Firms right across financial services continue to wrestle with the many and varied ways AI might impact their business. To-date much of that focus has been on ways in which the firms can deploy AI within their own operations to support their business. As AI tools and usage proliferates, this focus is now expanding to how firms can engage with consumers relying on Agentic AI.
AI has the power to give retail traders access to a much more sophisticated set of tools and analysis for a much lower cost. This could be a real boost to retail traders and retail trading across the globe. To-date AI tools have largely been limited to use as an adviser in the background; traders would use AI tools to carry out portfolio analysis or come up with suggested trading strategies. The individual traders would then still interact with their platforms in the ordinary course to submit orders and execute transactions. However, the role of AI Agents is evolving. Various retail brokerages have recently launched new tools that will allow AI Agents to trade on behalf of their clients.
This trend has been noticed by regulators as they fight to keep pace with the ever-changing AI landscape. Nikhil Rathi recently suggested the FCA would have to adapt its regulatory framework to try to keep up with the development of AI. When discussing Agentic AI, the CEO of the FCA highlighted the need for investors to understand agentic systems, for accountability for regulated activities and outcomes to remain clear, and for there to be the right level of human oversight to support consumer confidence.
We discuss some of the legal and regulatory themes that trading firms will need to consider when looking to support a client’s use of Agentic AI in trading.
Authority
A key element of any contractual relationship is determining who and how either party can be bound and determining which instructions can be relied upon to bind parties. In a traditional consumer trading relationship, this will be governed by the broker/platform’s terms and conditions and will fall within existing, well understood real-world behaviors. Introducing AI Agents will drive a rethink of these processes.
As with any use of AI Agents, a key first step will be to determine the scope of the AI Agent’s authority – what can it do, what can’t it do, when and how and under what conditions. This scoping exercise will be a key feature of the increased adoption of AI Agents. Firms will need to ensure that they have the necessary contractual certainty to support the AI Agent’s trading behavior and also ensure that clients understand the full impact of their AI Agent’s authority. The wording of this in terms and conditions and associated FAQs will be vital to protecting firms from later claims from clients.
Responsibility
Many firms will have developed or be developing complex assurance and testing models to be used to assess any AI tools that those firms intend to use. As firms create new API tools and features to allow connectivity to AI Agents, firms will now need to consider whether and how far they need to apply such testing to those tools to be used by customers. Firms will also need to consider the implication of their offer of connectivity. If a trading firm supports connectivity for a particular AI tool – does that in any way create an implied approval of that AI Agent? Does this expose the firm to any legal or reputational harm if that AI Agent fails? Such considerations further strengthen the need for firms to consider what level of testing they need to undertake, both for technical specifications, and security, and whether they need to consider the proficiency and outcomes achieved by the AI Agent. This is a complex area and firms will need to think very carefully about how they present any information on the AI Agents for whom they will support use to clients.
Colin Payne, the FCA’s head of innovation and chair of the Global Financial Innovation Network stressed the need to get ahead of this innovation. A paper focused on the use of AI Agents in payment transactions, co-authored by the FCA’s head of innovation, highlighted the possible adoption of a “know your agent” or so-called “KYA” framework. This KYA structure can be used to support firms in working through risks associated with working with AI Agents, addressing the following key questions:
- Who is the agent acting for?
- What is the agent authorized to do?
- How is that authority documented?
- What records exist of its actions?
- Where does liability sit?
The last point on liability is likely to be a challenging issue. Questions of responsibility and liability will need to be continually re-evaluated in the context of AI Agents and firms will need to ensure clients are aware of and understand the risks and allocation of liability.
Conflicts of interest
Trading firms are required to manage conflicts of interest between the firms and their clients. Use of an AI Agent will be largely driven by user demand. However, firms will need to consider how far they are really acting in the interests of consumers or how far they are acting in their own interests by supporting the use of AI Agents. For example, firms that charge fees per transaction may be incentivized to support an ‘always-on’, 24/7 AI Agent who may be likely to enter into a greater number of transactions than a trader with a job, hobbies and the need to sleep – all of which decrease the time available for submitting trades. This is a further issue for firms to consider when looking at tools to support clients trading through AI Agents.
Consumer Duty
In the Mills Review on AI and financial services, the FCA highlighted the ongoing importance of the Consumer Duty as firms adopt AI. While the review cited the potential benefits to vulnerable customers that might be delivered through AI, the Mills Review also highlighted the risks. UK firms will need to carefully consider the impact of the Consumer Duty and whether supporting the use of AI Agents will deliver good outcomes for consumer clients. This is likely to create an additional layer of complexity for UK firms when compared with global firms, and in particular when compared to their US counterparts.
IT Security and data
As with all technological developments, IT security must remain a top priority. Operational resilience, and cyber security are among FCA’s top supervisory priorities. This importance will only increase as AI systems become more embedded in firms processes. Firms will need to ensure that any new API and interactions with AI Agents do not harm their IT and data security.