Non-Human KYC: The Compliance Gap in Agentic Authorisation

AML and KYC frameworks globally have no legal mechanism for a non-human counterparty. We map the specific regulatory language that must change — and what interim approaches firms are using today.

Every Know Your Customer framework in existence today was written for a legal or natural person. The underlying assumption — that every transaction involves a human counterparty who can be identified, verified, and held accountable — is so foundational to financial regulation that it is rarely stated explicitly. It simply is.

Autonomous AI agents are not natural persons. They are not legal entities. They have no passport, no address, no jurisdiction of incorporation. When an agent initiates a payment on behalf of its principal — a human or a business — the existing compliance stack encounters a structural failure, not a configuration problem.

The regulatory gap in specific terms

The Financial Action Task Force (FATF) Recommendations, on which most national AML frameworks are based, define a "customer" as a natural or legal person. The FCA's Money Laundering Regulations 2017 require regulated firms to identify and verify the identity of customers — using documents, data, or information from a reliable and independent source. An AI agent has none of these.

PSD2's Strong Customer Authentication requirements were designed to ensure that a human — the account holder — authorises each transaction. The regulation uses the phrase "payment service user" throughout, which in every context means a human. When an agent initiates a transaction autonomously, no payment service user is present at the moment of execution.

MiCA, the EU's Markets in Crypto-Assets regulation, introduced in 2023, is slightly more forward-looking — but still operates on the assumption of human principals. It addresses crypto-asset service providers and their obligations to their customers. It does not contemplate a non-human entity as a party to a transaction.

The delegation problem

The closest existing legal analogy to an AI agent is a power of attorney — a human delegating authority to act on their behalf to another party. But powers of attorney have clear limits: they require written documentation, notarisation in many jurisdictions, and can be revoked. More fundamentally, they create a legal relationship between two human or legal-person parties.

An AI agent acting under a human principal's instruction creates what might be called a delegation graph: a chain of authorisation from human to agent, potentially through sub-agents, to the point of transaction. Each link in that chain needs to be cryptographically verifiable and legally attributable. No regulatory framework currently contemplates this structure.

The emerging technical approach — principal-agent accountability using cryptographic attestation and zero-knowledge proofs — can make each step in the delegation chain verifiable without exposing the underlying data. But the legal framework to recognise and enforce this accountability does not yet exist in any jurisdiction.

What firms are doing in the interim

In practice, firms deploying AI agents for financial transactions today are using one of several workarounds. The most common is to treat the human principal as the customer for all compliance purposes, and to ensure that the agent acts strictly within pre-approved parameters — transaction limits, approved counterparties, and defined payment types — that were authorised by the human at setup time.

This approach functions within existing regulatory frameworks but limits the autonomy and therefore the utility of the agent. An agent constrained to a pre-approved list of counterparties and transaction types cannot adapt to novel situations, cannot optimise routing, and cannot respond to changing market conditions. It is, in effect, a very sophisticated macro.

A second approach involves wrapping each agent transaction in a human-approval step — an authorisation gate that a human must clear before the transaction executes. This preserves the compliance structure but eliminates the autonomous quality that makes agentic payments valuable in the first place.

The infrastructure required

What the agentic economy requires is a new compliance primitive: a framework for non-human identity that can sit alongside existing KYC/AML infrastructure and provide equivalent guarantees. The components are beginning to emerge — cryptographic agent identity attestations, principal-delegation registries, and programmable compliance rules that travel with the agent — but they have not been assembled into a coherent, regulatorily-recognised stack.

The regulatory change required is significant but not unprecedented. The extension of AML obligations to cover legal persons was itself a major regulatory evolution. Extending them again to cover certified AI agents operating under human principals is the next step — and the jurisdictions that move first will have a structural advantage in the agentic economy.

The FCA has begun consulting on AI in financial services. The European Banking Authority has published initial guidance on AI in credit decisions. Neither has yet addressed the specific question of non-human transacting identity. That gap is where the next wave of regulatory work will focus — and where the infrastructure buildout must begin.