a real human or organization to make this specific transaction. Current approaches involve delegated tokens and authorization chains, but the standards are evolving and the security properties of current implementations vary widely.
Payment and settlement layer. Once a transaction is agreed upon, how does value actually transfer between parties in a way that’s fast enough for agent-speed transactions, reversible when something goes wrong, and compatible with existing regulatory frameworks for payments? Several approaches are being explored: agents initiating conventional payment rails on behalf of users (the most immediately compatible with existing infrastructure), purpose-built “agent payment” instruments designed for machine-to-machine transactions, and more experimental approaches involving programmable settlement infrastructure. Each carries different trade-offs around speed, reversibility, regulatory clarity, and interoperability with existing financial infrastructure.
Dispute and recourse layer. When an agent-initiated transaction goes wrong — the agent paid for a service that wasn’t delivered, or was manipulated into a transaction the human principal never intended — who bears the liability, and what recourse exists? This is almost entirely unsettled, both technically and legally, and it’s one of the most significant unresolved questions for widespread agent commerce adoption. Existing consumer protection frameworks were not written with autonomous agent transactions in mind, and the question of whether and how those protections apply when an agent — rather than a human directly — is the transacting party is actively being worked through by regulators in multiple jurisdictions.
Implications for Banks and Payments Infrastructure
For financial services specifically, agent commerce represents both a strategic opportunity and a potential disintermediation risk, depending on how the infrastructure layer evolves.
The opportunity: banks that build agent-accessible payment and financial services infrastructure early — clean, well-documented APIs, MCP-compatible tool interfaces, A2A-compatible service descriptions — position themselves as natural, accessible counterparties in the emerging agent commerce ecosystem. An agent needing to make a payment will, all else being equal, transact through the most easily-accessible, most reliably-interoperable option, and institutions that invest in being that option have a real first-mover advantage.
The disintermediation risk: if agent commerce settles on infrastructure or settlement rails that bypass traditional banking intermediaries — whether purpose-built fintech infrastructure designed specifically for machine-speed, machine-initiated transactions, or more novel settlement approaches — banks that haven’t positioned themselves in this layer risk finding their existing payments revenue streams eroded in a domain where they didn’t see themselves as needing to compete.
The regulatory dimension: banks already operating under existing payments regulation have, paradoxically, both a burden and an advantage here. The burden is that they can’t move as fast as unregulated or lightly-regulated new entrants in experimenting with novel agent payment mechanisms. The advantage is that they understand, better than most, what a compliant, auditable, consumer-protected payments infrastructure needs to look like — and as regulators inevitably extend existing frameworks to cover agent-initiated transactions, institutions that already operate within those frameworks have a structural head start over those that built on the assumption that agent commerce would remain permanently outside them.
What Needs to Be True for This Stack to Work at Scale
Honest assessment requires acknowledging that several critical pieces of the agent commerce stack remain genuinely immature, and the timeline for their resolution is uncertain:
Interoperability standards need to stabilize. The current landscape has multiple competing approaches at several layers, and meaningful agent-to-agent commerce across organizational boundaries requires enough standardization that agents built on different platforms can reliably discover and transact with each other. The trajectory is toward consolidation around open standards with broad vendor support, but “trajectory toward” and “arrived at” are very different states.
Authorization and consent frameworks need formal specification. The question of how an agent demonstrates valid authorization from its human principal, in a form that a receiving agent can cryptographically verify, is being actively worked on but not yet solved in a way that’s broadly deployable at production scale and legally recognized across jurisdictions.
Liability and recourse frameworks need regulatory clarity. Without a clear answer to “who is liable when an agent transaction goes wrong,” the risk-averse institutions most capable of deploying this at scale have rational reasons to wait for regulatory clarity before committing, while less risk-averse actors move faster with correspondingly higher risk — a dynamic that rarely produces good outcomes at the ecosystem level.
What Architects Should Do Right Now
Given the genuine uncertainty above, the practical question for architects working in this space today is how to position without over-betting on standards that may not win. A few principles apply reliably regardless of how specific standards contests resolve: build internal agent interfaces against open, documented protocols rather than proprietary ones; monitor the standards bodies and working groups actively developing these layers; invest in the capability to move quickly once standards stabilize, rather than waiting for full stability to begin building any capability at all; and engage with regulatory and industry working groups shaping how existing payment and consumer protection frameworks will apply to agent-initiated transactions, since those conversations are happening now and the participants who shape them early have outsized influence on the outcomes.
Coming Up Next
We’ve now covered the strategic and forward-looking frontier of agent interoperability. The next post turns to one of the most pressing governance challenges for banks specifically: how the existing model risk management framework — the three-lines-of-defence structure most large financial institutions already operate — needs to be extended to govern autonomous agentic systems.