What is Know Your Agent (KYA) and why does it matter?

AI agents can now open accounts, execute payments, and process transactions with no human in the loop. Know Your Agent (KYA) is the verification framework that establishes who authorised each autonomous action by binding agents to a verified human identity, not just a machine credential.

An AI agent today can open a bank account, submit a loan application, process a batch of supplier payments, conduct due diligence on a counterparty, and flag a compliance exception, all before a human analyst reads their first email of the morning. That is not a projection. It is the current capability of production-grade agentic systems operating across financial services, procurement, e-commerce, and enterprise workflows right now.

The shift from assisted to autonomous is where the compliance gap opens. Earlier automation required technical expertise to deploy and operate in narrow, predictable ways, which made it a manageable risk signal. Agents built on large language models behave differently. They adapt to context, navigate multi-step workflows, and interact with systems using natural language.

A legitimate agent completing a payment on behalf of a verified customer and a fraudulent agent draining accounts using stolen credentials can follow identical behavioral paths through the same API. Traffic volume, session timing, and interaction patterns are no longer reliable separators between the two.

The scale at which this is happening makes the differentiation problem urgent. AI-driven traffic grew 187% across 2025, and it concentrated on account creation flows, authentication pages, and checkout; the exact surface fraud operations have always been prioritized. Nearly 60% of companies saw fraud losses increase over the same period, with agentic AI named among the top emerging threat vectors.

Blocking all agent activity is not an answer. Most of it represents real users saving time. The compliance question is a harder one: who authorized this agent, what is it permitted to do, and can that authorization be traced back to a verified human if something goes wrong? That is the problem Know Your Agent (KYA) was designed to solve.

What is Know Your Agent?

Know Your Agent (KYA) is a risk-based framework for verifying, governing, and holding AI agents accountable by establishing their identity, binding them to a responsible human or organization, and enforcing authorization, oversight, and auditability across every autonomous action.

It is the natural extension of Know Your Customer (KYC) and Know Your Business (KYB) into the agentic layer of the digital economy. Where KYC asks “who is this person?” and KYB asks “who is this business?”, Know Your Agent verification asks “who built this agent, who authorized it, and what is it permitted to do?”

KYA is the identity layer for autonomous systems

KYA treats an AI agent as a verifiable entity with its own identity, one that must be registered, authenticated, and scoped before it can access systems, APIs, or sensitive resources. Just as a financial institution cannot onboard a customer without verifying their identity, a payment platform cannot safely allow an agent to initiate a transfer without knowing who that agent is and who sanctioned its actions.

The stakes differ from KYC in one critical respect: agents do not slow down. A human customer submits one application at a time. An agentic AI agent can submit thousands simultaneously, which is precisely what makes unverified agent activity so dangerous at scale.

What Know Your Agent verification cover

KYA verification spans four interdependent layers: agent identity (what this agent is as a technical and organizational entity), authentication (proving the agent is who it claims to be), authorization (defining what the agent is permitted to do and under what conditions), and auditability (creating a traceable record of every action back to the responsible human).

The most critical layer and the one most implementations currently omit is the human link. A machine credential tells you the agent exists. Know Your Agent verification tells you who stands behind it and whether that person actually approved the action being taken right now.

Why AI agent verification has become urgent

Agentic AI is not a future state. It is the present condition of digital commerce, and the gap between deployment speed and security readiness is widening at a pace that fraud operations are already exploiting.

AI agents are reshaping fraud surfaces

Gartner predicts that 40% of enterprise applications will embed task-specific AI agents by the end of 2026, up from less than 5% in 2025, an eightfold expansion in a single year. That deployment curve means agents are active across virtually every business workflow that touches sensitive data or financial action. The problem is that agents completing legitimate tasks and agents executing fraud use the same APIs, the same authentication flows, and the same checkout paths. Traditional bot detection was built on behavioral differences. That difference is now negligible.

The accountability gap in agentic commerce

The fraud data reflects the consequences. The FBI’s 2025 Internet Crime Complaint Center (IC3) Annual Report, published in April 2026, recorded $20.9 billion in cybercrime losses, a 26% increase year-on-year, and the first time losses have exceeded $20 billion. Notably, the 2025 report included a dedicated AI crime section for the first time in the IC3’s 25-year history, logging 22,364 AI-related complaints with adjusted losses exceeding $893 million. Regulators are naming the category because it has grown large enough to track separately.

The common thread is accountability. When an AI agent transacts without a verified identity chain connecting it to an authorized human, there is no audit trail, no responsible party, and no mechanism to stop the same agent from acting again.

[INSERT INFOGRAPHIC 1 HERE | alt: “The agentic AI gap — AI agent deployment vs security readiness statistics 2025–2026” | section: “Why AI agent verification has become urgent”]

The three layers of KYA compliance

Effective AI agent compliance works across three distinct but interdependent layers. Skipping any one of them leaves a gap that sophisticated fraud operations are already designed to exploit.

Each layer is necessary but not sufficient on its own. Authentication without authorization means you know which agent logged in, but not whether it should be allowed to execute a wire transfer. Authorization without human accountability means permissions exist on paper but cannot be enforced if the person who granted them is a fraudster or a compromised account.

Effective agentic AI agent verification connects all three layers to a fourth: human accountability. The agent is authenticated as a technical entity, its permissions are scoped and time-bound, and every action it takes is traced back to the verified individual who authorized it. That chain is what makes enforcement possible: if the human behind the agent is flagged, the agent’s access is revoked.

Where KYA fraud prevention matters most

KYA fraud prevention is most pressing in environments where agent-driven automation is already at scale, and the consequences of unverified action are directly financial.

In fintech and payments, the attack surface is immediate. Agents submit batch payments, process fund transfers, and interact with open banking APIs on behalf of users. Without authorization controls, card draining, mass-payment fraud, and account takeover can be executed at machine speed by a single compromised agent. The compliance requirement here is not just knowing the agent; it is confirming, in real time, that the human behind each high-value action is who they claim to be and is actively consenting to it.

In e-commerce and ticketing, agentic behavior is increasingly indistinguishable from legitimate customer activity. An agent buying event tickets, executing automated purchases, or submitting bulk orders uses the same flows as a genuine shopper. The KYA challenge is not blocking all agents; most of them represent real users, saving time. It is distinguishing authorized automation from abuse, and ensuring that abuse remains attributable to a real, verifiable person.

In enterprise workflows, agents access internal systems, HR records, procurement platforms, and financial data. Fine-grained authorization and continuous behavioral monitoring are the controls that prevent a trusted internal agent from becoming a data exfiltration or insider-threat vector.

The regulatory environment is moving to reflect this. In January 2026, Singapore’s Infocomm Media Development Authority (IMDA) published the world’s first cross-sector governance framework for AI agents, extending Financial Action Task Force (FATF) Travel Rule principles to require verified identity exchange not just between institutions but across agent-initiated and agent-to-agent transactions. Other jurisdictions are developing comparable frameworks, and the early movers in AML compliance are already treating KYA as part of their ongoing monitoring architecture.

Shufti’s approach to AI agent compliance

The weakest point in most KYA programs is the final one: connecting agent activity back to the verified human who authorized it. Most organizations secure the machine layer cryptographic credentials, OAuth tokens, and mutual TLS, and stop there. What they leave unaddressed is the accountability layer: who is the real person behind the agent, and are they actively consenting to what the agent is doing right now?

Shufti’s fraud prevention stack approaches this from the human side outward. Behavioral analytics score each session for anomalous patterns, action timing, sequencing, and behavioral entropy that distinguish agent-driven activity from genuine user behavior. Device intelligence identifies instrumented environments and flags sessions inconsistent with a known user profile. Liveness detection confirms, in real time, that a verified human is present and authorizing high-risk actions. Together, these controls make the human behind the agent the accountability anchor, not just the agent itself, which is where effective KYA fraud prevention begins.