Of Agentic Commerce, Prompt Injection and Authorised Push Payment Fraud

I've posted separately on prompt injection (among the risks associated with generative/agentic AI) and UK payment service providers' refund obligations for authorised push payment fraud (among other forms of potential redress). But I don't think I've explained the clear link between the two, and the implications for the full 'magic' of 'agentic commerce'... This post is for information purposes only. If you need legal advice (e.g. legal analysis in the context of modelling/testing the tech), please let me know.

Authorised push payment fraud (APP fraud) occurs where you are tricked into paying someone you did not intend to. As mentioned, there are limited APP fraud reimbursement requirements for payment service providers who facilitate payments using certain UK payment systems, for example, and there may be other grounds for recovering your money, initially at the expense of your payment service provider.

Agentic commerce describes a scenario where some kind of 'agentic AI' tool (or 'bot') is deployed for the purpose of enabling the automation of product search, selection, purchase and payment. Such tools may be 'native' to an open generative AI platform or made available by a retailer or retail marketplace within that platform, as the recent failure of Walmart's trial of OpenAI's Instant Checkout has demonstrated, leading OpenAI to phase out its own bot and leave the retailers to handle product selection, purchase and payment.

The challenge for guarding against APP fraud in such an automated scenario is that AI agents ultimately cannot distinguish between legitimate and adverse 'prompts', which might be inadvertently introduced either directly or indirectly via an authenticated agent by an authenticated user. 

There are innumerable ways that an adverse prompt could find its way to a user's device, and then to the AI agent, but here are some recent examples. And the prompt may cause the agent or another system or programme to behave adversely, with a fraudulent purchase and/or payment to an unintended payee being only two examples.

Of course, UK payment service providers do have obligations to guard against APP fraud, whether they are part of the reimbursement schemes or not - and even extended mandatory processing times to allow for suspect transactions to be investigated. And anyone making a payment from a UK bank or payment account will be familiar with a number of hoops to be gone through except in a limited number of own-account payments, even after multi-factor account log-in.

Where payment service providers are acting as merchant acquirers, it is likely they their acquiring agreements push the risk of fraudulent transactions, chargebacks and refund onto the merchant. But there is still the job of monitoring and managing the risk that the merchant won't be able to reimburse the payment service provider...

One challenge will be whether the adverse prompts will be able to beat the 'hoops' or trick the user into overriding them, or override them in an automated fashion. Equally, a payment service provider might argue that the consumer has lost any right of reimbursement due to 'gross negligence' in not adhering to a certain 'standard of caution' in its use of an AI agent, for example.

At any rate, the need to meet such challenges would seem to count against the full promise of a 'magically' automated agentic commerce experience... or make it potentially enormously expensive to support without necessarily knowing whether unforeseen claims might suddenly surge.

 

Buy Now Pay Later Regulation To Start In July

Finally we have a date for the extension of consumer credit protection to certain 'buy now pay later' agreements. There has been a long delayed consultation process, which I've covered on this blog, resulting in a final Policy Statement issued today. As is typical, the FCA has made a few, fairly minor, changes to the approach that it consulted on in July 2025. Firms that aren't already regulated will be able to register for temporary permission between 15 May 2026 and 1 July 2026, and will have 6 months from 15 July to apply for full authorisation. If you need advice on the new regime, including whether you fall into it, please let me know. 

Broadly, BNPL is interest-free credit for a consumer's purchase of goods or services that is repayable within 12 months in no more than 12 instalments. This has benefited from an exemption from consumer credit regulation that the government has now limited to situations where the retailer or merchant ("supplier") is providing the credit directly to the customer. This means that such agreements will be regulated where a third party lender is involved ("deferred payment credit" or "DPC"). 

That market for DPC is already highly concentrated: three firms account for over 90% of the volume. But by regulating the product, the FCA thinks that other regulated firms might now offer it. I doubt it, but I suppose any unregulated firm that chooses to become regulated in order to offer DPC might decide to offer other types of regulated consumer credit.

Unlike with other forms of consumer credit (including various "exempt agreements" that do not include BNPL), the supplier will not need to be authorised as a credit broker in order to introduce the consumer to a DPC lender.

Ultimately, this is intended to benefit consumers. The FCA wants them to have fewer late payments to be treated better treatment when in financial difficulty. That means information to help them understand the risks of "deferred payment credit" as well as their rights, obligations and the protection available. This means they should have a better chance of being able to afford what they borrow, miss fewer repayments and be charged fewer late fees. Lenders should also end up being more supportive where the borrower encounters financial difficulty. 

If the impact of increased regulation of 'payday lending' is anything to go by, the extension of regulation into this space should mean fewer DPC than that aspect of the BNPL market today.

New UK Rules on Handling Data Protection Complaints

Among the recent changes to UK privacy law, UK controllers of personal data will need to update their privacy policies, processing agreements and related procedures by June this year to include a process for handling complaints about a breach of the UK's  data protection law and regulation, including by providing a complaint form which can be completed by data subjects electronically. This post is for information purposes only. Please let me know if you need any drafting or advice on how to comply.

Controllers must acknowledge receipt of a complaint within 30 days and, "without undue delay" take appropriate steps to respond and inform the complainant of the outcome. That includes making enquiries into the subject matter of the complaint, "to the extent appropriate", and informing the complainant about progress. 

The Information Commissioner has consulted on guidance on complaints handling requirements.

What if we already have a complaints procedure?

Some service providers are already required to have complaints handling policies and processes (e.g. financial services firms), and it's common for a customer to complain about more than one issue at the same time, so it's best to sweep up data protection complaints in the same process. 

Will we need to report the number of complaints received etc?

There's also the potential for the ICO to require controllers to report the number of complaints they receive in a given period, which may be in the pipeline. 

What other changes have been made?

The Information Commissioner has also issued more general guidance on the changes made under the Data (Use and Access) Act 2025, including changes relating to 'legitimate interests'.

This post is for information purposes only. Please let me know if you need any drafting or advice on how to comply.