When the Buyer Never Sleeps: Why AI Agents Need Finance Controls, Not Just APIs

An engineer lets an agent run loose for an afternoon. No spending cap, no approval step, just "see what it can do."

$11,000 later, we find out what it can do.

That bill wasn't from a hack or a bug. It was the agent working exactly as designed — spinning up cloud servers, buying data subscriptions, hiring freelancers through APIs. The engineer got exactly what he asked for: a tireless assistant that never second-guessed a purchase.

That incident was on my mind this week when Coinbase shipped agents that trade crypto, rebalance portfolios, and pay for their own research. No human at the keyboard. No "click here to confirm" button. The agent places the trade and pays the invoice, agent to agent, over an open payment protocol.

Most agent demos stop at "here's my recommendation." This one executes the recommendation and settles the bill. We just crossed a line most people didn't realize we were approaching.

The Checkout Button Problem We Solved Before

This isn't our first rodeo with non-human buyers.

When credit cards moved online in the late '90s, merchants panicked about fraud. The industry's response wasn't to make checkout harder — it was to wrap every transaction in invisible controls. Velocity limits, geographic flags, spending patterns, address verification. The checkout button stayed simple. Everything behind it got smarter.

The fraud never came from the "Buy Now" button. It came from everything missing behind it: no spending cap, no approval workflow, no way to answer "why did this charge appear at 3am?"

We spent twenty years solving that problem for human buyers. An AI agent needs every one of those controls. Except it transacts a thousand times an hour and never gets bored trying.

What Actually Ships When You Ship an Agent

I've been advising clients on AI integration for the past year, and the pattern is consistent: teams prototype the capability, fall in love with the demo, then discover the operational nightmare on day thirty.

The agent that seemed brilliant during testing becomes the compliance team's worst fear in production. Not because it makes mistakes — because nobody can explain what it did, why it did it, or who told it that was okay.

Here's what Coinbase actually shipped:

• Based Agent: An AI that trades crypto on your behalf

• Wallet-to-wallet payments: Agents paying other agents for services

• Autonomous rebalancing: Portfolio adjustments without human approval

Everybody's watching the part where the software spends money. I keep staring at the part nobody put on stage: the authorization layer, the spending limits, the audit trail that proves what happened when something goes sideways.

The Controls Gap Nobody's Discussing

Let me walk you through what keeps me up at night.

A human trader makes maybe a dozen decisions a day. If something's wrong, you pull the trade logs, check the emails, interview the trader. Messy, but tractable.

An agent makes a dozen decisions a minute. If something's wrong at 3am on a Saturday, your audit question isn't "what happened?" — it's "which of these 47,000 transactions do I even start with?"

The questions I'm hearing from clients:

• Who approved this specific trade? (The agent's logic model, version 2.4.7, trained on data through last Thursday)

• What was the spending limit? (Nobody set one — we didn't think we needed to)

• Can we prove it wasn't compromised? (Define "compromised" for a system with no password)

• Who's liable when it loses money? (See below)

These aren't theoretical. I watched a client's finance team spend three weeks reconstructing an agent's decision tree after it triggered an unexpected tax event. The agent was working perfectly. The humans just didn't understand what "optimize for tax efficiency" meant to a machine that doesn't care about quarterly reporting calendars.

The Railroad Problem, Software Edition

Nobody gets fired the day the railroad arrives. The town just slowly empties out.

When railroads rewrote commerce in the 1800s, the towns that survived weren't the ones that built the biggest stations. They were the ones that rewrote their freight contracts, reorganized their warehouses, and trained clerks to read the new shipping schedules.

The infrastructure change was obvious. The operational doctrine change was subtle. Most towns missed it.

We're at that moment with AI agents. The capability is obvious — look, it trades! The controls rework is subtle: authorization schemes built for humans don't translate to software that operates at machine speed.

The winners won't be the organizations that deploy agents first. They'll be the ones that deploy audit logs, spending caps, and approval workflows that work when the buyer never sleeps.

But what do I know — I've only watched this movie four times. (Mobile payments, algorithmic trading, smart contracts, now this.)

What to Build Before You Build the Agent

If you're building for agents — or evaluating a vendor who is — here's what matters more than the trading logic:

Authorization layers that answer three questions:

1. Who said this was okay? — Not just at setup, but at transaction time. Policy-based controls, not just API keys.

2. What's the limit? — Spending caps, velocity limits, transaction size thresholds. Per agent, per day, per counterparty.

3. Can we prove it? — Immutable logs. Timestamped decisions. Audit trails that survive the agent deleting itself.

The trading algorithm is the easy part. Crypto protocols are elegant, the APIs are well-documented, the execution is fast. I'm not worried about whether the agent can trade.

I'm worried about whether you can explain to your CFO why it traded $2M of ETH at 4am on Sunday.

The Liability Question Nobody Can Answer

So here's the one I can't answer cleanly, and neither can anyone else I've asked:

When an agent makes a bad trade at machine speed, who's liable: the user who deployed it, the builder who trained it, or the protocol that executed it?

• If you told it to "maximize returns" and it bet the portfolio on a memecoin, is that your fault or its?

• If the training data was biased and it consistently loses money on a specific trade type, is that the AI lab's liability?

• If the smart contract executed exactly what the agent requested, but the agent misunderstood the terms, who pays?

The law hasn't caught up. The insurance products don't exist. The case law is pending.

In the meantime, every organization deploying autonomous agents is writing that case law in real time — they just don't know it yet.

This is why I keep coming back to controls. Not because they solve the liability question, but because they're the only thing standing between "the agent did something weird" and "the agent did something catastrophic before anyone noticed."

When the Buyer Never Sleeps, the Audit Log Is the Only Adult in the Room

We're going to see more of these agents. The capability is too useful, the efficiency gains too obvious, the competitive pressure too strong. Coinbase won't be the last.

The organizations that survive the transition won't be the ones with the most sophisticated agents. They'll be the ones with the most boring infrastructure: spending limits, approval workflows, audit logs that work at machine speed.

Because when the buyer never sleeps, the audit log is the only adult in the room.

What to Do Monday Morning

If you're evaluating AI agents — for trading, procurement, data subscriptions, whatever — here are the specific questions to ask your vendor:

1. "Show me the spending limit configuration." If they look confused, walk away.

2. "Can you generate an audit report for all transactions between 2am and 4am last Tuesday?" If that takes more than sixty seconds, your controls aren't production-ready.

3. "What happens when the agent hits the spending cap?" The answer should be "it stops and notifies a human," not "we haven't implemented caps yet."

4. "Who's liable if this goes wrong?" Read the contract. Then read it again. Then have your lawyer read it.

The agents are coming. The question isn't whether to use them — it's whether you'll build the controls before or after the $11,000 surprise.

I know which one keeps you employed longer.

---

What controls are you building around your AI agents? What questions are your finance teams asking that you can't answer yet? I'm collecting patterns — the uncomfortable kind that don't make it into vendor demos.