By Maxwell Earp-Thomas, A.J. S. Dhaliwal, James G. Gatto, Sheppard, Mullin, Richter & Hampton LLP – AI Law and Policy; Published in National Law Review
Click here to read the entire article.
AI-driven “agentic commerce” is no longer theoretical. Today’s AI assistants can already search for products, compare options, populate shopping carts, check out, initiate payment, and make returns, all on behalf of a person who may never see the website on which a transaction is executed on their behalf. In some cases, users move all the way through checkout using stored payment credentials.
While many systems still operate within guardrails (e.g., requiring human user confirmation or operating under preset limits), the direction is clear: AI agents are beginning to autonomously initiate and execute financial transactions on consumers’ behalf. As these capabilities continue to expand, the line between human- and machine-initiated transactions continues to blur, and legal and regulatory implications come into sharper focus.
What Forms of Agentic Commerce Exist Today?
Today’s implementations of agentic commerce generally fall into two practical tiers. The most common is assisted e-commerce, where AI tools support product discovery, comparison, and checkout within a chat box or embedded interface, but the user still provides explicit approval before any payment is executed. A step closer to autonomy is semi-agentic systems, in which the AI is permitted to complete transactions with minimal or no additional user input once predefined conditions are met.
These systems include features such as price-tracking with automatic purchase triggers, where the user sets parameters in advance and the AI executes the transaction when those parameters are satisfied. Autonomous AI agents that manage the full shopping lifecycle on a user’s behalf are growing rapidly. Often a user gives an agent “goals” and the agent identifies and executes transactions to implement those goals without a contemporaneous human decision that traditional payments laws assume will exist.
Agentic Commerce vs. Compliance
The shift to an increasingly automated shopping experience reframes the regulatory conversation. When an AI assistant pays a bill or clicks “buy”, central compliance questions will revolve around authentication, authorization, fraud, and who bears responsibility when an AI’s actions do not align with a consumer’s wishes or when rogue agents are deployed to execute bogus transactions. For regulators, banks, fintechs, and merchants, existing concepts of consent, liability, and consumer protection strain when transactions are initiated by software rather than people. Current regulatory frameworks concentrate on authorization, fraud controls, and dispute resolution, all of which were designed for human-initiated transactions.
Click here to continue reading.