![](\"https:\/\/fortune.com\/img-assets\/wp-content\/uploads\/2026\/04\/GettyImages-2202654168-e1775596250816.jpg?w=2048\")
<\/p>\n<\/p>\n
Imagine you tell an AI agent to convert $10,000 in U.S. dollars to Canadian dollars by end of day. The agent executes \u2014 badly. It misreads parameters, makes an unauthorized leveraged bet, and your capital evaporates. Who\u2019s responsible? Who pays you back?<\/p>\n
Right now, nobody has to. And that, a group of researchers argues, is the defining vulnerability of the agentic AI era.<\/p>\n
In a paper published on April 8, researchers from Microsoft Research, Columbia University, Google DeepMind, Virtuals Protocol and the AI startup t54 Labs have proposed a sweeping new financial protection framework called the\u00a0Agentic Risk Standard (ARS), designed to do for AI agents what escrow, insurance, and clearinghouses do for traditional financial transactions. The standard is open-source and available on GitHub via t54 Labs.<\/p>\n
We are talking about an entire \u201cagentic economy\u201d here, t54 founder Chandler Fang told Fortune in an emailed statement; \u201cit is very different from simply using AI agents for financial tasks.\u201d He said there are two fundamental types of agentic transactions: human-in-the-loop financial transactions and agent-autonomous transactions. Everyone\u2019s focus is on the human-in-the-loop stuff, he said, and that\u2019s a real problem, because the financial ecosystem currently has no way to operate other than to defer all liability back to a human. It all comes down to the probabilistic nature of this technology, the researchers explained.<\/p>\n
The probabilistic problem<\/p>\n
The core problem the team identifies is what they call a \u201cguarantee gap,\u201d which they define as a \u201cdisconnect between the probabilistic reliability that AI safety techniques provide and the enforceable guarantees users need before delegating high-stakes tasks.\u201d This description recalls what leadership expert Jason Wild previously told Fortune about how AI tools are probabilistic, befuddling managers everywhere. \u201cWithout a way to bound potential losses,\u201d the t54 team wrote, \u201cusers rationally limit AI delegation to low-risk tasks, constraining the broader adoption of agent-based services.\u201d<\/p>\n
Model-level safety improvements, they argue, can reduce the\u00a0probability\u00a0of an AI failure, but cannot eliminate it. Large language models are inherently stochastic, meaning that no matter how well trained or well tuned an AI agent is, it can still hallucinate and make mistakes. When that agent is sitting on top of your brokerage account or executing financial API calls, even a single failure can produce immediate, realized loss.<\/p>\n
\u201cMost trustworthy AI research aims to reduce the probability of failure,\u201d said Wenyue Hua, Senior Researcher at Microsoft Research. \u201cThat work is essential, but probability is not a guarantee. ARS takes a complementary approach: instead of trying to make the model perfect, we formalize what happens financially when it isn\u2019t. The result is a settlement protocol where user protection is deterministic, not probabilistic.\u201d<\/p>\n
The researcher\u2019s solution borrows directly from centuries of financial engineering. ARS introduces a layered settlement framework: escrow vaults that hold service fees and release them only upon verified task delivery; collateral requirements that AI service providers must post before accessing user funds; and optional underwriting \u2014 a risk-bearing third party that prices the danger of an AI failure, charges a premium, and commits to reimbursing the user if things go wrong.<\/p>\n
The framework distinguishes between two types of AI jobs.\u00a0Standard service tasks\u00a0\u2014 generating a slide deck, writing a report \u2014 carry limited financial exposure, so escrow-based settlement is sufficient.\u00a0Tasks involving the exchange of funds\u00a0\u2014 currency trading, leveraged positions, financial API calls \u2014 require the agent to access user capital\u00a0before\u00a0outcomes can be verified, which is where underwriting becomes essential. It is the same logic that governs derivatives markets, where clearinghouses stand between counterparties so that a single default doesn\u2019t cascade.<\/p>\n
The paper maps ARS explicitly against existing risk-allocation industries in a table: construction uses performance bonds, e-commerce uses platform escrow, financial markets use margin requirements and clearinghouses, and DeFi uses smart contract collateralization. AI agents, the researchers argue, are simply the next high-stakes service category that needs its own version of that infrastructure.<\/p>\n
The timing is crucial<\/p>\n
Financial regulators are already circling. FINRA\u2019s 2026 regulatory oversight report, released in December, included a first-ever section on generative AI, warning broker-dealers to develop procedures specifically targeting hallucinations and to scrutinize AI agents that may act \u201cbeyond the user\u2019s actual or intended scope and authority\u201d. The SEC and other agencies are watching closely.<\/p>\n
But ARS is pitched as something regulators haven\u2019t yet built: not a set of rules, but a\u00a0protocol\u00a0\u2014 a standardized state machine that governs how funds are locked, how claims are filed, and how reimbursements are triggered when an AI agent fails. The researchers acknowledge ARS is one layer of a larger trust stack, and that the real bottleneck will be building accurate risk-pricing models for agentic behavior.<\/p>\n
\u201cThis paper is the first step in setting up a high-level framework to capture the end-to-end process associated with agent-autonomous transactions and what the risk assessment looks like,\u201d Fang told Fortune. \u201cFurther down the road, we should introduce more specific details, models, and other research to understand how we figure out risk across different use cases.\u201d<\/p>\n
#agent #hallucinates #money<\/p>\n","protected":false},"excerpt":{"rendered":"
Imagine you tell an AI agent to convert $10,000 in U.S. dollars to Canadian dollars…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[245],"tags":[2354,482,7584,27],"_links":{"self":[{"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/posts\/3391"}],"collection":[{"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/stock999.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3391"}],"version-history":[{"count":0,"href":"https:\/\/stock999.top\/index.php?rest_route=\/wp\/v2\/posts\/3391\/revisions"}],"wp:attachment":[{"href":"https:\/\/stock999.top\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3391"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/stock999.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3391"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/stock999.top\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3391"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}