Stable Pulse
Brought to you by Stablecon, Stable Pulse is where the architects of programmable money, the regulators writing tomorrow’s rulebook, and the institutions bridging TradFi and DeFi converge.
Our expert hosts with deep payments and policy experience are going behind the surface and bringing the people and ideas that are driving everything around decentralized in non-custodial finance.
Bam Azizi, CEO and Founder, Mesh will lead CEO Beat.
Justin Friedman, Head of Policy at Stablecon, will lead our Policy Beat
Dante Reminick, will lead our What's Next Beat, and talk about the latest advances.
With them, you will keep your fingers on the pulse of all things stablecoin!
Stable Pulse
Agentic Payments Are the Wild West
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
On the next episode of Stable Pulse: Policy Beat, host Justin Friedman sits down with Dr. Christian Catalini, MIT research scientist, founder of the Cryptoeconomics Lab, and co-creator of Diem (Libra), to unpack the collision between stablecoins entering the mainstream and AI agents beginning to execute real commerce on our behalf.
Drawing on his experience building Diem and working with regulators around the world, Christian explains how the US Genius Act could finally make programmable money scalable through stronger reserve standards, redemption rights, and interoperability between stablecoins. But as payments become faster and more autonomous, a bigger challenge is emerging: verification.
Justin and Christian explore the rise of agentic commerce, where AI systems can shop, negotiate, and move money faster than humans can realistically monitor. They discuss why traditional compliance frameworks like KYC and AML were built for human actors, what “know your agent” standards could look like, and why the next generation of fintech infrastructure may center on guardrails, anomaly detection, provenance, and liability management.
The conversation also dives into consumer protection, fraud, trust, concentration risk, and the growing tension between automation and accountability as AI agents begin operating at machine speed across global payment networks.
Subscribe for more conversations on stablecoin regulation, programmable payments, AI agents, and the future of digital identity, trust, and financial infrastructure.
Want to go deeper? Check out more and connect with our guest and host:
“How Banks Learned To Stop Worrying And Love Stablecoins” by Christian Catalini
“Some Simple Economics of AGI” by Christian Catalini, et al
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=6298838
“The Machine at Checkout” by Justin Friedman
https://www.linkedin.com/pulse/balance-machine-checkout-justin-friedman-h0rme/
Justin Friedman: https://www.linkedin.com/in/justingfriedman/
Christian Catalini: https://www.linkedin.com/in/ccatalini/
Intro
IntroPassage of the stablecoin legislation drafted by the Senate dubbed the Genie Senate. Because analysts say a wave of competition can complicate things.
Justin FriedmanThis is the Stable Pulse. I'm your host, Justin Friedman, head of policy at StableCon, and a former official at the New York State Department of Financial Services. Today, on the Stable Pulse, we welcome Dr. Christian Catalini. Welcome, Christian. Christian is founder of the Crypto Economics Lab and a research scientist at MIT. In 2022, he co-founded LightSpark with David Marcus after their unsuccessful attempt to launch the Diem token, aka Libra, at the Diem Association under the auspices of Meta. Throughout the DM Libra experience, Christian interacted with regulators and central banks across the planet, including in the US, the UK, Europe, and Asia. Christian earned his PhD from the University of Toronto's Rottman School of Management. His research has been featured in Nature, Science, The New York Times, The Wall Street Journal, The Economist, Wired, NPR, Forbes, Bloomberg, and TechCrunch. Christian is regularly consulted by policymakers examining frontier issues in financial services and markets. In December, he published a column in Forbes, How Banks Learn to Stop Worrying and Love Stable Coins. He is co-author of a working paper, Some Simple Economics of AGI, which you can find on SSRN. He was a central character in perhaps the most consequential but failed attempt to bring a private stable coin to market. Christian is just the right guest for this conversation on what regulators and builders need to understand about agentic commerce payments, trust, and responsibility. Christian, let's get into it. Christian, you co-created Diem, which was arguably shut down in part because regulators couldn't resolve fundamental questions about what it meant for a private company to issue a global payment instrument. Less than half a decade later, we have the Genius Act in the United States, and everybody wants to jump into the pool. As we're reporting here in April 2026, stablecoins have a global market cap of over $300 billion. Meanwhile, AI agents are beginning to execute real commercial transactions autonomously. So from where you sit, does it feel like the imagination of policymakers is caught up to the tech? Or are we just repeating the pattern of regulating the last wave of financial innovation while the next one's already forming?
Christian CataliniMaybe. I think the tension that you surface is an important one. To some extent, now that we have clear rules for US dollar stable coins under Genius, uh, despite some last-minute debates around clarity and the yield on such stable coins, I think we're we can finally see the glimpses of better programmable money becoming a reality and becoming something that is safe to scale in mainstream applications. But at the same time, uh the bigger tsunami, uh, which is everything that's changing because of AI and the rapid advances in foundational models. Uh, it is very clear that the way we will interact with software, the way we'll interact with labor, uh, the way we will interface with any system is gonna rapidly evolve over the next few months. A lot of the assumptions that we used to rely on uh to, for example, stop bad actors, to stop abuse in these systems are gonna fall apart. Um, systems will move uh in, in a sense, closer to what crypto has been experiencing all along. Uh, the world is about to become a lot more adversarial. And so I do think that there's gonna be a number of new challenges for regulators uh that want to ensure that you know payments can scale and support these new use cases and these new capabilities while still protecting some of the you know social constructs around them from fighting financial crime uh to ensuring that fraud and scams are not rampant.
Justin FriedmanThanks for that. You've written that the stablecoin debate forced a reckoning with a question economists had not seriously engaged in decades. What is money? Who gets to issue it, and under what conditions?
What Money Is And Who Issues It
Justin FriedmanAre any of these problems resolved, at least in the US, by the Genius Act?
Christian CataliniYes. The Genius Act, uh, there's a number of really important things uh that again can give people the guarantee, people and businesses, the guarantee that when they're attaching a stablecoin, when they're using it, they really don't have to worry about what's behind it. Um the singleness of money is a really important concept, right? The idea that different stable coins issued by different um issuers under Genius can be considered fully interchangeable, fully uh fungible with each other. Uh before Genius, we had a patchwork uh of rules at the state level. We really didn't have a framework for kind of a payment system uh to emerge in all of this. Uh, that's actually the reason why back in the day we went to Switzerland. Switzerland did have a framework for payment system licenses. And so when we applied for a license uh under FINMA, we were really pursuing something that was very much bank-like. Uh at many of the same protections uh for the holders of a stable coin uh under any condition, right? Uh of course, on day-to-day, uh, most of these systems work just fine. Uh, but of course, with financial systems, what matters are the edge cases. And so with genius, um, holders will have a direct claim on the underlying assets, they'll have protections. Um, you will know that the issuers will have to invest in high-quality, liquid assets, um, and can essentially withstand a run on those reserves. Um, with that confidence, I think we will see the final mainstreaming of stable coins, maybe not in the way many people expect. Uh, I think the first way this will surface is behind the scenes. Uh, consumers already move money across border, businesses already move money across border, and sometimes they don't even need to know that the piping has been swapped behind the scenes. They will see faster settlement, lower prices, better functionality, and still the currencies they they they're familiar with. Uh so the transition is gonna be a lot more boring than I think uh many of us expected, or at least the regulators expected when we came out with Libra. Uh, but nevertheless, it's gonna be extremely exciting uh because it's gonna bring a number of benefits uh to society at large.
Justin FriedmanSo I was a regulator in New York when you guys were shopping around the Libra concept, and we just didn't know what to do with it. We didn't have a framework like the Genius Act in place. And so I understand why you went first to Switzerland where you found
Agentic Payments Redefine Transactions
Justin Friedmana more hospitable environment where uh the government was sort of ready to take a critical look at this and make a decision on whether they would let you into the marketplace. So now we have the Genius Act in place and everybody's building in stable coins, but we don't have a genius act for agentic payments and agentic commerce. And I think now these issues are forcing a parallel question. We talked earlier about, you know, what is money and how do we decide um what can serve as money? Today, the question in agentic payments is what even is a transaction? And who is legally responsible for it if no human being initiated it? Are these fundamentally the same question or distinct problems that require distinct regulatory responses?
Christian CataliniI would say there's a lot of similarities with some of the initial tensions that stablecoins uh brought about. Um agents will need fundamentally different infrastructure. And the whole premise of crypto and blockchain was always to um change the infrastructure that used to be centralized, used to be mediated by intermediaries into something that could work a lot more like an open protocol. Um, we're now discovering, I would say, that many of the primitives that people have been building in crypto uh are going to be necessary as some of the side effects of AI materialize on society. That said, I think there's also, as you go, a lot of hype. Uh, a lot of agente commerce, I think, will take a form that's very familiar to people and may not require stable coins or programmability at all in the initial phases. Uh, the classic example people talk about is you know, an agent that will procure for you flights and hotels, uh, essentially plan for you a whole vacation. Um I would imagine that some of the services provided by large payment service provider companies or the card networks will do really well under this new construct. Essentially, they just have to add intelligence to you know the vehicles that we already use every day. Um, that does not necessarily require programmability, that does not require change of the flow of payments. Um, that's that it will deliver value and it will create very high frequency transactions and a lot more interactions in the economy that will put stress and potentially will be abused in novel ways by bad actors. As always, when there's a new technology, you know, the bad actors are the first ones to implement some of some of its side effects and to look for the corners. Um and then I think this is the part that's that's kind of more unknown, but also more interesting. The technology will enable fundamentally new types of interactions, uh, initially between machines. And those of you listening that may have played with things like OpenClaw or Mass, uh, these identific systems that you kind of deploy on your local machine and connect maybe to your calendar, to your email, are kind of showing a glimpse of what the future may look like when we delegate to machines and to these advanced models uh almost like co-workers, and we put them in charge of more and more of our digital lives. Uh, we ask them to essentially perform tasks on RBLs. That delegation is going to be critical. And although there's been interesting attempts, uh, Google, for example, has a protocol uh for consent and delegation to these agents, others have similar alternatives. People are really tinkering with what does it mean that an agent shows up on my doorstep, say, I'm a merchant? Um, do I trust the agent to be uh a legal delegate, right, of the consumer? Is it something else? What happens when the agent goes rogue? Um, all of these are new questions. And I think people are coming up with creative solutions. As usual, it's so early. The space is extremely fragmented. And so, you know, we need standards. We need harmonization, both on the technical side. And of course, many of the large players are competing and racing to make sure that their standard is the standard. Uh, and eventually regulators will also provide the right framework. Very much like with stable coins, a stablecoin today is going to be a lot more boring, but a lot more useful than it was a few years ago. Uh, agentic payments right now are a bit the wide west. Um, and for agentic payments to be truly useful, I think we'll have to really rethink a lot of the soft infrastructure rules, uh, standards, also on the legal and commercial side, um, that we've seen, for example, around car payments and other dimensions.
Justin FriedmanSo, yeah, execution is cheap, but verification is expensive. Isn't that the real constraint in agenda commerce? Not that the agents can't transact fast enough, but that we can confirm what they did fast enough
Verification Becomes The Scarce Resource
Justin Friedmanto actually remove the friction that they need to do their jobs.
Christian CataliniThat's exactly the thesis of the economics paper that we released uh a few weeks ago. Um people have been struggling with, you know, what stays as human and defensible in a world with AI. Um, after looking at the economics of it, we concluded that right now what we're witnessing is a drastic collapse in the cost of intelligence. Everyone kind of agrees with that part. Uh, but typically in economics, when something becomes cheap and abundant, uh, the bottleneck moves somewhere else. Uh, because we'll consume more intelligence, we'll apply it to many more aspects of our lives and our businesses. Uh, but as a result, I think everyone is already witnessing the thing that's becoming truly scarce is verification. It's very easy to ask Claude or Chat GPT or Gemini or Grok to generate a text for you. Maybe say you're writing an article, but then you actually have to read and make sure, okay, does this actually make sense? Are the sources the real sources? Um, does this reflect my original intent and my spec? Um, same with coders. Uh, coders today are shipping, you know, hundreds of thousands of lines of code that are generated by agents. I think it was just a few days ago that a company managed to wipe all of their production databases and all their backups because an agent go went rogue and decided to essentially make some edits that it that it shouldn't have done. Uh so with a gentic, it's gonna be the same, uh, especially when it comes to payments. These agents can carry a lot of the instructions, they can try a lot of the different things they've been put in charge of, but eventually verification is gonna be extremely important. I would imagine that some of the most successful companies in the AgenTech space will be exactly the companies that provide the guardrails, uh, so that you can confidently connect an agent, say, to your corporate treasury or to your personal wallet and trust that when they go about and make decisions, uh, they're still operating within your parameters.
Justin FriedmanChristian, in your research on AI and AGI, you talked about a measurability gap, which is the wedge between what we can observe and what needs to be governed. Isn't agentic payments just that gap showing up in finance and financial services first? Isn't this a problem that we're gonna have to solve society-wide?
Christian CataliniYes, uh, you're absolutely correct. And the solution to that problem is typically to close the measurability gap by working with better data. Um, this is where, for example, incumbents, um, again, from financial institutions and banks and even large PSPs have an initial advantage. They're sitting on millions of data points about past failures. Uh, think about even like on a compliance front, like past file SARS and kind of both positive and false negative events. Um, they can use that to train better models uh that can provide better guardrails. Um, those guardrails are essentially the codification of human judgment. Um, I think we've had now emerged all sorts of cope terms with AI. So people say, okay, uh AI cannot do human judgment, AI cannot do human curation or taste. Uh I think the problem with all of those terms is that they're extremely vague. Um, it's very difficult to define taste, as we know. It's it's a culturally defined concept and it varies by person by person. Same with judgment, things that require judgment today uh probably won't require judgment by a human in six months at the pace these models are improving. And so what we try to do in the paper is to provide a much more narrow but precise definition of what that gap between the human and the agent is. Um, if the agent has the right information, if it has the right digital trails, then it can essentially extrapolate and make the right decision. Uh but there's a lot of contexts, including in financial services and agent e-commerce, uh, where that has not been codified. We don't have essentially a database of record that records the right information. If that is not present, then again, we do need a human in the loop and we do need to be able to perform proper verification.
Justin FriedmanLet's go back to stable coins and the intersection with agentic payments. You and many others have argued that stable coins are most useful not as stores of value, but as programmable payment instruments, money that can actually do things. Agentic commerce seems to be the first genuinely large-scale use case to vindicate that argument because agents need rails that work at machine speed with programmable logic. But the Genius Act's compliance architecture, which is based on traditional concepts like KYC, AML, the travel rule, these were designed for human counterparties.
Why KYC And AML Break For Agents
Justin FriedmanHow do you see this mismatch? Is it a gap that rulemaking can fill, or does it require a whole rethinking of the framework?
Christian CataliniThe latter. How do we know when we're presented with an agent, whether we're on the receiving side or we're trying to delegate to an agent, that that agent really reflects a persona behind it, whether it's a business or an individual, and along the way as not being compromised or as going rogue or making kind of the wrong decisions on what the mandate is. That will require standards, and standards are notoriously difficult, uh, especially in these early phases, uh, because as I was mentioning before, everyone really would love for the for their own standard to become the one that everybody uses. And so there's fragmentation at the start. But for something like KYA to be useful, it needs to be universal, right? So it needs to be available to different types of organizations and individuals. Um that also requires regulators to pay attention to this and to really think from a public sector perspective uh what should be set kind of in stone versus what should be flexible. Uh often in the early phases of an industry, there's a tendency to over-regulate at a time where things are still ill-defined and the market still needs to figure these things out. Um in these phases, standards that are like internet standards tend to do much better. Uh, if you think about the IETF or the IEEE, every every protocol we use on every day has been developed by essentially a mix of engineers and entrepreneurs trying to collaborate uh and often collaborate and compete at the same time. Uh, those are the standards that take a bit of time to be developed properly, but then eventually deliver uh a lot of value to society.
Justin FriedmanWell, let's say that agents can potentially generate a thousand transactions per second. When you think about what is the right role for the human in the loop, how do we possibly keep up with that kind of transaction flow without sort of diminishing the usefulness of this technology? Where do we set these thresholds? How do you think about what risk tolerance is appropriate? And what is the job for regulators to impose those standards on marketplace participants?
Christian CataliniYeah, so I guess we've seen probably the first glimpse of some of this in DeFi or decentralized finance, right? Uh when you combine crypto rails with boss or agents, um, everything happens at high frequency, things can move really quickly between different systems, and they can break in novel ways. Um, this is what I meant by more of the economy is gonna look like crypto. Uh, everything in crypto over the last decade has been developed in a very adversarial environment. Essentially, you always have to assume that there's someone that's ready to exploit any sort of gap in the system. Um, agents will have to operate at much higher frequency than humans, and I think we're already seeing it. In a sense, our capability to verify a genetic output is biologically bottlenecked until we can augment ourselves maybe with um a brain computer interface. Uh and so it is well past the point, and I think engineers are the first one to see this. Uh, at the start, right, they were reviewing every line of code that they would write with something like cloud code or codex. Um, at this point, they can't. There's just too much code being written. The frequency of the agency output is going up, and the ability of humans to verify it is staying constant. Um, so inevitably, we have to build uh better harnesses, better structures around this so that the agency systems themselves know when to escalate and when not to, so that our scarce attention can be dedicated in the right spots. Uh, to make a very practical example, if we have agents performing machine-to-machine transactions on a global scale, 24-7, at very high frequency, we will need systems to be able to detect uh anomalies, uh, bad behavior, uh, compliance failures on the fly and bottom them and essentially bubble them up all the way to a human operator. Um, if we don't build the systems, I think we're gonna be in trouble. In the paper, we talk about um, you know, distrosion or externality, which is essentially the idea that the economic incentives are driving in the wrong direction. Right now, there's massive value of deploying agents at scale. Uh, and we're seeing it throughout the economy. If you look at some of the recent statements by top CEOs in tech, uh, they're all bragging about how much of their code has been written by agents. Um, if you flip that statement, you realize how much of that code has not been verified by a human. Uh, they're one and the same. And so if we don't build that infrastructure, if we don't set ourselves up for success, I think we're gonna see more of the failures like the ones we've seen in the last months where very large companies have shipped, you know, private keys or other uh compromising materials out by mistake. Uh, because again, uh they could not verify every single line of code that was going out of their house.
Justin FriedmanOne thing that confounds me is the sheer pressure to automate processes. It's one thing if you can eliminate 90% of the human work and hand that over to a machine and then leave the last 10% for your team to complete. Maybe we can even get to 95% or 98% or 99%. But why is there so much pressure to? Automate 100% and completely remove the human from the loop and not even check and verify at the end of the process?
Christian CataliniI think part of it is the race. And you're seeing it, maybe the most extreme example is between foundational labs. They're all racing towards better forms of near AGI or even ASI because they know that if you get there first, there's going to be a massive advantage. That same pressure is materializing in every sector. In fintech, you're seeing different fintechs racing, even on stable coins, on deploying the systems, on being forced to do to really scale it on either on the consumer side or the business side. That pressure is there. But I think the more subtle part of this is also that, you know, when foundational models really improve our lives, it's not that the 100% of the work stays the same. We're really rapidly expanding our expectation of what can be done. And so really we're dox, 5x, 10x, what we were trying to accomplish before, uh, because now we have better tools, we're more productive. And as a result, we probably don't realize that yes, we're we're we're increasing our productivity, but that final bottleneck is where all the value is created. It's a bit like the classic Oring uh story. Some of you may remember the shuttle disaster where a little O-ring compromised the entire launch. This is true for every Agentic flow. Uh the aging can do 95% of the flow correctly, but if the last 5% or less 1% or 0.5% is the fatal one, then it really doesn't matter, right? Because the entire thing is compromised. And if you're a company, your reputation is on the line.
Justin FriedmanSo picking up on that, legacy financial transactions rely on networks that verify identity. Think about credit card transactions that are initiated at a point of sale, and that convinces the merchant that this card is good and that the buyer or the shopper is legitimate. But the transaction itself may take days to settle, and then the merchant is reimbursed. Blockchains introduce this new potential to identify the user and settle within moments, seconds, even instantly. So in identic commerce,
Identity Still Matters With Instant Settlement
Justin Friedmandoes that identity verification at the front end still matter? Or is this abstracted away when settlement happens near instantly?
Christian CataliniIt's still extremely important, right? If you think about what the faster settlement does, it solves off of the equation. Um maybe it's a merchant, okay, they received their funds. Uh, but was that transaction initiated by the actual user that owns the funds? Uh issues like account takeover and any sort of protection around that initial leg is still very relevant. Um, plus, as we've already discussed, right, the frequency of all of this is increasing. And so rather than seeing maybe a few transactions a day, now you're looking at thousands of transactions. Umdentity is gonna be under a lot of pressure over the next six to twelve months. I think we're already seeing it with some of these models that have been held back from foundational uh companies like Mitos by Anthropic, where cyber capabilities are increasing, uh, fraudsters will have better and better models that they can use. And so, in a sense, I think many systems that we've been relying on across different forms of identity, both the individual and the business one, I think will break in the near future and we'll have to reinvent them. Uh, sometimes with stronger cryptographic primitives, sometimes with stronger biometrics, sometimes we would both there's a specific compliance nightmare at the intersection of agents and stable coins.
Justin FriedmanImagine an agent receives a manipulated price feed, maybe an instruction to redirect a payment to a sanctioned address with absolutely no awareness that anything has gone wrong. The agent has no intent, no intuition, and no capacity to be held accountable. The Genius Act requires stablecoin issuers to be able to freeze or burn tokens on demand, but that's a post-hoc remedy. What does preventative compliance look like when the transacting party is not a human being?
Christian CataliniI think in the end it's going to be a race between defense and offense. Uh, same with cybersecurity. Um, we will need to develop agency systems uh that can really monitor and intercept uh those transactions before before they land. Uh it all comes back to the guardrails. Um, many companies are racing to build kind of your agenc treasury or your agentic wallet. Um, I would say that the rails and the wallet and even the agentic piece are trivial. What is extremely hard is all the safety and guardrails around it. If a CFO wants to connect a smart set of agents to the treasury, maybe to sweep funds, optimize their cross-border transactions, uh, all things that, by the way, stablecoins can enable today. So we're not talking about an hypothetical future. This can be done today. Um, the startups that will create the most value or the incumbents that will be able to are not going to be the ones that just apply the tech, are going to be the ones that really go back to how do we ensure that, for example, from a compliance perspective, every operation follows the rules and playbooks of this particular organization and the regulators that regulate it on a regular basis.
Justin FriedmanSo, what are your fears in terms of potential manipulation? What are we exposed to today before we really get smart about these compliance frameworks, before regulators move and put controls in place, before there's any obligation for anyone in this ecosystem to actually assure the integrity of the system?
Christian CataliniI think the bigger challenge is even broader than a genetic commerce and a genetic payments. Um again, every system that we trust and rely on at the public level, at the private level, at the individual level, as being somewhat protected by some assumptions and frictions that are going away. Just think about how human-sounding emails or even calls or videos can be right now. Um, and apply that throughout everything that society trusts and relies on. These things are becoming more shaky. And and again, ironically, um I think this is going to be the last, the last comeback for crypto, which is crypto has been operating under the assumption that every everything could be, everyone on the network could be a bad actor, every interaction could be malicious. And so you need a strong cryptographic proof and verification to trust that interaction. Um, I think more of the economy would look like that. And and as we all know, the UI and UX, the usability of some of these crypto primitives is not that simple. Uh, there's been massive progress. But in a sense, society will need to learn and embrace these new primitives and embed them throughout everything we do. You know, if I'm relying on a process, am I still interfacing with the right person? Am I still interfacing with the right company? Is this still a sign intent by someone that initiated this, or has it been compromised along the way? And so I think we're entering a great era of um, you know, stronger provenance and stronger verification. Uh, the good news is that again, uh stablecoin rails, uh, crypto primitives, signatures, all the stuff that's been built for uh even simple payments is going to be really useful throughout all of this.
Justin FriedmanAll the same, we are seeing government begin to move. Under the Genius Act, the US government has proposed rules implementing the BSA requirements of the statute for permitted payment stable coin issuers. The rule on the table would place the compliance burden squarely on the issuer. But in agentic commerce, the issuer may be three or four layers removed from the payment use case. The developer builds the agent, the platform deploys it, a wallet holds the stable coin, another wallet receives payment. And meanwhile, the issuer is never a party to the transaction. So is the US government headed in the right direction here? Is this enough? If policymakers are serious about preventing financial crime, is that allocation of responsibility defensible? Or is there another approach we should consider when we think about identif payments?
Christian CataliniThis is something actually we wrestle with for uh with Libra uh already, uh, because Libra is essentially the issuer, the regulated entity, and then uh designated dealers, so banks that would output the distribution. And of course, then there's exchanges, wallets, fintechs, all the others. Um and the solution is gonna have to be multi-layered. Um I think the idea that the issuer on their own uh could enforce the rules throughout the system is not only ridiculous and impractical, but it's also one that really rapidly runs into um privacy challenges, right? So if you want a single central actor to perform all of these operations, inevitably you're giving them a lot of control, a lot of market power, and a lot of you know interference with everything that's going on. Um I think that would be a terrible design, and it's one of the reasons why, for example, the United States has chosen stable coins over like a top-down CBDC like China and other places.
Compliance Responsibility Cannot Sit On Issuers
Christian CataliniUm, so if you if you accept that you will need multiple layers of controls and uh safety checks, then the issuer, of course, should be in charge of making sure that when they're minting and burning, their counterparties are trustworthy, they're following BSA and everything else. Um and then one layer down, you have other regulated financial institutions like the exchanges and wallets and fintechs, and they will also need their own compliance programs and protections. So once you get to the layer of the agent e-commerce, um, these agents will essentially be uh certified by someone, uh, either someone issuing individual credentials, essentially think of it almost like a delegated KYC or business credential, uh, so a KYA, a full KYA. Um, and that's where I do think we have all the right technological pieces uh to land on something that's gonna be much safer even than the current system. Um that said, again, like we were discussing before, the frequency of these transactions, the new types of module modules in which they will be implemented will be novel. And so I'm sure there's gonna be ways to exploit them that we haven't seen yet.
Justin FriedmanSo let's talk a little bit about consumer protection. I think sometimes about a professor that I had in college who warned us at the dawn of the internet that we did not need to put our financial information into a web browser. We did not need to buy those movie tickets in advance. Why not just walk up to the box office and buy your tickets just before the show? You're putting yourself at risk by uh sharing your most confidential information, and it's gonna be breached, and you're gonna be harmed, and you're gonna get robbed, and your identity is gonna be stolen, and it's gonna be a big mess to clean up. And so I took that to heart at the time. But as time went on, I realized how normal it had become to buy your movie tickets in advance, to buy them on an app on your phone. And now today, if you wait until the last minute and walk up to the box office, you're gonna end up sitting in the front row. So you really don't have a choice but to put your credit card into a web browser and buy those tickets in advance. And we have gotten used to conducting all this kind of commerce online, and the protocols around it have matured. So I don't know if my professor from 20 years ago is still concerned about her uh financial information in a web browser, but she's probably grown accustomed to it just like you and I have, because we know that there are institutions that are managing this risk and protecting us. So we have Reg E, which actually provides a right to consumers to dispute unauthorized electronic fund transfers. And this is kind of uh a line of defense that we depend on when we present our credit card for payment. And we know that there's
Consumer Protection And Liability As A Service
Justin Friedmana small chance that our number could be stolen and our identity could be compromised, and someone goes out there and goes on a shopping spree without our permission. But we also can count on the system to reimburse us if we are taken advantage of. The authorization framework it created assumes that there is a human in the loop who either did or did not authorize the transaction. When a consumer delegates authority to an AI agent and the agent acts outside the scope of those instructions, say it buys the wrong thing at the wrong price, or maybe in the wrong quantity, or delivers it to the wrong place and it gets lost. Does the consumer still have a claim to be compensated?
Christian CataliniI think the systems will develop to you know land on different solutions depending on where the market really is. Um, even if you take payments, right, the arrangement we have in the United States around credit cards is a lot more consumer favorable and friendly than the one that you, for example, have in Europe. Um, as a result, the US model is heavily skewed towards the idea that if you have protections, if you feel always confident in a transaction, say you're ordering maybe something from Amazon or whatnot, um, you can return the goods, you you'll be able to dispute the claim. Um, and that leads you to use those media a lot more and trust them all the time. And so I think it's generally good for consumption. Uh in Europe, of course, there's a bit more burden on the consumer. And so as a result, digital payments probably are not as far into the daily lives, although they're rapidly catching up. Uh, I think with the genetic payments, we're gonna see the same. Where right now, again, if you're tinkering with something like an open claw or mess, uh, and you're crazy enough to give them crypto or even traditional financial credentials, you're probably on the bleeding edge. There's a good chance that things will go wrong. Uh, but maybe you'll save some time in your daily, daily schedule. Um actually, the the one of the teams at Visa released a little NCP server where you can actually authorize um a transaction um using using essentially a traditional card, but delegating to your agent. Um, these are early days and the protection are pretty, pretty light. Uh, and of course, things will go sideways. Um, but over time, I think the market will figure all of this out. Um, in fact, in the paper, one of the things, one of the trends we identify for the future here is what we call the switch from software as a service, which we're all familiar with, to liability as a service. Today, you know, you're buying some software, you're relying on some software, you're essentially paying for a license or paying for a seat. In the future, especially as these clothes become more agentic, you're essentially buying labor because these agents will perform what typically a person may have done for you. And so companies will increasingly ensure not just the software, but also the outcome. Um, and so if you're doing an agentic payment, you will probably have some sort of protection where you will know exactly that if the agent goes rogue, there's gonna be an appeal process and something to restore the confidence in that transaction. Um, again, for these systems to work, we'll need stronger verification and provenance and stronger forms of identity. But eventually, I think for consumers is gonna be pretty much invisible. People will know they can trust the agent. Yes, sometimes we'll things will go wrong, and there'll be some headlines, you know, of entire companies doing something terribly wrong along the way. Uh, but the market, I think, will push for strong protections, whether backed into the media or uh through regulatory intervention on some dimensions.
Justin FriedmanWhen you think about how policymakers in different jurisdictions approach consumer protections, what is the economic argument for or against extending the protections that we talked about to agent-initiated transactions? Who should bear the cost of chargebacks? How does a consumer even initiate a dispute?
Christian CataliniI think a lot of it will depend on, again, what type of transaction are we talking about? Um and for those that resemble the traditional uh things that consumers will do, I think we'll err on the side of supporting the consumer uh if the agent goes wrong. Again, these models are getting better and better. And the more we have templates and data for that type of transaction, the least the problems I think will be actually relevant. Uh, I think the systems will become actually quite trustworthy pretty fast for most things. You know, call it 80% of what consumers want to do on a daily basis. Uh, then on that remaining 20%, I think there's gonna be edge cases and escalations, right? So you could imagine a model where um you explain to your agent kind of what do you want to get done, uh, what the parameters are, what the budget is. And then there's gonna be the guardrails that will keep control. And most of the time, they'll work silently. Every now and then, you know, you'll be presented with a choice, and that's when you probably will have to pay attention.
Justin FriedmanSome stakeholders are raising a concern that I think deserves more attention than it's gotten so far. The possibility that an agent optimizes for interests other than the consumers, such as routing purchases through preferred partners, favoring merchants that pay the platform for deal flow, or just being biased in ways that the consumer can't detect. Banks and card issuers have fiduciary obligations to their account holders. AI agent developers do not, should they? Is that a question for regulators or standard setting bodies, or does it require a different kind of institutional framework that doesn't even exist yet?
Christian CataliniI would imagine for transactions that do carry an important fiduciary responsibility, we will mirror what we've done previously. And so if you imagine, you know, meaningful life choices like financial advice, investments, uh, or uh or anything else with consequences, um, the agents will have to at least disclose really clearly, you know, who they're actually operating for. Um maybe it's a free agent, so you know, uh, emperor on uh on that one. Um and then uh for other situations, I think the market will have different models. Um so we will see agents that are paid by the user, we will have agents that will operate on behalf of the seller or the business. Um and I think we're actually driving towards the future where uh, in a sense, we're going back to the bazaar. Uh, what do I mean by that? Um today, a lot of payment interactions are kind of standard, although already we get presented with different prices depending on the time of the day we browse, our browser, what type of device we're on. So there's all sort of sophisticated price discrimination already happening in the market where AI is already in the flow, it's just invisible. Um, in the future, you could imagine a user agent and say a publisher agent negotiating back and forth on the terms of that transaction and customizing it for every single deal. That would have been impractical before. I think it opens interesting questions around price discrimination and when is it uh helpful to society versus harmful. Um, and I'm sure we'll have to you know correct for all sorts of abuses uh that will take place. Um I'm still pretty confident that it's gonna be net positive because to some extent, these agents take take on a lot of the grunt work uh that you know was the source of what I call the blockbuster late fees. Uh, you know, all these little frictions that society has created for us that often prevent us from making a weird choice. Uh to go back to fintech and payments, just to think about you know, when is the last time that you change your core checking account? Uh it's measured in years for most people, right? I think I've done it.
Justin FriedmanI think I've done it twice in my lifetime.
Christian CataliniThere you go. So um the one reason why, you know, I think a lot of the attention around clarity is mostly kind of you know a show uh where where incumbents are trying to delay some of the inevitable for as long as they can is that FinTech is coming for some of these frictions with AI, with or without stable coins. The fact that people are holding large balances in their checking account and not earning any yield uh is just an artifact of how hard it is to move funds between different systems. And then maybe you need to do your quarterly estimated payments and have the funds available. You need to route them between different service providers. Our checking account is still the only interoperability layer we have in our financial lives and it's ridden with friction. Um, you can imagine in a few months an AI agent coming to you, understanding your financial behavior and everything else, and now saying, first of all, well, this bank doesn't serve your needs, you should switch to this other provider. Don't worry, I'll take care of all their routing account number, complexity, and nightmare, update all your payment methods and switch you over. And by the way, I'm not gonna keep a balance in your checking account. I will sweep it automatically, kind of like a corporate treasury, put it to work, and then you'll have it back just in time for your payments, your mortgage, whatever you need to get done. I think we're going towards a future with less. Friction. And typically friction is how we get robbed on fees, charges, and nothing else. So the blockbuster late fees of financial services are going away.
Justin FriedmanSo we may be on the verge of a total paradigm shift in terms of e-commerce. But let's assume, for the sake of argument, for the time being, that the payment layer is going to remain that source of friction and the place where there is the most opportunity to protect the end user from being taken advantage of. How would you build a proper harness around agenc payments to make them safe?
Christian CataliniYeah, I think there's some founders already working in that direction. And what I've seen from the most thoughtful ones is they're approaching this not as a technological problem, but as a kind of a workflow problem. Imagine a founder that wants to create an AI-native bank, right? It's not so much as, okay, which with stablecoin Rails to use, which payment system to integrate with. I think all of that is sort of figured out. The key is like, how do I translate what a human would have done in the past into what an agent has to do today? How do I ensure that if a CFO wants to connect to this AI bank so that the treasury becomes a smart treasury, they can trust that their funds will be available when they need them, will be deployed in a way that's compliant with the company's intention. And then that the system cannot be abused. I think that's the layer where most of the value will accrue. Those are the shovels in the AI and fintech gold rush, as well as in the stablecoin one. The technology is solved, the regulatory framework for stablecoin is solved. So now it's all about you know, payments are not just the movement of value from A to B. It's everything else that needs to happen to make sure that the payment is actually what was intended. It's correct, reflects kind of a real decision, and it's compliant.
Justin FriedmanKristen, let's examine market structure. It seems like every major global payments player, Visa, MasterCard, Google, OpenAI, Stripe, PayPal, has staked out a competing protocol for agentic commerce. You wrote in 2024 that stablecoins may be winner-take all markets. Is the same dynamic at work with agentic payment protocols?
Christian CataliniI think for sure. Um each one of these companies is trying to become the standard and there's massive value in being first. Um that said, uh, I do hope that open standards prevail. Uh if we land in a scenario where all of agentic commerce or you know most of agentic commerce is bottlenecked into like a single blockchain, a single ecosystem, uh, then I think a lot of the value will be lost. Um, the reason why these companies are pursuing this right now is because, again, the use cases are still to be defined, some of them. Um, and so if you can attract the right type of experimentation, the first killer apps of agentic commerce will be on your system. Um, most of these protocols are similar. They pretty much achieve all of the same things. Um, the question is which ones strike the right balance between some of the controls versus the flexibility and also the openness that will deliver the true value of agente e-commerce. Uh again, I think there's a big chunk of agente commerce that will be folded into what we already have today, whether with the card networks or the traditional PSPs. But then probably the most fascinating part is a bit like with the early days of the internet, right? We would have predicted the rise of something like YouTube or social media and everything else that came after it. Um, that's where I do think uh things like X402 and some of these open experiments have a lot more potential of figuring out something that's truly
Protocol Wars And Concentration Risk
Christian Catalininovel and breaks kind of the constraints of the old system.
Justin FriedmanYou sound pretty sanguine about this. I mean, should policymakers be concerned about systemic risk or concentration risk, about pricing power? If the protocol that wins determines who owns the customer relationship, who sets prices, who controls the economics of commerce at scale, what does that concentration risk look like? Is it analogous to anything we've seen before?
Christian CataliniI mean, that was the main concern when we were uh trying to launch Libra, right? Uh regular Missville across the globe were really concerned about okay, if big tech companies or even just Facebook at the time now Meta, right, controls the stack, uh, what does it mean for everything downstream? Is there going to be like one single wallet where everybody custody's value across the globe? Um I think the technology and especially AI are very centralizing. Uh so they they do accelerate traditional advantages like network effects and capabilities of scaling systems much more drastically than before. I think we will see over the next few years the first truly global fintech that can reach billions of users and serve in a bank-like format a number of customer or business needs across the globe. Uh and so I would say maybe the first and more immediate battle and the focus for regulators should be on the true openness of these systems. Even in the blockchain space, um, you know, we're still seeing this tension between uh what being called corp chains. Uh, so essentially blockchains that are sort of have a strong sponsor, a bit like Libra with Facebook. And although they're they're pushed under the premise of like these are open networks, if you look at who controls the architecture, who defines the standard, who really orchestrates the partnerships between the initial design participants, uh, there's a single entity. And if we're going in that direction, we're giving a lot of market power to a single um corporation or group. Uh, and and in a sense, we're throwing the baby with the bat water. Uh after all, I think the old promise of blockchains is um through open networks like the internet, where power is distributed, and essentially you can build knowing that you will not be expropriated by anyone uh in particular.
Justin FriedmanWell, the existing regulatory framework governing payments was designed around risk management at institutions like banks, card issuers, non-bank payment companies, and the networks that serve as their plumbing. If a dominant AI agent platform comes to intermediate a critical mass of domestic or even global commerce, and that platform is routing stablecoin payments at scale, can we expect this legacy framework to contain that risk? Are we relying on a paradigm that will prove inadequate at exactly the moment it matters most?
Christian CataliniI would imagine at that point, like it happened with Libra, uh FSOC will call in the executives of such a company and will want to discuss all the potential risks. Um we'll have a new form of globally systemic institution uh that is essentially an intelligence company that is intermediating, uh whether you know on Rails or not, or multiple rails. Uh at that point, I think the financial piping may not even matter. But the intelligence piping might be where all the value accrues and where all the you know side effects could be could be hidden.
Justin FriedmanOkay, so looking abroad, the UK's Financial Conduct Authority published its 2026 payments regulatory priorities report in March and named agentic payments as a live policy question for the very first time. The FCA seems to be signaling that it may need to rewrite payments regulation rather than simply interpret existing frameworks. The U.S. posture, at least from the industry side, is that existing principles around authorization, consent, and liability are sufficient to protect users in the system. You've presented before regulators many times. Which approach do you think meets the moment? Moving early and accepting some risk of laying down imperfect rules or waiting to see how the tech and market structure develop while industry practices become a de facto standard?
Christian CataliniYeah, that's a little bit of a loaded question, I feel like. Um historically, I would say the latter is the one that works, right? When you have something that is extremely fast moving, uh, of course you need to be able to intervene if something goes terribly wrong or is about to go wrong rapidly. But trying to set rules at a stage where things are so uncertain usually backfires, right? So if you look even on the recent stablecoin scenario and you compare Micah to Genius, Genius is going to be a lot more practical and commercial. Um and I mean, of course, the dollar as the global reserve currency is already a massive advantage in defining the standard for what you know stablecoin ecosystem on a global scale could look like. Um, but when you try to regulate too narrowly and too space in a way that's too specific too early, you you end up inevitably having casualties in terms of the business models, in terms of the experiments that can arise. So I would say the best posture is to be on alert and be aware and be informed and be in touch with industry, but also to
Regulate Now Or Let Standards Emerge
Christian Catalinicreate that space for experimentation. And in sectors that are particularly sensitive, then maybe a sandbox or something that you know allows some degree of experimentation within safe bounds, may also be a good option without being overly prescriptive on what operators can and cannot do.
Justin FriedmanI want to close on a question about legitimacy because I think it underpins all of this. The promise of agentic commerce is that AI agents will make better decisions than humans, find better prices, more personalization, less friction. But that promise only holds if consumers trust the agent acting on their behalf, trust the payment rails, and trust that someone or I don't know, maybe something is accountable when it goes wrong. Given your experience and specifically what DM taught you about the relationship between technical design and institutional trust, what do you think builders need to get right to ensure that agentic payments actually earn that trust rather than simply assuming it?
Christian CataliniI would say look back at the history, and essentially this is very similar to the example you were mentioning about your professor, right? The early days of the internet, um, very much like now, people are experimenting with these agentic workflows, there was a lot of risk, right? You were probably typing your credit card uh numbers on a non-encrypted form that was blending in somebody's email, uh, which of course, you know, by today's best best practices would be completely absurd. Um but eventually you had the likes of PayPal uh experiment with, you know, how do we ensure that an eBay seller, uh, that that simple transaction between a merchant and a buyer can be trusted? Um we we tend to forget, but in a sense, the success of eBay was closely tied uh to having better payments uh so that people could actually trust that transaction. I think in the agentics space, a lot of people are really extremely focused on the agent itself. Uh, but I I think you're spot on. Uh, whoever can solve for the trust piece and really ensure that the user feels in control, feels like if things go wrong, they have recourse, uh, feels like they have visibility in what's going on behind the scene, even if they don't have to do the grant work. That's
Designing Trust And Recourse For Users
Christian Catalinithe type of agent that will earn the consumers trust. Uh, and as we all know, once you have the trust, then you will be using it uh uh in an extensive way. These agents, I think, can really promise to save a ton of time, a ton of costs, uh, and really optimize our lives in a way that we could not have done unless you know you had essentially a personal assistant just working for you 24-7 across all of these issues. Um But of course, you know, the way we tend to trust someone is after knowing them, after making sure that they understand our needs, our guardrails, what we actually want to get done. And so for both in that initial translation layer between the human intention and what the agent will later do. And later, once the agent is operating on their own, uh, are they actually following through and are they trustworthy? That's that's where I think a lot of startups uh will will really build the next billion-dollar companies.
Justin FriedmanYou seem to perceive this all happening pretty quickly. I I wonder about my college professor and how many years it took her to get comfortable putting her credit card into a web browser or eventually a smartphone app. And um we'll see how how quickly this paradigm shift happens. We should probably come back a year from now and compare where we are then because um I think things aren't gonna look that different from they where they are today, but uh maybe you see it differently.
Christian CataliniTend to be an internal optimist on all of this. I mean, after all, we we started you know working on Libra in 2018, and here we are in 2026, and stablecoin are you know barely starting to do some of the things that we wanted to do many years back. So I think you're absolutely right. And regulation and policy as a way to slowing things down to a crawl on some of these dimensions. That said, I think the quote that always sticks with me is the idea that we tend to overestimate how quickly things can change in the short run and underestimate the long run. I will add to that as a corollary. Right now, the speed at which these models are advancing is something that we've never experienced before. And so maybe the correction to that would be that if you account for exponential growth in foundational model capabilities, I do think it's fair to believe that in 12 months, a lot of things will break, even things we've been relying on for decades. And so plenty of opportunities there to build and fix the things that will break. As well as, you know, some of these paradigms may move much faster than before. Um, after all, you know, once you can delegate safely, then you're moving at agent speed, which is probably the future we're going towards.
Justin FriedmanWell, as they say, you must break a few eggs to make an omelet. So, Kristen Catalini, thank you so much for your insights today. Really appreciate having you on the stable pulse. And I look forward to continuing this conversation with you online and offline. Thanks, Justin. It was a pleasure.