![Square profile picture](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48"><rect fill-opacity="0"/></svg>)
Don't Give Your Agent a Bank Account
The debate in agentic finance right now is about rails. Cards or stablecoins? Who wins the transaction layer when AI agents start spending money autonomously?
This notion misses the point entirely.
The rails argument assumes agents should have unrestricted access to money in the first place. Hand your agent a card, hand it a wallet, point it at your accounts and let it run. Nobody is asking whether that's the right model - and it isn't. Agents need a permission layer: rules that define exactly what they can do, under what conditions, with a full audit trail a human can read after the fact.
He Who Owns the Rails Owns the Margin
People underestimate what's happening in finance because they still think the interesting part of banking is the interface. The interface was always the least defensible layer.
One reason people underestimate what's happening in finance is that they still think the interesting part of banking is the interface. It isn't. The interface is the least defensible part. The real story is that the old banking stack was built as a set of gated layers: chartered
Quote
Alex
@0xpampa
Bare Metal Banking: The Neobank Moment
Between December 2025 and March 2026:
Coinbase filed for a national trust charter.
NuBank received conditional approval from the OCC to establish a US national bank.
PayPal applied to create PayPal...
The old banking stack was built as a set of gated layers: chartered institutions at the base holding deposits and ledgers, closed settlement networks above them, middleware abstracting access, compliance vendors wrapping risk, and apps at the surface presenting themselves as the product while depending on everything below. That worked for the first generation of fintech because unbundling let startups move faster than banks. But once you reach scale, renting the stack becomes a tax on your own success. The sponsor bank keeps the balance sheet, the spread, the direct access to the rails. The app keeps the burden of acquiring the customer.
The stack is now compressing from both directions. Large fintechs are pushing toward charters because giving up margin and access stops making sense beyond a certain size. Blockchains and stablecoins are exposing financial primitives directly to builders, so money movement, savings, and trading can be assembled without negotiating access through institutions.
This change has little to do with "crypto" as a theme. Imagine an "infinite money generator" agent that can control both your stock and crypto portfolio. Control is moving toward whoever owns both the user relationship and the underlying primitives.
Where Agents Challenge the Model
The way most companies deploy finance agents today mirrors how they first deployed SaaS: find a tool that does the job, connect it to your systems, and monitor the outputs. Software that augments human workflows can be managed this way because a human is still making the decisions. Agents are different. They initiate - deciding which invoices to pay, when, to whom, at what amount - without waiting for a prompt.
At scale, running continuously across payroll, vendor management, subscriptions, and infrastructure spend simultaneously, all automation operates differently. A single misconfigured rule, an edge case nobody anticipated, a new vendor the agent has never seen before - any of these can propagate across hundreds of transactions before anyone notices.
The controls most companies have in place weren't designed for this. Spend limits and after-the-fact alerts tell you what happened. They don't shape what can happen. For systems making financial decisions at machine speed it ends up being a clean up layer rather than a control one.
The Policy Is the Account
What enterprises actually need is confidence that an agent operates within defined bounds without constant oversight. That requires separating access to money from authority over how it is used.
In practice, this means defining tiers. Low-stakes, high-frequency actions run without approval - the cost of an error is lower than the cost of slowing things down. Medium-stakes actions operate within limits a human set in advance. Anything outside those bounds gets surfaced before execution. Instead of approving every transaction, the user is approving the system that governs them.
Most control layers being built right now approach this by wrapping legacy infrastructure in rules. Spending caps, approval workflows, human-in-the-loop checkpoints. The underlying assumption is that the agent is a dangerous human that needs restraint - so you give it instructions and hope it follows them.
Legacy fintech operates at the wrong level of abstraction for autonomous agents. A bank ledger is a record of what happened. It doesn't enforce what can happen. The rules live in compliance manuals, in ops workflows, in rate limits some PM configured in a dashboard. The intelligence is in the org chart, not in the money. Bank APIs are RPC calls to somebody else's database. Onchain transactions are mathematical state transitions. A request versus a proof.
Onchain policy works differently. Neural networks are differentiable functions. Smart contracts are deterministic functions. Both are pure math - one probabilistic, one deterministic - operating at the same computational layer. Instead of two separate technologies bolted together it’s one system, where one handles ambiguity and the other enforces certainty. Fuse them and you get agents that think flexibly but act precisely.
A smart account can't spend above its threshold, can't send to unwhitelisted addresses, can't bypass multisig above a certain amount. The constraint isn't interpretation - the math simply won't allow it. An agent on programmable money doesn't need permission. It needs to satisfy a mathematical condition. One model scales with agents. The other scales with headcount.
This is how Altitude approaches agentic finance. A mathematical environment where obedience is structural; the architecture leaves no room for anything else.