India's Ministry of Electronics and IT (MeitY) has proposed mandatory human-in-the-loop controls for high-value payments executed by agentic AI systems. This move aims to ensure accountability and risk mitigation as AI agents potentially gain the ability to conduct Unified Payments Interface (UPI) transactions autonomously.

  • CERT-In mandates human-in-the-loop controls for agentic AI payments above set value thresholds.
  • NPCI is developing a protocol to allow AI agents to autonomously execute UPI transactions.
  • Experts emphasize trust, transaction limits, and agent identity controls to protect users.

What happened

CERT-In, the cybersecurity division of India's Ministry of Electronics and IT (MeitY), recommended mandating human-in-the-loop (HITL) interventions for financial transactions conducted by agentic AI systems when these payments exceed predefined thresholds. This measure aims to ensure that human oversight is maintained over critical payment decisions made autonomously by AI agents, with comprehensive audit trails maintained for accountability.

This proposal follows ongoing developments by the National Payments Corporation of India (NPCI) to build a Unified Agent Protocol that would enable AI agents to conduct Unified Payments Interface (UPI) transactions on behalf of users. While the exact working of this agentic protocol remains undisclosed, it marks a significant step towards autonomous AI-driven commerce in the Indian payments ecosystem.

Why it matters

The rise of agentic AI systems capable of initiating payments autonomously introduces new risks relating to security, fraud, and user trust. Experience in other markets has shown that agentic commerce can fail when adequate guardrails and recourse mechanisms are absent. In India, where UPI payments play a critical role in financial inclusion and digital transaction volumes, ensuring trust in such technologies is paramount.

Human-in-the-loop interventions are intended to mitigate risks by allowing real-time human feedback, error correction, and decision-making alongside AI operations. Additionally, proposals to create delegated agent identities, enable configurable transaction limits, and restrict AI agents to wallet-based accounts instead of direct bank accounts aim to establish a safer and more transparent operational framework.

What to watch next

Key developments will include how NPCI finalizes and rolls out the Unified Agent Protocol to support agentic AI payments, including the technical and regulatory safeguards embedded within it. Stakeholder feedback and pilot implementations will likely influence the pace and scope of adoption.

Further scrutiny will focus on the effectiveness of human-in-the-loop mandates and additional consumer protection measures such as separate agent PINs, transaction limit settings, and audit capabilities. Industry consensus on standards and interoperability between competing AI agent frameworks, such as those proposed by Coinbase and Pine Labs, will also be crucial for establishing a trusted agentic payment ecosystem in India.

Source assisted: This briefing began from a discovered source item from MediaNama. Open the original source.
How SignalDesk reports: feeds and outside sources are used for discovery. Public briefings are edited to add context, buyer relevance and attribution before they are published. Read the standards

Related briefings