Three things happened in the same week, and they turn out to be the same story. Airwallex hit an $11 billion valuation on the back of a push into autonomous finance. Forter, the company merchants pay to decide whether a checkout is fraud, shipped a set of agents and opened its own data to other agents. And Quantifind took $200 million to hunt financial crime with AI. Read on their own, each is a funding-round footnote. Read together, they describe an industry putting real capital behind a customer it cannot yet identify.
The agent is becoming the paying party. The problem is that the machinery underneath was built to underwrite people, and no one has told it what an agent is.
Every part of the payments stack is being asked to stand behind a buyer that has no card, no device history, and no face. The money is moving faster than the answer to who that buyer actually is.
The money moved first
Airwallex raised $320 million and came out the other side valued at $11 billion, with the stated aim of moving into autonomous finance and agentic commerce. The framing matters more than the number. Airwallex is a cross-border payments business, the kind of plumbing that sits between a company and its banks. Pointing that plumbing at "autonomous finance" means building it so software, not a finance team, can initiate and settle a payment.
This is not a pilot or a press-release partnership. It is a primary capital round at a double-digit-billion valuation, priced on the bet that agents will be transacting at scale soon enough to justify it.
The demand side moved in the same window. Salesforce rolled Agentforce Commerce agents into its platform for both business buyers and consumers, putting an agent on the merchant's side of the counter. So the buyer can be an agent and the seller can be an agent, and the only human in some of these transactions is the one who set the whole thing running.
The fraud signal inverts
Forter's entire business is telling a merchant whether the entity behind a transaction is a real customer worth approving. The signals it has always used describe a human: device fingerprint, typing cadence, how the cursor moves, how fast the checkout was completed, whether this pattern of behavior matches a person or a script. For two decades, behavior that looked automated was the thing you blocked.
Now Forter has launched its own agents and opened early access to the Forter Model Context Protocol, a way for outside agents to pull its fraud context directly. Model Context Protocol, or MCP, is the emerging standard that lets an AI agent call a tool or data source in a structured way. Forter putting fraud decisioning behind an MCP endpoint is an admission that the things asking the question are now machines too.
That breaks the old model in a specific way. When the legitimate buyer is software, the signals that used to mean "block this" now describe the customer you want to approve. The fraud team's job changes from spotting non-humans to telling good non-humans from bad ones, and almost none of the existing tooling was built for that distinction.
Every signal that used to mean "this is a bot, stop it" can now belong to a paying customer. Fraud prevention has to learn the difference between an agent doing its owner's shopping and an agent doing someone else's.
Quantifind's $200 million says the same thing from the compliance side. The company scaled its Graphyte platform for AI-native financial crime detection, which is the defensive half of an arms race we have covered before: the same models that let criminals scale attacks are the ones banks are buying to catch them.
The gap nobody funded
Here is what the week's capital did not buy. Airwallex can move the money. Forter can score the transaction. Quantifind can flag the laundering. None of them answers the question that actually matters when an agent pays: did a human authorize this specific purchase, and can you prove it afterward.
That is the identity and authorization layer, and it is still mostly empty. An agent does not have a wallet in any settled sense, which is a problem we pulled apart earlier this year. When something goes wrong, when the agent overpays, buys the wrong thing, or gets hijacked by a prompt injection that rewrites its instructions mid-task, the chain of accountability runs straight into fog. The card networks have started here. Visa's Trusted Agent Protocol and Mastercard's Agent Pay both try to carry a credential through the transaction. We mapped the full set of rails earlier, and the consistent gap across all of them is the same: they move value and they pass a token, but they do not carry a verifiable, revocable mandate that says this human agreed to this spend, up to this limit, for this purpose.
Without that, every party in the chain is underwriting a buyer on trust. Airwallex trusts that the agent is acting for its owner. The merchant trusts that Airwallex checked. Forter scores a transaction it cannot tie to a person. The money clears, and the question of who actually agreed to it is left for a dispute that no one has built the tools to resolve.
What this tells you
The capital is ahead of the controls. That is either conviction that the controls will arrive in time, or exposure that will surface the first time an agent-driven transaction goes badly wrong and a court has to decide who pays. Both readings are live.
What to watch is whether the identity layer gets funded the way the rails just did. The signals are concrete. Does Forter's MCP endpoint eventually carry a mandate, not just a fraud score. Does Airwallex's autonomous finance ship with per-agent identity, or does it settle for trusting the developer. Do regulators start asking who holds liability when the buyer is a piece of software, before the first large loss forces the question.
For now, the order of operations is backwards. The industry has decided agents will pay, and priced that decision in billions, before deciding how anyone will know which agent did, on whose behalf, and with whose permission.
Sources
- Finextra: Airwallex targets agentic commerce after hitting $11bn valuation
- Finextra: Forter introduces five new AI agents
- Digital Commerce 360: Salesforce releases AI agents among B2B ecommerce updates
- PYMNTS: Quantifind Secures $200 Million to Scale AI-Native Risk Intelligence Platform
- Major Matters: State of the Stack, Agentic Commerce 2026
If the money clears before anyone can prove a human agreed to it, who do you bill when it was the wrong purchase?
Charlie Major is a Product Development Manager at Mastercard. The views and opinions expressed in Major Matters are his own and do not represent those of Mastercard.