Contractual Liability in Agentic Commerce: Key Considerations

Agentic commerce marks a structural shift in how payment transactions are initiated and executed. In this model, AI systems act on behalf of consumers to search, evaluate, and, in some cases, complete purchases with minimal human intervention. While the commercial appeal of this model is clear, it introduces some complexity around how liability should be understood and allocated across the participants in an agent-initiated payment transaction. Unlike traditional e-commerce, where responsibility can be traced directly from user to merchant through a relatively linear payment chain, agentic commerce introduces multiple decision-makers and intermediaries with each performing a distinct function. In this update, we highlight the emerging nature of contractual liability between key nodes within an agentic commerce transaction flow.

1. The End User

It appears that the end user will remain the economic principal in agentic commerce transactions, primarily because, it is the end user’s funds that are deployed, and it is typically the end user who authorises the AI agent to act within defined parameters, such as spending limits or merchant categories. From a legal perspective, it is unlikely that such delegation will eliminate user responsibility altogether. However, while an end user may authorise an agent to make purchases, they do not usually control the agent’s internal logic, optimisation strategies, or error handling. The end user’s legal exposure may therefore depend on whether the disputed transaction can reasonably be characterised as a foreseeable consequence of the authority granted, or whether it arose from agent behaviour beyond the user’s contemplation.

2. The AI Shopping Assistant Provider

The provider of the AI shopping assistant occupies a central position in the liability analysis, because it designs the agent’s capabilities, the degree of autonomy, and the safeguards that govern how the agent interprets user instructions. In practical terms, this places the AI provider in a position of functional control, even where contractual terms attempt to characterise the agent as merely a user tool.

Where an agent acts in a way that reflects system design choices rather than direct user instruction for example, selecting a merchant, timing a purchase, or executing a transaction based on probabilistic inference, contractual liability may rightly point toward the provider of the AI shopping assistant. This is particularly so where consumers rely on representations about safety, accuracy, or oversight in deciding to delegate purchasing authority.

 3. The Payment Network and Issuer

Payment networks together with issuing banks, provide the transactional infrastructure that enables agent-initiated payments to settle. Their role is largely confined to authentication, authorisation, tokenisation, and dispute handling within existing card scheme rules. Typically, payment networks do not participate in the commercial decision to purchase, nor do they control agent behaviour. As a result, their liability exposure is typically limited to payment system failures, fraud handling, or scheme rule breaches, rather than errors in agent decision-making or merchant selection. Products such as agent-enabled payment tokens are designed to preserve this allocation by embedding agentic payments within established risk frameworks.

4. Wallets and Intermediaries

Where wallets or payment intermediaries are involved, they often function as the primary interface between the user and the payment system. In agentic commerce, this layer may include permission management, spending controls, and transaction confirmation mechanisms. This positioning creates a hybrid responsibility. While intermediaries may not design the AI agent itself, they may influence how authority is granted and how transactions are surfaced to users. Failures in this control layer, such as unclear consent mechanisms or inadequate transaction visibility, may expose wallet providers to contractual liability, particularly where end users claim they did not meaningfully authorise a transaction.

5. E-Commerce Platforms

E-commerce platforms sit at the receiving end of the transaction with primary obligations centered around order fulfilment, consumer remedies, and system integrity. We are seeing that e-commerce platforms are increasingly seeking to limit their exposure to end users and merchants as well as regulatory risk, through contractual terms that restrict automated access or unauthorised agent interaction. We expect that disputes in this area likely to focus on whether such contractual restrictions are proportionate to the risk posed by user-directed agents or compliant with consumer protection legislation.

This publication is based on the authors' independent analysis, observations, and experience advising clients on regulatory and compliance matters. It is provided solely for informational purposes. The views expressed herein do not constitute legal advice or an official recommendation, nor do they represent the position of any institution or client. Readers should seek specific professional advice before relying on any part of this publication.