AI Starts Making Payments: What Santander and Mastercard’s Pilot Is Really Testing
AI is no longer just helping with tasks — it is beginning to act on behalf of humans to execute transactions.
In the past, when businesses talked about AI, they mostly saw it as a tool: writing code, organizing data, generating reports, or supporting analytical decisions. But a recent pilot in the financial industry suggests AI’s role is entering a new phase.
Banco Santander of Spain and Mastercard recently announced the completion of a test: enabling an AI agent to initiate and finalize a payment transaction within the bank’s existing payment system.
This was not a simulated experiment. The transaction was processed through the bank’s actual payment infrastructure, following all existing security verifications, authorization mechanisms, and compliance checks — the same regulatory requirements as any ordinary transaction.
The real point is not simply that “AI made a payment.”
What truly matters is that the financial system is testing a new role for AI: no longer just a tool for analysis or advice, but an authorized, restricted, auditable actor.
In other words, in the future, AI may not only tell you what to do — it will directly complete certain transactions on your behalf under predefined rules.
If this model matures, enterprise automation could shift from process automation to transaction automation. Procurement, ordering, payments, and supply chain workflows might all be executed automatically by AI under preset conditions.
But this also raises a new question: When AI can make decisions and complete transactions on behalf of humans, how should we design the boundaries of responsibility, authority, and control?
The financial industry is testing this first because banking is already one of the most heavily regulated sectors. If AI can operate within such a framework, the barrier for other industries to adopt similar models will likely begin to fall.
01|What It Can Do Now: AI Completes Payment Flows Under Controlled Conditions
The core of this pilot was enabling an AI agent to initiate and complete a full end-to-end payment process within the bank’s existing payment system.
The transaction did not bypass the bank’s native security mechanisms. Instead, the AI operated within the bank’s established financial systems, following standard workflows including identity verification, transaction authorization, risk checks, and payment routing.
In short, AI did not “pay on its own.” It executed transactions only within predefined rules and permission boundaries.
What the AI agent could do was strictly limited in advance. The bank and customer would set:
- Maximum transaction amounts
- Allowed payment methods
- Authorized operational scope for the AI
- Required identity verifications
- Mandatory risk and compliance checks
All these conditions are programmed into the system, and the AI may only act within these limits.
The test used Mastercard’s Agent Pay framework. Its purpose is to formally “register” AI agents into payment flows as legitimate system participants, while still meeting banking regulatory and security requirements.
Therefore, the real question this pilot answers is not “Can AI make payments?” It is a far more critical one:
Under financial regulatory regimes, can AI be treated as an auditable, restricted, and authorized transaction participant?
02|What It Cannot Do Yet: AI Payments Are Not in Commercial Use
Although the pilot successfully completed a transaction, both Banco Santander and Mastercard emphasize that this remains only an experimental test.
The system is not available to general consumers or businesses, nor is it an official product or service.
During the pilot, the AI agent operated under extremely strict conditions:
- All permissions were predefined
- Every transaction was continuously monitored
- The entire system ran only in a controlled environment
In other words, the AI was not acting freely — it completed tasks within a highly constrained test scenario.
As a result, current AI cannot make unsupervised payments on its own, such as:
- Automatically shopping for users
- Paying bills without oversight
- Managing various subscription services autonomously
These seemingly simple applications involve complex issues: identity verification, fraud protection, liability for transactions, and personal data protection.
For this reason, there remains a significant gap between this technical demonstration and real-world commercial adoption.
03|Why This Is the Case: Financial Regulations Are Often Stricter Than AI Technology
Many people assume that once AI technology matures, AI payments will spread quickly. Reality is the opposite.
The key constraint on AI payments is not model capability — it is the financial regulatory system itself. Payment systems are among the world’s most strictly regulated digital infrastructures. Every transaction must comply with a full set of rules and security requirements, such as:
- Identity verification standards
- Anti-money laundering (AML) regulations
- Anti-fraud protection systems
- Transaction logging and audit mechanisms
- Consumer protection rules
When the initiator of a transaction shifts from a human to a software agent, the entire regulatory framework faces new challenges.
For example:
- Who is liable if a transaction fails or goes wrong?
- Who oversees AI decision-making?
- How to prevent AI abuse?
These questions involve legal liability, regulatory policy, and financial governance — not just technical ability.
That is why Banco Santander and Mastercard repeatedly emphasize three themes when describing the pilot: security, governance, and trust.
In the financial system, what determines whether new technology can be deployed is rarely the technology itself — it is whether the system allows it to exist.
04|The Cost of Adoption: Enterprises Need New Governance Frameworks
If AI agents are to execute payments within enterprise systems in the future, businesses must confront a new set of governance challenges.
For example:
- How to set AI spending limits
- What types of transactions AI may perform
- Whether AI decisions leave complete records
- How to trace responsibility if transactions fail
These questions mirror how enterprises manage human employees.
From a governance perspective, AI agents can be understood as digital employees: they perform tasks, but only within clear rules and permission boundaries.
Therefore, businesses adopting such systems typically need to establish foundational governance structures:
- Clear authorization mechanisms
- Complete audit logs
- Strict access control
- Corresponding risk management processes
Without these systems, the automation enabled by AI could expose companies to new risks.
05|How to Judge Future Progress: Three Key Signals to Watch
For AI agent payments to reach commercial scale, three important developments are worth monitoring.
First: changes in regulatory policy
Whether financial regulators worldwide begin allowing AI agents to participate in payment flows will be critical to widespread adoption. If regulators issue rules or guidelines, the institutionalization process has begun.
Second: payment network support
Whether Visa, Mastercard, and major banks build standardized technical frameworks will directly affect adoption difficulty. Clear technical standards will drastically reduce integration costs for businesses.
Third: enterprise software integration
If common ERP, procurement, and financial systems begin supporting AI agent payments, new automation models will emerge in operations. Procurement, payment, and reconciliation could all be automated by AI under predefined rules.
06|Industry Trend: Agentic AI Is Entering Enterprise Systems
This pilot is just one example of a larger industry shift.
Research firm Gartner predicts that by 2028, roughly one-third of enterprise software will include agentic AI features — compared to less than 1% today.
Agentic AI refers to AI systems that autonomously execute tasks under predefined goals and rules, rather than only providing analysis or recommendations.
Such AI agents may be deployed across many enterprise processes:
- Procurement workflows
- Customer service
- Operations management
- Order processing
In short, AI’s role in business is changing.
In the past, AI was mostly an advice system, providing analysis and decision support. In the future, AI will become a task execution system, completing work directly within authorized boundaries.
Payments are simply the most sensitive and difficult domain to break through.
If AI can be safely managed in highly regulated financial transactions, similar changes will likely spread to other commercial processes.
07|The Real Meaning for Enterprises: Automation Shifts From “Recommendation” to “Execution”
Over the past decade, enterprises adopted AI mainly to improve efficiency and support decisions: analyzing data, forecasting demand, offering recommendations.
But agentic AI opens a new possibility.
AI no longer only gives advice — it performs work directly under specific rules and authorization.
Future enterprise systems may no longer be just tools, but collections of AI agents that complete tasks.
In this environment, AI could handle routine operational processes such as:
- Purchasing goods
- Arranging logistics
- Paying invoices
- Managing subscriptions
All of this, however, depends on one critical condition: all actions must operate within clear governance and regulatory frameworks.
When AI shifts from “analyst” to “actor,” what enterprises really need is not more tools — but systems to govern AI behavior.
08|An Important Reminder: Automation Does Not Equal Full Autonomy
Market expectations around agentic AI are often overly optimistic.
Industry research also warns that without clear governance and business value, many AI agent projects may be canceled before launch.
The Santander–Mastercard pilot points to a more realistic path.
AI agents do not need full autonomy. They only need to operate within clear rules and constraints.
In other words, AI does not replace human decision-making entirely — it executes specific tasks within authorized limits.
In highly regulated environments like financial systems, what matters most is not how much AI can do. It is a more fundamental question:
Can AI act within a trusted, supervisable system?
Conclusion|The Core Issue of AI Payments Is Governance
The pilot by Banco Santander and Mastercard does not immediately change how finance operates.
Consumers still cannot use AI to make automatic payments, and no bank will allow unsupervised AI to manage accounts.
Yet the test sends a meaningful signal.
AI is moving from part of information systems to part of transaction systems.
When AI can trigger and complete commercial transactions, businesses can no longer think only about efficiency when adopting AI — they must also address governance, responsibility, and risk.
The question is no longer just “Can AI do this?” It is “Is the system ready?”
In the coming years, a key marker will be whether AI agents can operate safely in highly regulated environments like financial systems.
If this becomes possible, the commercialization of AI will enter a new phase.
And this test has only just begun.
FAQ
Q1|What is AI agent payment?
AI agent payment means an AI agent initiates and completes a payment transaction on behalf of a user or enterprise within predefined rules and authorization limits. Unlike traditional auto-pay, AI agents can make decisions based on tasks and conditions — such as whether to purchase a service, when to pay, or which payment method to use. Under current financial rules, all AI actions are strictly limited: transaction caps, payment types, identity checks, and risk screening. AI does not act freely; it operates under authorization and supervision.
Q2|What did the Santander–Mastercard AI payment pilot do?
Banco Santander and Mastercard completed a test where an AI agent initiated and finalized an end-to-end payment through the bank’s existing payment infrastructure. The transaction was processed on live banking rails, not a simulation, while complying with identity verification, authorization, risk checks, and compliance rules. The test used Mastercard’s Agent Pay framework to verify whether AI agents can be registered as legitimate participants in regulated payment flows and operate securely and compliantly.
Q3|Why isn’t AI payment already in daily commercial use?
The main barrier is not weak AI technology — it is strict financial regulation. Payment systems must follow rules including anti-money laundering (AML), anti-fraud, identity verification, transaction auditing, and consumer protection. When transaction initiators shift from humans to AI agents, regulators and banks must rethink liability, oversight, and abuse prevention. Until these institutional issues are resolved, AI payments cannot enter mainstream commerce.
Q4|How is AI agent payment different from traditional auto-pay?
Traditional auto-pay follows fixed rules: monthly bills or fixed subscription charges. AI agent payment includes limited decision-making: selecting vendors, timing payments, or choosing methods based on procurement needs. AI agents do not just execute commands — they judge and act within authorization. This requires stricter governance and regulatory frameworks.
Q5|What systems must enterprises prepare for AI agent payment?
Enterprises need a complete governance framework:
- Permission management: transaction limits, allowed types, authorization scope
- Audit and logging: traceable AI decisions and transactions
- Risk and accountability: rapid investigation and system shutdown for errors Many experts recommend treating AI agents as “digital employees,” with similar authorization and oversight.
Q6|What is Agentic AI, and why is it trending?
Agentic AI systems autonomously execute tasks under predefined goals and rules. Unlike traditional AI for analysis or advice, agentic AI performs work directly: processing orders, logistics, customer service, even payments. Gartner predicts one-third of enterprise software will include agentic AI by 2028. AI is shifting from decision-support tool to task-execution system.
Q7|What industry impacts could AI agent payment bring?
If safely regulated, AI payments will expand enterprise automation. AI agents may handle procurement, logistics, billing, and subscriptions, moving operations closer to autonomous finance. This creates new governance challenges: permissions, liability, risk management. Future AI commercial competition will depend less on technology alone and more on trustworthy AI governance systems.
