In ye olde times, the sighting of a comet was a portentous omen. Sometimes good: leading wise men in ancient Judea to a humble manger in Bethlehem. (We’re publishing this during Christmas season, after all.) But often bad, foretelling the demise of a monarch or the collapse of a kingdom. A surprising change.

While these days we look at comets as natural phenomena in a material cosmos, sometimes one snowball crosses our skies that reminds us that the universe is not static. Things happen, particularly in human affairs.

Today, agentic AI is one of those changes, a biggie. ChatGPT and its ilk are reshaping value, work, business models. Banking and finance is going to be in the thick of it, as banks, payment companies, and fintechs are eager to put agentic AI to work. (Continued reports of enterprises struggling to embed AI productively may be due to the lack of agents that actually do stuff.)

In consumer finance, AI agents can watch a user’s finances, compare options, and execute actions across multiple providers with minimal human input. Payment providers want to deploy agents to execute transactions, connecting the world of e-commerce and finance. Banks are already testing agents internally, and once they develop enough comfort, will want to use them in controlled environments – with other banks, for further digitizing trade finance, for example.

But agentic AI assumes that everyone is on board. That bots can move seamlessly across platforms because they’re welcome, or at least tolerated.

That may not be the case. There’s a new object streaking through our starry nights: Comet, the AI assistant created by Perplexity, a purveyor of large-language model AI. Comet is designed to do what agents are supposed to do, that is, execute transactions on behalf of users. Its first use case is buying stuff on Amazon.

Amazon ain’t happy. No sirree. It’s suing Perplexity. The case is in California court, and presents a stress test for how far user-controlled agents can go. While Amazon’s case is not going to determine the fate of agentic AI (which is probably coming, like it or not), it will shape the contours of how agents work, the infrastructure to enable or hinder agents, and how this influences regulatory approaches to open finance.

Comets bring change, sometimes the disruptive kind. What does this one portend? Who rises, and who falls?

Comet’s streak

Perplexity’s Comet is an AI browser/assistant that can log into user accounts on sites like Amazon in order to search products, compare options, and complete purchases using stored credentials. It effectively acts as an autonomous shopping concierge.

Amazon’s complaint is that Comet accesses customer accounts and places orders while “masquerading” as a normal browser session, violating Amazon’s bans on robots, data‑mining tools, and third‑party use of account information.

Perplexity counters that Comet only does what a human user could do, just faster – and that Amazon is trying to protect its ad‑driven merchandising model and control over the customer relationship. Any expression of security concerns is, in this light, merely convenient.

The dispute boils down to whether a user’s chosen software agent should be treated like the user, or as an unauthorized (and therefore criminal) third party.​

In open banking, frameworks such as PSD2 in Europe and competition laws in the UK require banks to expose secure APIs so that licensed Third Party Providers (TPPs) can, with customer consent, access account data and initiate payments. Brazil, India, and South Korea enjoy probably the biggest successes in open banking, which has expanded to include insurance, investments, pensions, and financial inclusion. India and Korea also mandate data portability.

Many jurisdictions now have some version of mandatory data-sharing, which gives consumers more power over their data and forces banks to compete more on services: the UAE is set to join the club with open banking going live in 2026.

But open banking (and, broadly, open finance) also gives large financial institutions the ability to leverage their many touchpoints with customers to offer more holistic, better informed products. Singapore’s banks, for example, have developed new wealth-management products built around mandatory data sharing.

Two regulated roles have emerged to support this trend: Account Information Service Providers (AISPs), which aggregate data, and Payment Initiation Service Providers (PISPs), which instruct payments on the user’s behalf. The logic is that customers own the right to direct their data and payment capabilities to trusted intermediaries, under strong authentication and security controls, even if incumbent banks would prefer to keep those relationships closed.

This is already a form of “agentic finance,” albeit via APIs and regulatory licenses rather than general‑purpose web agents.​

Agentic accelerator

If Comet‑style agents crawling others’ websites become normal, the same pattern can extend across finance and payments in many ways. A few possibilities:

• In retail banking, agents could continuously monitor balances, transaction histories, and open‑offer APIs to refinance loans, sweep surplus cash into higher‑yield accounts, or switch utility payments to cheaper providers without the user manually shopping around.

• In wealth and robo‑advisory, agents could orchestrate across multiple brokers and DeFi venues, comparing fees and execution quality, then rebalancing portfolios or hedging FX exposures in line with a user’s policy rules.

• In merchant payments and card acquiring, an agent sitting on top of open APIs could route transactions dynamically across acquirers, pay-by-bank rails, and stablecoin gateways, optimizing for cost and authorization rates in real time.​

• And in B2B trade finance, a corporate agent, armed with access to invoices, shipping data, bank guarantees, and customs documents, could: automatically request working‑capital lines when cash‑flow forecasts show a shortfall; compare offers from multiple lenders against a firm’s risk policy; submit documentation to trade‑finance portals and customs single windows; and trigger payments or escrow releases when IoT or logistics feeds confirm shipment milestones.

This last example is a long shot, given the challenges of digitalizing trade finance across so many participants and jurisdictions. But it could be sped up by embedding digital identity standards and making more contracts machine-readable (see our big article on digital identities).

Whether retail or corporate, these are natural evolutions of today’s AISP/PISP models; the shift is from one‑off API calls to continuous, autonomous policy engines acting on behalf of the customer across multiple providers. In other words, from bilateral API bridges to all-to-all networks. Open APIs give the agent a lawful channel; AI makes orchestration and decision‑making far more powerful.

But there are different paths ahead, with their own beneficiaries.

Amazon wins: constrained agents

If courts endorse Amazon’s framing and agree that Comet’s browser‑equivalent automation constitutes “unauthorized access” when it violates terms of service, then platform owners may be able to treat non-API automation as a computer crime issue, not just a contractual dispute.

For open banking and open finance this has three main consequences:​

• Agent design shifts to regulated pipes. Banks and TPPs would push their agents to operate almost exclusively via formal APIs, licensed roles, and whitelisted integrations, avoiding generic screen‑scraping or browser automation even where users consent. That is already the trajectory in Europe, but an Amazon win would make it far riskier to rely on automation against reluctant platforms (for example, large merchants that prefer card rails over pay-by-bank).​

• Platforms gain leverage over payment agents. Large e‑commerce platforms could more credibly block card‑scheme or wallet‑run shopping agents that attempt to place orders through headless browsers, insisting instead on official integrations or private APIs where they control data and presentation. This limits the ability of payments players to build cross‑platform “universal checkout” agents that sit purely on the user’s side.​

• Regulators may have to mandate openness explicitly. If courts affirm strong platform rights, competition and financial regulators that want agentic innovation will need to legislate for it, much as PSD2 did for bank data access, or Australia’s competition commission has done. That could mean extending open‑banking‑style duties to card schemes, big merchants, or even large platforms designated as “systemically important digital infrastructures,” compelling them to provide agent‑friendly APIs under supervision.​

In this world, agentic AI doesn’t disappear, but it becomes a regulated feature of specific ecosystems: banking APIs, instant payment schemes, card‑network tokenization services, trade‑finance networks. Fintechs and TPPs that already depend on open‑banking licenses are advantaged; “gray‑zone” agents that rely on scraping across random platforms are squeezed out.

Perplexity wins: user agents the default

Perplexity argues that an agent acting under the user’s instruction should have the “same permissions” as the human user and should not be treated as a separate, suspect actor simply because it is software. If that view prevails, and if courts treat terms-of-service bans on generic bots as insufficient to invoke computer‑crime theories, then the balance moves closer to open‑banking’s user‑centric philosophy even outside regulated finance.​

For open finance this would mean:

• Legal comfort for “user‑side” agents. Fintechs, card schemes, and neo-banks could deploy agents that log into third‑party platforms with user credentials and execute actions, without automatically triggering fraud‑related legal risk, so long as they do not bypass strong technical access controls. That legitimizes browser‑equivalent automation as just another tool alongside APIs.​

• Competitive pressure on incumbents to offer APIs. If platforms cannot easily criminalize user‑authorized automation, they face a choice between constantly escalating bot‑mitigation or offering structured, agent‑friendly APIs that preserve some control and performance guarantees. In practice, many will opt for APIs and commercial terms, accelerating the API‑ification of commerce, banking adjacencies, and B2B platforms.​ If you can’t beat ’em...

• More scope for cross‑platform “super‑agents.” Payments firms could build agents that operate across bank APIs, open‑banking interfaces, and logged‑in merchant sessions, optimizing end‑to‑end workflows (from account funding to checkout) without always waiting for formal platform‑to‑platform deals. Kinda sci-fi, but who knows?

Still, existing open‑banking rules around licensing and consumer protection would remain binding when agents touch bank accounts, so this is not a free‑for‑all; instead, it broadens the space where user consent can legitimize automation outside the core banking stack.​

What it means for you

Whichever way the case goes, banks and data providers will not be able to sit out the agentic trend. For incumbent banks that already expose APIs, agents are a double‑edged sword: they can drive engagement and stickiness if banks offer “trusted in‑house agents”, but also increase churn if third‑party agents treat the bank as a commoditized balance sheet or ledger behind smarter front‑ends. (At a more existential level, yield-seeking agents could drain commercial banks of their deposits while filling the coffers of asset managers’ money-market funds.)

TPPs and fintechs gain if they can position themselves as neutral orchestration layers across banks and platforms; they lose if platform lock‑in plus restrictive interpretations of “authorization” starve them of usable data and execution venues.​

Data aggregators that grew up on credential‑sharing and scraping will see their models tested. It’s hard to see how financial-product comparison sites, for example, remain relevant if Comet can do the same thing, plus execute. That’s true even if Amazon wins the case, as they’ll be forced into more regulated roles and formal data partnerships. And if Perplexity wins, the game will be about who’s got the best hardened security, governance, and audit trails (which could actually the help the banks, which otherwise appear to be most at risk).

Watching the skies: regulators

Regulators watching the Amazon-Perplexity battle are really watching an early skirmish over who controls the “intent and access” layer of digital commerce. Whatever the outcome, this is going to bring several questions to the fore.

• Should user consent alone be enough to authorize an AI agent to act across any web service that the user can log into, or should some sectors (payments, investments, health, critical infrastructure) require regulated, API‑based channels only?

• Do existing open‑banking rules need to be updated to recognize fully autonomous agents as distinct from today’s TPPs, with specific requirements around explainability, auditing, and liability when things go wrong?

• At what scale of platform power (large banks, big‑tech ecosystems, ‘gatekeeper’ marketplaces) should there be an affirmative duty to offer fair, non‑discriminatory access to user‑authorized agents?

A ruling that favors Amazon will strengthen the case for explicit regulatory mandates if policymakers want agentic open finance to flourish. A ruling that favors Perplexity will ease some legal risk for user‑side agents, but still leave plenty of work for financial regulators to ensure that data sharing, authentication, and liability keep pace with far more autonomous, 24/7 financial intermediaries.

The Comet dispute is an early proxy battle for whether open banking’s core idea about data – user‑directed access via intermediaries – remains largely confined to regulated bank APIs, or becomes a broader principle for how AI agents participate in payments and finance across the entire internet. Keep looking up!