Sunday, July 05, 2026 | 09:31 PM ISTहिंदी में पढें
Business Standard
Notification Icon
userprofile IconSearch

India's agentic AI dream for fintech needs an infrastructure relook

Use cases raise questions around permissions and security, as deployments progress beyond proof-of-concept

Tech, AI, Artificial Intelligence
premium

Imaging: Ajaya Mohanty

Ajinkya KawaleUdisha Srivastav Mumbai/New Delhi

Listen to This Article

A year ago, the question of how far agentic use cases had advanced across India's financial services and digital commerce sectors had a simple answer: almost everything was still a proof of concept. 
Today, the industry has edged closer to production. But the biggest challenge to widespread deployment is no longer artificial intelligence (AI) itself. Instead, it is the financial and commerce infrastructure that was built decades ago for deterministic software and human interactions — not autonomous AI agents. 
Agentic commerce is expected to evolve in three phases; starting with assistive, progressing to guided, and eventually 
reaching autonomous flows. 
But before AI agents can routinely shop, transact or negotiate on behalf of users, banks, payment processors and merchants will need a new layer of infrastructure governing permissions, authentication, authorisation, auditability and liability. Building that invisible plumbing is fast emerging as the industry’s next major challenge. 
“On payments, agents acting on a consumer's behalf will need clear consent and spending controls before adoption can move beyond pilots, and that requires regulatory clarity, not just better technology. Discoverability also changes character: platforms must be as legible to a machine as they are to a person today, or they risk losing transactions they would otherwise win,” said Keshav Kumar, chief product and technology officer, BigBasket.  
There are challenges around edge cases too. What happens when an agent, which was assigned to spend no more than ₹5,000 for a pair of shoes, spends more than twice the amount instead? Multiple interactions will need to be captured in a central registry to ensure accountability and enable verification across different use cases. 
Who created an AI agent? How is that agent identified and authenticated? What actions has a user authorised it to perform? And once consumers begin deploying multiple agents for different tasks, can today's payments and commerce infrastructure cope with a world where autonomous agents, and not humans, are initiating multi-cart transactions? 
“Payments have to be deterministic… In the commerce world, agents would have to capture the user’s intent. Users  themselves would have to whitelist their agents, and there is a need for proactive controls to ensure agents don’t do things they were not meant for,” said Ishan Sharma, head of sales and business development, Juspay.  
The focus on controls and preventive systems comes as the e-commerce industry expects initial agentic AI use cases to centre on price intelligence, making such safeguards even more critical.  
Combined with robust mechanisms to minimise hallucinations even at the discovery stage, this is expected to form a critical foundation for merchant-led AI systems.  
“Behind the scenes, we have developed a robust AI infrastructure with unified data connectors spanning our catalogue, customer behaviour, and transaction systems. We have also implemented an orchestration layer based on the Model Context Protocol (MCP), along with strong guardrails to minimise hallucinations, improve factual accuracy, and ensure reliable recommendations,” said Achint Setia, chief executive officer (CEO), Snapdeal.  
MCPs are emerging standards that let AI agents securely interact with external software, enabling them to retrieve data and execute tasks across different applications.  Banking on layers  Today, one of agentic AI's most promising applications in banking lies in customer support, where lenders could use the technology to resolve customer queries, while keeping decision-making firmly in human or rule-based workflows. 
The harder problem lies deeper within banking infrastructure.  
Existing systems were built for deterministic software; applications that execute predefined instructions, not AI agents capable of reasoning through tasks. Giving such agents direct access to core banking systems or customer databases, therefore, introduces new risks around privacy, permissions and accountability. 
To tackle this, technology service providers such as Zeta are building an intermediary software layer that sits between AI agents and core banking infrastructure. Rather than allowing an agent or large language model (LLM) to query databases directly, the layer authenticates the agent, verifies what it is authorised to access, enforces data access policies, and maintains 
audit trails before any information is retrieved.  
“Banks can bring their own large language models. We provide the entire infrastructure and then you build agents on it. Agents on our stack cannot directly get access to data that it is not supposed to get. It comes and asks our layer, we validate it and then proceed. There are also things like data privacy, confidentiality, and other restrictions that need to be taken care of,” said Sivaram Kowta, president, digital banking, Zeta India.  
The AI ecosystem is also witnessing the emergence of more capable reasoning models, such as Anthropic's Mythos, which demonstrate recursive capabilities.  
However, access to these models remains restricted as the potential for misuse and abuse poses significant risks, particularly for financial infrastructure.  
Other forms of fraud vectors, including evolving patterns of deepfakes and tampered documents, are already permeating the 
ecosystem, according to the industry.  
“Banks are interested in knowing how to make the authentication risk-based. The first job of risk-based authentication is to intercept what is almost certainly a fraudulent transaction. Next is, there could be transactions that are perhaps risky, but could be good ones, just that they don’t conform to a typical customer profile,” said Shailesh Paul, CEO of Wibmo, a technology service provider.  
In the second case, there is a need for stepping up authentication, he said.  
“Step up could be to a higher form of authentication, or just to an additional form of authentication, or stepping up into authentication where authentication is not required,” he explained.  
That said, the industry believes new fraud patterns are still evolving in the world of AI and they would only get clearer with time. Until then, the priority for the industry is to rethink the infrastructure supporting agentic AI, while resolving foundational questions around permissions, security, and control, as deployments gradually progress beyond proof-of-concept. 
Shift underway
  • Agentic commerce is expected to evolve in three phases; starting with assistive, progressing to guided, and eventually reaching autonomous flows.
  • Multiple interactions will need to be captured in a central registry to ensure accountability and enable verification across different use cases.
  • Existing banking systems were built for deterministic software; applications that execute predefined instructions, not AI agents capable of reasoning through tasks.