Suit Up · Asia's institutional desk on tokenisation

The thesis

Most institutions reading this resource are right that they are not at agentic commerce yet. They are at infrastructure: setting up tokenised-deposit programmes, working through stablecoin licensing, building tokenisation platforms, evaluating custody arrangements. That is the right place to be in 2026. Our view, stated plainly: agentic commerce on tokenised rails will be the next major category once the infrastructure stage matures, because the structural fit is unmistakable. AI agents need programmable money, tokenised money is programmable, and the regulatory perimeter for agent-mediated transactions is starting to crystallise. This belongs on every institutional CIO's 2027-2028 strategic roadmap as a watch-and-staff item, not as a 2026 build. The right question today is what to be tracking, not what to ship.

The setup

The current institutional tokenisation conversation is dominated by infrastructure questions. Which platform to license, which custody arrangement, which jurisdiction to launch in, which regulatory regime to operate under, how to design the new product committee paper. That is appropriate. Tokenised assets and tokenised cash are still in the early-deployment phase across almost every market we track. Even the ahead-of-the-pack programmes (Kinexys on the bank-rail side, BUIDL on the asset-manager side, EnsembleTX on the regulator-coordinated wholesale side) are still working through foundational operational questions, not optimising on a settled architecture.

Agentic commerce sits one layer above that infrastructure. When AI agents start holding programmable money to transact on behalf of their human or institutional principals, the agent-side requirements (identity primitives, transaction limits, dispute resolution, regulatory perimeter for agent-mediated transactions) become the binding constraints, not the rail mechanics. Most institutions are nowhere near needing to answer those questions operationally. Some institutions, the ones with explicit agent-bank-money mandates from leadership or with a strategic position to defend in the next category, should be tracking them strategically. The rest should keep shipping the infrastructure programme and treat agentic commerce as the next thing on the roadmap, not the current thing under build.

The argument

The three structural fits: programmability, identity, settlement

AI agents need money that can be programmed. Conditional release on receipt of a specified deliverable, time-bound authority that lapses without renewal, merchant-category-restricted spend, velocity-capped flows, novel-counterparty pauses. Traditional payment rails support a thin version of these primitives through wrapper layers: card-network controls expressed at authorisation time, ACH limit frameworks expressed at the customer-bank layer, wire-transfer review thresholds expressed in operations. None of these are native to the rail. Tokenised money on programmable ledgers supports each natively. The MAS Project Orchid purpose-bound money construct is the cleanest existing pattern, with conditions enforced at the contract level rather than at a wrapper layer above the rail. Stablecoin issuer freeze and conditional-transfer constructs offer a thinner version of the same primitive. Tokenised deposits with smart-contract-level limit enforcement (covered in the principal-agent authority patterns page) are the next architectural step the bank rails are moving toward. The point: agents and programmable conditions belong together architecturally, and the legacy rails approximate this only by adding software on top.

AI agents need persistent identity. The agent must be addressable for revocation, attribution, and audit. Transactions must be attributable to the principal-and-agent pair, not just to the account. Revocation must be enforceable at the rail layer, not just at the account-holder layer. Permissioned tokenised-rail infrastructure already supports identity primitives at the contract level: whitelisted addresses, on-chain credential presentation, per-counterparty allowance grants. Public chains support the same primitives via the W3C Verifiable Credential and Decentralised Identifier stacks (covered in Foundations Chapter IX, Part 3). The legacy rails handle identity through institution-side credentials and back-office reconciliation, which works for human counterparties but creates operational debt for agent counterparties whose pattern of behaviour does not match the assumptions baked into the rail design. The structural read is that tokenised rails are identity-native in a way the legacy rails are not.

AI agents need atomic settlement. Agent-mediated transactions need to complete or fail cleanly, without intermediate states the agent must reason about. A flow that has settled on one leg but not the other forces the agent to manage reconciliation logic that human and corporate counterparties handle through ops teams and back-office workflows the agent does not have. Tokenised settlement is structurally atomic: delivery-versus-payment is enforceable at the contract level, with both legs settling in the same transaction or both reverting. Legacy rail combinations (a card-rail payment leg against a security-settlement leg, an ACH cash leg against a fund-share-record leg) are not. Three fits, three primitives, three reasons the combination is structurally inevitable rather than just commercially attractive.

Why this is not 2026's story but should be on the 2027-2028 roadmap

Today's institutional tokenisation programmes are still working through the foundational questions. Legal-control primitives, custody arrangements, regulatory licensing, distribution-channel design, KYC and AML monitoring rules, tax treatment, capital treatment, accounting treatment. The agentic-commerce question requires those questions to be answered first. You cannot build agent-mediated transaction flow on tokenised rails that are not yet operationally mature. The 12 to 18 months ahead are the maturation period for the underlying infrastructure: tokenised-deposit programmes graduating from pilot to production, regulated stablecoins settling into their respective licensing regimes, tokenised MMFs working through the transfer-agent and distribution-channel mechanics. The next 18 to 30 months are when the infrastructure layer becomes stable enough for the agentic layer to start being designed seriously.

So 2027-2028 is when CIOs should expect to be making strategic-roadmap decisions about agent-rail integration. 2026 is for tracking, not building. The stronger version of this argument: an institution that pulls forward the agentic build into the infrastructure stage will produce a programme sitting on top of an unsettled rail and an unresolved legal posture, which is the worst combination for either escalation or expansion. Get the infrastructure right first. The agentic layer is operationally simpler if the rail under it is mature.

The three things that need to ship before institutions can move

Our read on the gating items.

First, the regulatory perimeter for agent-mediated transactions clarifies in at least two major jurisdictions. The underlying agency-law substrate is workable in every major financial jurisdiction we have reviewed (covered in Regulatory perimeter for agents), but the regulator-side guidance is sparse to non-existent in 2026. MAS is the most likely to publish first, with the Project Orchid PBM construct as the natural vehicle and the integrated-supervisor pattern making single-published guidance covering banking, payments, and capital markets achievable. HKMA is the next most likely, through an EnsembleTX agent-pilot extension. The EBA through MiCA implementation guidance and the BIS through Innovation Hub work are the other candidates. Two jurisdictions publishing operative text is the threshold at which institutional product committees can defend an agent-acceptance posture without being the first mover.

Second, identity primitives for agents converge on a recognisable institutional pattern. The three current patterns (custodial API key over institution-held wallet, delegated-authority signature on customer-controlled wallet, directly-held wallet) are described in Principal-agent authority patterns for agentic commerce. None has consolidated as the institutional default. Pattern 1 is what bank-issued tokenised-deposit programmes are running today; Pattern 2 is what x402 and the W3C credential stack lean toward; Pattern 3 is sparse in regulated production. Our read is that the institutional default in 2027-2028 will be a hybrid of Pattern 1 and Pattern 2, with the bank holding custodial signing infrastructure but the agent presenting on-chain-verifiable credentials referencing the principal's authority. That hybrid does not exist in production yet. The first regulated institution to ship it sets the reference point.

Third, insurance and dispute frameworks mature beyond the current early-stage state. The first major agent-mediated dispute will set the precedent for what comes after, and the dispute apparatus, the underwriting market, and the product-liability doctrine are all in an early-formation state today (covered in Dispute resolution and insurance for agentic commerce). Specialised agentic-commerce insurance is not yet a standard product line. Bank fraud-and-error coverage extends to agent-mediated transactions in principle but has not been tested in dispute. The card-network dispute apparatus has not been stressed by an agent-acting-outside-authority chargeback at material volume. None of the three is impossible on a 24-month horizon, but none has shipped yet.

Implications for practitioners

For most institutions: stay at the infrastructure stage. You are not behind by being there. Ship your tokenised-deposit, regulated-stablecoin, or tokenised-asset programme in 2026 and treat agentic commerce as a 2027-2028 strategic question. The infrastructure work compounds; the agentic layer sits on top of it cleanly when it arrives. Skipping the infrastructure stage to build for agents is the most common timing error we expect to see in the next 18 months, and it produces programmes that have to be re-architected when the agent-rail standards converge.

For CIOs and innovation leads: staff one or two people on the watch-and-track function for the agentic horizon. Subscribe to the relevant regulator dialogue (MAS Project Orchid updates, FSA Japan dialogues on agent-mediated payments, ECB consultations on programmable money, BIS Innovation Hub publications). Read the chain-native standards work (x402 community releases, the W3C VC and DID specifications). Track the card-network agentic credential programmes (Visa Intelligent Commerce, Mastercard Agent Pay). Do not fund a build team. The build window opens in 18 to 30 months; staffing it now produces a team without a deliverable.

For the small minority of institutions for whom agentic commerce is the strategic question, build narrowly. A fintech building agent-merchant infrastructure, a bank with explicit agent-bank-money mandate from leadership, or a platform with structural exposure to agent-driven flows. Build narrowly under an explicit legal framework along the lines of Approaching agentic commerce as an institution, partner with the rail standards-setters (the x402 community, Visa Intelligent Commerce, Mastercard Agent Pay, MAS PBM workstreams, the relevant BIS Innovation Hub workstreams), keep optionality across the three authority patterns. The defensible posture is a single named agent provider, a single asset class, defined merchant categories, conservative velocity caps, and a 12-month review for expansion.

For founders building the agent-rail infrastructure layer, this is your moment for the technical-architecture work. The institutional product-build work follows in 18 to 30 months as the infrastructure stabilises. The standards you set in 2026 (around credential presentation, delegation registries, dispute-evidence formats, the composition of identity-authority-payment as the three composable primitives) are the rails the institutional adopters will integrate against. Optimise for being the standard the institutions can adopt without re-architecting their internal infrastructure.

Where this could be wrong

Two scenarios where the thesis breaks. The first is that the agentic horizon arrives faster than we expect because consumer-side agentic adoption pulls institutional adoption forward. This is already partially happening in retail-payment categories where Visa Intelligent Commerce and Mastercard Agent Pay are shipping in 2025-2026 (covered in Visa Intelligent Commerce and Mastercard Agent Pay) and where the chain-native pattern via x402 is accumulating volume on the agent-to-API surface. If consumer flows reach material volume by late 2026, institutional product committees will face customer pressure to accept agent-initiated transfers earlier than the rail-maturation timeline suggests, which would compress the staffing window from 2027-2028 toward late 2026. We treat this as a meaningful possibility on the consumer-payment side and a less likely scenario on the wholesale and corporate-treasury side.

The second scenario is that the agentic horizon arrives slower because the regulatory perimeter takes 4 to 5 years to settle rather than 2 to 3, in which case the 2027-2028 timeline slides to 2029-2030. The institutional case for delay rests on the dispute apparatus: if the first major agent-mediated loss surfaces in a high-profile case and produces an extended period of regulator caution, institutional product committees will hold off until the precedent settles. This is a real path. Our read is that 2027-2028 is the central case, acknowledging the wider distribution. Either way, the watch-and-track posture in 2026 is the right preparation for both branches.

[Suit Up]

Why agentic commerce on tokenised rails will be the next category, and why most institutions should not build it yet