We're building the control plane that makes AI agent spending authorised, governed, and auditable.
Not another card. Not another wallet. The layer that sits between what an agent wants to do with money and whether it's actually allowed to — before a mandate is issued, before a rail is triggered, before a single pound moves.
We saw the gap before most people named it.
For decades, the payments system was built around one assumption: a human is making this decision. Account numbers, card portals, approval flows, authorisation loops — every piece of the financial stack was designed to be operated by, traceable to, and ultimately accountable to a person.
That assumption no longer holds.
Today, agents can negotiate freight loads, manage procurement, run ad campaigns, book travel, renew SaaS tools, and spin up cloud services. They can research, decide, and act at a speed no human team can match. But the moment money needs to move, the workflow breaks. A human has to step in to execute the payment. Autonomous action stops at the payment boundary.
That is a temporary state of the world. It will not last long.
Within the next decade, autonomous systems will be responsible for a significant portion of all transaction volume globally — across commerce, labour, and machine-to-machine settlement. The rails and governance to support that shift are only beginning to be built.
We built OpenCard to close the most urgent gap in that stack: not the payment rail, but the authorisation and governance layer that has to come before it.
“Who authorised this agent to spend?” Almost nobody could answer.
The industry moved fast to answer how agents pay — five competing payment protocols launched in twelve months. But almost no one was solving the more fundamental problem: how do you govern an autonomous economic actor?
Existing risk and fraud controls break
Today's payment networks detect fraud by observing deviations from expected human behaviour — typical merchants, amounts, geographies. When agents become primary transactors, their patterns look nothing like a human's. The existing authorisation loops weren't designed for this.
Identity and counterparty trust is genuinely hard
When a human buys something, they use judgement to assess whether a vendor is legitimate. When an agent transacts programmatically over an MCP server or API, it can't rely on those signals. There needs to be a new method of verifying counterparty trust — before the transaction is committed.
Dispute arbitration becomes deeply unclear
When an agent acts autonomously and produces an outcome the principal didn't intend — a 12-hour layover, the wrong vendor, an over-budget purchase — who is responsible? The current chargeback framework traces liability to an authorised individual. That framework doesn't exist yet for agents.
Rules and controls are buried in prompts and code
Developers who want to enforce spend limits or merchant restrictions typically hardcode them into system prompts or tool wrappers. This is fragile, un-auditable, inconsistent across agents, and impossible for non-engineering teams to manage.
No single system of record
When an agent makes a financial decision, finance and risk teams should be able to see what was requested, what was allowed, and why. Right now, in most agent stacks, they have nothing.
A once-in-a-generation moment.
Money movement has been effectively static for decades — built for humans, operated by humans, governed around human-scale transaction frequencies and patterns. The shift to autonomous systems changes every part of that picture.
Entire industries are missing value because their agent workflows can't close the loop on payments. Logistics agents that can't settle freight charges automatically. Procurement agents that can't finalise vendor payments without a human stepping in. Property management agents that can't pay contractors in real time. Construction management agents that coordinate the work but have to hand off the payment step entirely.
When those loops close — when agents can act end-to-end autonomously — the value unlocked will be extraordinary. But those loops can only close safely if the authorisation and governance layer already exists.
OpenCard starts there: not at the payment rail, but at the decision layer that must come first.
Three convictions that drive everything we build.
Governance before execution
Payment execution without authorisation and governance is just an uncontrolled spending machine. Before agents can be trusted to move real money autonomously, the layer to ask "should this be allowed?" — and answer it in real time — has to exist. We build the control layer first.
Rules must be evaluated at runtime, not embedded in instructions
Hardcoding spend limits into system prompts is fragile and un-auditable. Scattering approval logic across tool wrappers doesn't scale. Authorisation and governance need to be evaluated at runtime, owned by risk and finance teams, and updatable without a code change or a redeploy.
The governance layer has to come before the payment layer lands
When machine-readable mandates and native payment rails reach mainstream adoption, organisations that already have authorisation governance in place will be ready. Everyone else will be trying to retrofit controls onto systems that are already running.
A three-layer stack for agentic commerce — in the right order.
OpenCard is building the unified platform for agent spend authorisation, governance, and payments. We are doing it in a deliberate sequence because the order matters.
Authorise
LIVERuntime decisions on every agent spend attempt: is this agent allowed to transact? Is this amount, merchant, and category permitted under current policy? Evaluated in milliseconds. Returned as ALLOW, DENY, or REQUIRE_APPROVAL — with reasons, policy references, and a full trace.
Govern
LIVECentralised policies, audit logs, kill switches, and approval workflows — owned by the teams responsible for risk and compliance, not buried in agent codebases. Update a spend limit from the dashboard and every agent respects it in seconds without a redeploy.
Pay
COMING SOONMandate-aware payment execution, rail integrations, verifiable credentials, and protocol bridging — built on the same control plane that Authorise and Govern already run on. When agents are ready to move real money, the governance is already in place.
Make every AI agent financial action authorised, governed, and auditable — from the first spend request to the last settlement record.
Our values.
Control before convenience
We build the governance layer before the execution layer. Speed without control is a liability.
Honest about what ships
We are clear about what is live and what is coming. No vaporware. The badge says LIVE when it is live.
Built for regulated stakes
We build for teams who will stake their regulatory posture on this. That means reliability, explainability, and auditability.
Developer-first, org-ready
Great tooling is easy for engineers to integrate and powerful enough for risk, finance, and compliance to rely on.
Open about how it works
Authorisation only works if teams trust it completely. We are transparent about what OpenCard evaluates, how decisions are made, and why.
Open source as conviction
The authorisation standard for the agentic economy should be inspectable, forkable, and community-contributed. The foundation is open.
Where we started.
OpenCard was founded in London in 2025. The founding moment was clear: the agentic commerce category was evolving in real time — new protocols, new agent frameworks, new enterprise pilots — and the governance conversation was lagging deployment by a full product cycle.
We had watched the same pattern play out in payments before. The companies that build for the wave early — before the volume arrives, before the compliance requirements crystallise, before the disputes accumulate — are the ones that own the category when the market matures.
OpenCard starts where every safe agentic payment flow has to start: not with the card, but with the question “is this agent allowed to do this?” — answered in real time, centrally governed, and provable to anyone who needs to see it.
Why now.
The payments system has always been built around human-to-human interaction. Account numbers, card portals, and checkout flows are designed to be operated by, traceable to, and ultimately accountable to a person.
As the world transitions into an agentic future — where autonomous systems are responsible for a growing share of global transaction volume — that architecture will be rebuilt from the ground up, not for humans, but for machines.
That transition is not a distant prediction. It is happening now, in production, at companies across logistics, procurement, travel, SaaS management, marketing, and financial operations. Agents are already making decisions that trigger financial actions. The governance for those decisions is significantly behind where the deployment is.
OpenCard exists to close that gap — before it becomes a systemic problem.
Based in London. Building for a global agentic economy.
We are headquartered in the City of London — at the intersection of financial services and technology. London puts us close to the FCA regulatory environment, the UK fintech ecosystem, and the enterprise buyers who are asking the governance questions earliest and most seriously.
OpenCard is backed by investors and operators who believe that authorisation and governance is the most important unsolved problem in the agentic commerce stack — and that the time to build it is before the payment volume arrives.
Give your agents permission to act – safely.
Start governing agent spend today. Be first on payments when it ships.
Deploy in 10 minutes. Works with your existing stack. No payment rails required.