Underwriting the Agentic Economy: Why We Must Quantify Risk at the Speed of AI

The tech world has officially moved beyond "chat." If 2023 was the year of Generative AI, 2026 is undoubtedly the year of the Agentic Economy.

As evidenced by TechCrunch’s recent report, we are no longer just asking LLMs to write poems; we are delegating our lives to them. Startups are deploying agents to negotiate our calendars, manage our supply chains, and execute financial transactions. We are witnessing a shift from human-to-human interactions to agent-to-human and, increasingly, agent-to-agent commerce.

But as the market rushes to adopt these autonomous actors, a critical question remains unanswered: How do we price the risk?

The Hidden Vulnerability of Autonomy

The premise of the Agentic Economy is autonomy. We want agents to act on our behalf. But as Check Point Software recently highlighted, granting AI agents the authority to execute workflows and interact with external tools introduces a new attack surface.

When an AI agent is tricked via prompt injection or "toolchain abuse," it doesn't just output a hallucination; it takes a compromised action. SecurityBrief Asia reported just this week on attackers specifically targeting these agentic functions in live systems. If an agent negotiating a contract or a calendar invite can be hijacked to exfiltrate data or agree to unfavorable terms, the liability is no longer theoretical—it is operational and immediate.

The Legal Reality Check: Mobley and Eightfold

We are already seeing this technical risk translate into substantial legal exposure. The legal landscape is shifting from abstract "AI ethics" to hard-nosed liability.

Take the class certification in Mobley v. Workday. This case shattered the defense that software vendors are mere tools; the court’s decision to allow a collective action suggests that AI agents screening candidates can be held liable as "agents" of the employer, carrying the weight of discrimination laws.

Even more pressing is the new lawsuit against Eightfold AI. While Mobley focused on bias, the Eightfold case attacks the "black box" nature of agentic scoring itself, alleging violations of the Fair Credit Reporting Act (FCRA). The claim is that when an AI agent scores a human, it acts as a consumer reporting agency. If agents are making decisions about livelihoods without the transparency and dispute mechanisms mandated for credit bureaus, we are looking at a regulatory minefield.

The Unpriced Risks: From Supply Chains to Credit Ratings

The risk extends far beyond HR tech. Consider just a few examples of the agent-to-agent future we are building:

• Financial Risk: What happens when a credit scoring agent negotiates directly with a bank’s loan origination agent? If one agent hallucinates a data point or is subtly manipulated by the other, who is liable for the resulting bad loan?
• Supply Chain & ESG Risk: When ChatGPT or a shopping agent makes a product recommendation, does it validate the supply chain? If an agent autonomously procures goods produced by sanctioned slave labor, the company deploying that agent is arguably complicit. The agent didn't just "chat"—it executed a transaction.

These are not edge cases; they are the fundamental mechanics of the new economy. Yet, currently, companies are deploying these agents with zero ability to quantify the specific risk of that specific transaction.

The Solution: Continuous Risk Underwriting

For the market to fully adopt agentic technology, we must replicate the trust mechanisms of the financial world. Every time a credit card is swiped, a complex risk engine instantly evaluates fraud exposure, creditworthiness, and transaction context.

We need the same for AI agents. We need to quantify and continuously identify risk in every agent interaction.

As Legal Technology Hub recently noted, we must move from "abstract frameworks" to "legal-grade control." But I would argue we need to go further: we need financial-grade underwriting.

To achieve this, we cannot rely on "black boxes." As Palantir’s recent "Agentic Runtime" framework highlights, one of the prerequisites for security in this new era is real-time observability. We need the ability to inspect the agent's "reasoning core" and intermediate steps as they happen. Just as a financial auditor traces the flow of funds, we must be able to trace the flow of agentic logic—validating the decision pathway, not just the final output.

• For Enterprises: You cannot scale agent deployment if you cannot estimate the liability exposure of 10,000 autonomous negotiations happening simultaneously. You need real-time observability to serve as the "dash cam" for your digital workforce.
• For Insurers: The insurance industry is currently flying blind. To insure the Agentic Economy, carriers need real-time "legal intelligence" that assesses the risk of an agent's code accessibility, its decision logic, and its real-world interactions.

At Darrow, we believe the future belongs to those who can see the signals before the damage is done. The ability to price the risk of an agent's action before it is finalized will be the difference between a company that dominates the AI era and one that is buried by it.

We cannot eliminate the risk of the machine. But we must, absolutely, learn to underwrite it.

This Might Interest You:

• The Consent Illusion: Why Nobody Reads Digital Contracts (And How AI Might Be the Fix)