Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

Securing AI Agents in Regulated Financial Services

Okta
05/26/2026
0
0 (0%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


TL;DR

  • Paysafe developed a "Know Your Agent" (KYA) framework to secure AI agents in financial services, creating a registry system where agents register and can be verified, addressing the inadequacy of traditional identity models for autonomous AI.
  • Human-in-the-loop governance is maintained through a mandate-based system requiring attestation for financial transactions and data movement, embedding compliance policies directly in agent execution paths rather than treating them as checkboxes.
  • Rather than blocking AI tools, Paysafe embraced generative AI with proper governance, achieving significant productivity gains while preventing shadow AI through visibility and control frameworks.
  • The framework includes comprehensive accountability measures: model provenance tracking, golden dataset testing, regression testing, clear kill switches, and detailed logging to meet compliance requirements.
  • Regulatory frameworks for AI agents lag behind technology advancement, but Paysafe is designing systems to anticipate future regulations around limits, ephemeral credentials, and audit trails based on historical regulatory patterns.

The Know Your Agent Framework for Financial Services

Paysafe's Chief Architect Amar Akshat introduces a novel approach to securing AI agents in regulated industries through the "Know Your Agent" (KYA) framework. This framework addresses the fundamental challenge that traditional identity models—built around humans and system accounts with long-lived trust boundaries—cannot adequately secure autonomous AI agents. The KYA framework creates a registry where merchants' AI agents register and can be verified by other systems, establishing provenance and accountability. This approach recognizes that agents challenge the existing trust model where employees or system accounts are trusted for extended periods, instead requiring continuous verification and attestation for short-lived agentic credentials.

Human-in-the-Loop Governance and Compliance

The conversation explores how Paysafe balances AI automation with regulatory requirements by implementing a mandate-based approval system. Whenever financial transactions or data movement occurs, human attestation is required through a seamless user experience—such as face ID or passkey authentication. This approach maintains compliance within existing regulatory frameworks that don't yet recognize AI agents as autonomous actors. The system tracks the complete chain from intent mandate through cart mandate to execution mandate, ensuring accountability while keeping the user experience frictionless. Akshat emphasizes that compliance cannot be a checkbox exercise but must be embedded in the agent's code execution path using policy frameworks like Open Policy Agent.

Productivity Gains and Shadow AI Prevention

Rather than blocking AI tools due to security concerns—a common initial reaction in regulated industries—Paysafe chose to embrace generative AI with proper governance. Akshat explains that blocking AI simply eliminates visibility, as employees will use these tools regardless, creating shadow AI risks. By implementing proper frameworks and controls, Paysafe has achieved significant productivity improvements through generative code technologies while maintaining security and compliance. The approach includes rigorous testing against golden datasets, regression testing for model changes, and comprehensive logging of model provenance, training materials, and confidence scores to establish accountability and enable reproducibility.

Chapters

0:00 - Introduction and Role Overview
1:41 - Embracing AI in Regulated Industries
3:21 - Know Your Agent Framework
5:22 - Human-in-the-Loop Decision Making
7:26 - Accountability and Transparency
9:58 - Compliance and Regulatory Considerations

Key Quotes

2:21 "One thing we realized quite early on at Paysafe is that if you block things, you are just blocking visibility. Because the landscape of AI is evolving so fast that people will use AI on a day-to-day basis, and with you just blocking it, you're just encouraging them not to be visible around using it."
4:22 "Agents challenge that fundamentally. We at Paysafe are exploring this opportunity of creating a know your agent framework, which is where we expect that our merchants who do business with us, their agents will come and register, and then any other system which is trying to interact with those agents will be able to verify those agents."
8:28 "When things go wrong, you cannot go to the compliance people and say, I'm sorry, my model behaved wrong. Model is a mathematical entity. It cannot behave wrong if inputs are same."
9:33 "Compliance is not a tick box here. It is in the code path of agent. Compliance and compliance policies have to be defined using a policy framework such as open policy, and then allow your agent to use them in the code's execution path."
10:51 "From experience, and from being in the industry, you will know that it will follow the same curve of regulatory patterns. It will be about limits. It will be about ephemeral credentials. It will be about being able to audit the AI actions after they have happened."

Categories:
  • » Cybersecurity » Compliance & GRC
  • » Data Protection
Channels:
News:
Events:
Tags:
  • Identity & Access
  • AI & Machine Learning
  • Compliance & Governance
  • Executive Briefing
  • Interview
  • AI Agent Security
  • Identity and Access Management
  • Financial Services Compliance
  • Know Your Agent
  • KYA
  • Framework
  • Agentic AI Governance
  • Human-in-the-Loop AI
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: Securing AI Agents in Regulated Financial Services

              Upcoming Webinar Calendar

              • 05/27/2026
                10:00 AM
                05/27/2026
                Adopting AI: From Illusion to Intentional Control
                https://www.truthinit.com/index.php/channel/1924/harnessing-ai-transforming-illusion-into-purposeful-mastery/
              • 05/28/2026
                01:00 PM
                05/28/2026
                Harnessing AI for Smaller Teams: Strategies for Secure Implementation
                https://www.truthinit.com/index.php/channel/1951/harnessing-ai-for-smaller-teams-strategies-for-secure-implementation/
              • 06/02/2026
                01:00 PM
                06/02/2026
                Spring of Satori: Delving into Recent Findings and 2026's Threat Landscape
                https://www.truthinit.com/index.php/channel/1930/spring-of-satori-delving-into-recent-findings-and-2026s-threat-landscape/
              • 06/10/2026
                12:00 PM
                06/10/2026
                Deciding Between Purchasing and Developing Solutions
                https://www.truthinit.com/index.php/channel/1983/deciding-between-purchasing-and-developing-solutions/
              • 06/10/2026
                02:00 PM
                06/10/2026
                Deciding Between Building or Buying Data Classification: Understanding DIY Costs
                https://www.truthinit.com/index.php/channel/1985/deciding-between-building-or-buying-data-classification-understanding-diy-costs/
              • 06/16/2026
                07:00 AM
                06/16/2026
                Prioritizing Solutions: Transforming Data Risk into Actionable Steps
                https://www.truthinit.com/index.php/channel/1952/prioritizing-solutions-transforming-data-risk-into-actionable-steps/

              Upcoming Events

              • May
                27

                Adopting AI: From Illusion to Intentional Control

                05/27/202610:00 AM ET
                • May
                  28

                  Harnessing AI for Smaller Teams: Strategies for Secure Implementation

                  05/28/202601:00 PM ET
                  • Jun
                    02

                    Spring of Satori: Delving into Recent Findings and 2026's Threat Landscape

                    06/02/202601:00 PM ET
                    • Jun
                      10

                      Deciding Between Purchasing and Developing Solutions

                      06/10/202612:00 PM ET
                      • Jun
                        10

                        Deciding Between Building or Buying Data Classification: Understanding DIY Costs

                        06/10/202602:00 PM ET
                        More events
                        Truth in IT
                        • Sponsor
                        • About Us
                        • Terms of Service
                        • Privacy Policy
                        • Contact Us
                        • Preference Management
                        Desktop version
                        Standard version