As AI agents take on increasingly consequential tasks such as executing payments and financial trades, concern is mounting over who bears the financial burden when these systems go wrong. A group of researchers argues that existing AI safety methods do not adequately address this exposure, and that new, insurance-style mechanisms are needed to protect users. Their proposal shifts the conversation from purely technical fixes toward enforceable financial guarantees.
Researchers from Microsoft, Google DeepMind, Columbia University, and startups Virtuals Protocol and t54.ai have jointly authored a paper outlining what they call the Agentic Risk Standard. The framework operates at the settlement layer and is designed to compensate users when an AI agent fails to complete a task correctly, does not deliver a service, or causes a measurable financial loss. The paper argues that technical safeguards can only offer probabilistic reliability, while users in high-stakes environments often need enforceable guarantees over outcomes.
The authors contend that most current AI research concentrates on improving model behavior โ reducing bias, hardening systems against manipulation, and making decisions more interpretable. While valuable, these efforts do not resolve the gap between model-level reliability and the assurances that end users require. Because agent behavior is inherently unpredictable, the researchers argue that product-level risks cannot be eliminated through technical means alone.
The Agentic Risk Standard addresses this by layering financial protections onto how AI tasks are processed. For straightforward tasks where the user’s only exposure is a service fee, funds are held in escrow and released only once the work is verified as complete. For higher-risk operations that require money to be committed upfront โ such as currency exchanges or trading activity โ the framework introduces an underwriter who assesses the risk, requires the service provider to post collateral, and reimburses the user if a covered failure occurs.
The paper is explicit about the boundaries of the proposed system. Non-financial harms, including hallucinations, defamation, and psychological damage, fall outside the scope of the framework. The researchers acknowledge this limitation and position the standard as a complementary tool rather than a comprehensive solution to all risks posed by AI agents.
To evaluate the concept, the team ran a simulation consisting of 5,000 trials. The researchers were careful to note that the experiment was limited in scope and was not intended to reflect real-world failure rates. The results are described as motivation for further investigation rather than definitive proof of the framework’s effectiveness under live deployment conditions.
The study calls for future work on risk modeling across a range of failure modes, empirical measurement of how often failures occur under conditions resembling actual deployment, and the development of underwriting and collateral structures that remain stable even when detection systems make errors or when participants act strategically. The researchers frame the Agentic Risk Standard as a starting point for a broader discipline of financial risk management tailored specifically to AI agent systems.
Originally reported by Decrypt.
