Consumer agent commerce has a winner taking shape.
B2B hasn't started. The reason lives in the ERP.
Consumer agent commerce is beginning to move from experimentation into early deployment. Google's Agent Payments Protocol (AP2), Mastercard's Agent Pay, Visa's Intelligent Commerce initiatives, and Cloudflare's Web Bot Auth collectively point toward an emerging ecosystem for agent-mediated transactions. These efforts extend the evolution of card-not-present commerce into a model where the cardholder may delegate bounded authority to an AI agent operating on their behalf. Early agent-authorized payment flows and pilot transactions have already been demonstrated on major card networks.
These protocols solve a specific shape of transaction — a single human delegating bounded authority to a single agent against a single payment instrument. They map cleanly onto the card-not-present ecosystem because they extend it; the cardholder simply moves one step further away from the transaction.
B2B commerce does not have this shape. A corporate purchase is not a single principal's decision. It is a chain of delegated authority traceable through enterprise governance and ERP-configured workflows, validated by segregation-of-duties controls, posted to a specific legal entity, and audited against SOX and equivalent governance regimes.
None of that primarily lives in a card network or an agent runtime. It is instantiated across enterprise systems — most critically the ERP — where workflow legitimacy, financial controls, accounting treatment, and auditability converge. Every other layer in the agent commerce stack will eventually have to integrate with that authorization model.
The window is roughly 12 to 18 months. Consumer agent commerce will accelerate quickly over the next few retail cycles. Enterprises will then try to apply similar models to B2B transactions, and the gap in authorization architecture will become visible as expensive failures attributed broadly to "agent risk."
A few months ago, early agent-mediated payment flows were demonstrated on major card networks. Not a demo environment. Not a sandbox. Actual purchases initiated by AI agents on behalf of consumers, authorized through cryptographic mandates and processed through traditional payment rails.
Google's Agent Payments Protocol (AP2), announced in 2025 with a broad ecosystem of partners — Adyen, American Express, Coinbase, Etsy, Intuit, JCB, Mastercard, PayPal, Salesforce, ServiceNow, UnionPay, Worldpay, and others — is emerging as one of the earliest serious coordination frameworks for AI-agent-mediated commerce. Cloudflare's Web Bot Auth provides a mechanism for verifying agent provenance. Mastercard's Agent Pay focuses on agent registration, identity, and delegated payment authorization. Visa introduced parallel initiatives within weeks.
What these efforts collectively represent is not a replacement of existing payment systems, but the next evolutionary step in digital commerce.
E-commerce separated the transaction from the physical card. Mobile wallets and tokenization separated merchants from the underlying payment credential. Agent-mediated commerce introduces another abstraction layer: the cardholder may no longer directly participate in the transaction flow at all.
Instead, the cardholder delegates bounded authority to an autonomous system operating on their behalf.
From the perspective of payment networks, this is still an extension of the existing card-not-present ecosystem. The transaction remains fundamentally centered around a single accountable principal delegating authority within constrained limits.
That is why the current generation of agent payment protocols maps cleanly onto consumer commerce.
Enterprise commerce doesn't, because it is fundamentally a trust ecosystem before it is a payment ecosystem.
A purchase order for two million dollars of components is not a single human's decision.
It is the outcome of formally delegated enterprise governance, operationalized through finance and procurement workflows, implemented across enterprise systems, validated against contractual obligations, constrained by treasury and spending controls, and audited against SOX, internal governance, external audit, and jurisdictional compliance requirements.
There is no single principal in that transaction. There is a chain of delegated authority that exists only in the configuration of enterprise systems. The moment any link in that chain is unclear, the transaction fails compliance review.
That chain of delegated authority does not live in a card network. It does not live in an agent runtime. It does not live in a contract management tool.
It lives in the ERP — because the ERP is where policies become operational, where workflows execute, where financial entitlements are enforced, and where the audit trail is reconstructed when something goes wrong.
This is the part of the agent commerce conversation that the consumer-facing protocols structurally cannot reach. Not because their builders are incapable, but because the layer where enterprise authorization is actually defined is not the payment layer.
When an agent commits a corporation to a $2M purchase, three things have to be true simultaneously, and each of them is fundamentally an ERP question rather than a payment question.
The agent must be operating within authority that is traceable through formally delegated enterprise governance and approval structures. No card mandate can express this; the mandate proves the human authorized the agent, not that the human had the authority to authorize the agent for that commitment.
The agent must respect segregation of duties — the same agent cannot negotiate, approve, and pay. Segregation-of-duties controls are enforced through ERP-centered workflow and governance systems. An agent that doesn't integrate with those controls is, by definition, operating outside enterprise governance.
The agent must commit on behalf of a specific legal entity, in a specific jurisdiction, with specific tax treatment, against a specific budget owned by a specific cost center. All of that is master data that lives in the ERP. The card network sees a transaction. The ERP sees an obligation, recognized correctly, posted to the right ledger, against the right entity, with the right tax treatment.
Strip these three things out and you don't have B2B agent commerce.
You have a high-velocity audit failure waiting to be discovered.
This is why the ERP isn't simply one of several participants that could shape enterprise authorization. It is the convergence layer where enterprise legitimacy, workflow authority, accounting treatment, and auditability come together. Everything else — agent runtimes, payment protocols, identity providers, contract systems — ultimately has to integrate with that model rather than replace it.
The ERP is not an incumbent that needs to keep up.
It may become the trust layer the rest of the autonomous commerce ecosystem depends on.
ERP vendors are responding the way most incumbents respond to a paradigm shift — by adding agents into existing modules rather than rethinking authorization architecture itself.
Procurement gets an agent. Treasury gets an agent. AP gets an agent.
Each one is useful in isolation. None is the trust layer being described here.
The harder problem is horizontal.
It requires treating agent identity, delegation, segregation of duties, and auditability as capabilities that cut across every module — and exposing those controls safely to external agent runtimes, payment protocols, and counterparty systems through standards that do not yet meaningfully exist.
That is a significantly larger undertaking than feature-level agent integration, and the prerequisite for making autonomous commerce safely usable inside enterprises.
The consumer agent commerce story already has visible momentum.
The enterprise autonomous commerce story has barely started.
If you're building in this space, the most valuable thing you can do right now is probably not another agent. It is integration with the authorization and governance models enterprises already enforce — because every other layer in the stack will eventually have to plug into them.
Autonomous commerce will not scale safely through payment networks and agent runtimes alone.
It will depend on whichever systems can operationalize enterprise trust, delegated authority, and auditability at machine speed.
Inside most enterprises, that convergence layer already exists.
It is the ERP.
Google Cloud — Announcing the Agent Payments Protocol (AP2)
Cloudflare — Forget IPs: using cryptography to verify bot and agent traffic (Web Bot Auth)
Anthropic — Model Context Protocol (MCP)
McKinsey QuantumBlack — The agentic commerce opportunity
Bain & Company — Agentic AI Commerce: The Next Retail Revolution
JAGGAER — What Is Autonomous Commerce?
Diconium — Autonomous Commerce: The Smart AI Future of B2B Online Commerce