AI Agent Legal Liability: Who Pays When Your Autonomous Tool Binds Your Company

When your AI agent signs a contract, issues a refund, or negotiates a deal, who bears the legal liability? Agency law, UETA, UCC Article 2, TRAIGA, and EU AI Act rules every founder deploying autonomous AI must know.

AI Agent Legal Liability: Who Pays When Your Autonomous Tool Binds Your Company
Loading AudioNative Player...

Your AI sales agent just committed to a 40% discount on a $250,000 enterprise deal. Your autonomous support bot issued a $50,000 refund to a customer who requested one — twice. Your AI procurement tool bought 10,000 units of a component at three times the market rate because it misread a supplier's pricing page. These are not hypotheticals. They are the predictable consequences of deploying AI agents that take autonomous action — and they raise a question that contract law, agency doctrine, and emerging AI regulations are only beginning to answer: who is legally responsible when your AI agent makes a binding decision?

AI agent legal liability is a distinct problem from the agency-law and electronic-signature questions we analyzed in our Copilot deep dive, and from the product liability and tort exposure we covered in our AI product liability guide. This article focuses on the contracting authority problem: when an AI agent commits your company to a deal, what legal framework governs whether that deal is enforceable, who bears the loss when the agent gets it wrong, and what regulatory guardrails apply to autonomous decision-making systems in 2026.

Can an AI Agent Actually Bind Your Company to a Contract?

The short answer is yes — and the legal basis is older than generative AI itself. Two statutes, enacted well before ChatGPT existed, settled the validity question for machine-formed contracts.

The federal Electronic Signatures in Global and National Commerce Act (ESIGN) provides that a contract "may not be denied legal effect, validity, or enforceability solely because its formation, creation, or delivery involved the action of one or more electronic agents so long as the action of any such electronic agent is legally attributable to the person to be bound" (15 U.S.C. § 7001(h)). ESIGN defines an "electronic agent" as "a computer program or an electronic or other automated means used independently to initiate an action or respond to electronic records or performances in whole or in part without review or action by an individual" (15 U.S.C. § 7006(3)).

The state-level counterpart, the Uniform Electronic Transactions Act (UETA), adopted in nearly every state, goes further. UETA Section 14 states that "a contract may be formed by the interaction of electronic agents of the parties, even if no individual was aware of or reviewed the electronic agents' actions or the resulting terms and agreements." That sentence forecloses the most obvious defense — "no human at our company reviewed this deal" — before you can raise it.

Under traditional agency law, the Restatement (Third) of Agency § 1.01 defines an agency relationship as one where "one person (a 'principal') manifests assent to another person (an 'agent')" to act on the principal's behalf. The Restatement assumes the agent is a person. A large language model is not a person, cannot manifest assent in any doctrinally meaningful sense, and cannot serve as a traditional fiduciary. But the ESIGN/UETA framework sidesteps that problem entirely by treating the AI as an "electronic agent" — a tool whose actions are attributed to the deploying party, not as a legal person in its own right.

The Mailbox Rule and AI Acceptance

The "mailbox rule" — the common-law principle that acceptance of an offer is effective upon dispatch, not receipt — applies with full force to AI-agent-initiated transactions. If your AI agent sends an acceptance (by clicking "confirm," sending an automated email, or executing an API call to a payment processor), the contract is formed at the moment of dispatch, just as if a human employee had sent it. The counterparty did not choose your tool, and the law does not require them to wait for human verification before relying on the deal.

When Your AI Agent Makes a Costly Mistake

Contract validity is the easy question. The hard question is liability allocation when the agent agrees to something you never intended. The foundational case is Moffatt v. Air Canada, 2024 BCCRT 149, where the British Columbia Civil Resolution Tribunal held Air Canada liable for its chatbot's misrepresentation about bereavement-fare policy. The airline argued the chatbot was "a separate legal entity responsible for its own actions." The tribunal called that "a remarkable submission" and held the airline responsible for all information on its website, whether from a static page or a generative agent. The damages were modest — $812.02 CAD — but the principle is not: a deployer cannot disown its own automation.

For founders, the practical scenarios are where this gets expensive:

  • The rogue refund: Your AI support agent, instructed to "resolve customer complaints," issues a $50,000 refund to a customer who requested one — interpreting "resolve" as "give the customer what they asked for." Under UETA § 9's attribution rule, that electronic act is your act. The customer received a credit to their account. unwinding it requires clawback litigation, not a simple "oops."
  • The unauthorized discount: Your AI sales development representative tells a prospect it can offer 40% off your enterprise pricing. Under Restatement (Third) of Agency § 2.03, apparent authority exists when a third party reasonably believes the actor has authority to act on behalf of the principal, and that belief is traceable to the principal's manifestations. You deployed the agent on your website, branded it with your logo, and let it negotiate. The prospect's belief that it had authority is traceable directly to you.
  • The hallucinated commitment: Your AI agent "agrees" to a term that no human at your company ever approved — an indemnification clause, a data-processing addendum, an exclusivity provision. The starting point under UETA is that the company bears the risk. Traditional doctrines like unilateral mistake (where a counterparty "snaps up" an obvious error) may provide a narrow defense, but the practical answer is to bound the agent's authority before deployment, not to litigate validity afterward.

UCC Article 2 and AI-Agent-Initiated Purchases

When an AI agent purchases goods — procurement bots, AI shopping assistants, automated inventory systems — the Uniform Commercial Code governs. UCC § 2-204 provides that "a contract for sale of goods may be made in any manner sufficient to show agreement, including conduct by both parties which recognizes the existence of such a contract." The statute does not require a signature, a specific form, or even a clear moment of formation. It requires only conduct sufficient to show agreement.

An AI agent that initiates a purchase order, receives an automated confirmation, and triggers payment has created conduct that "recognizes the existence of a contract" under § 2-204(1). The fact that no human reviewed the transaction is irrelevant — the conduct standard does not distinguish between human and machine action. Moreover, § 2-204(3) provides that "even though one or more terms are left open a contract for sale does not fail for indefiniteness if the parties have intended to make a contract and there is a reasonably certain basis for giving an appropriate remedy." This means an AI agent that agrees to a purchase without nailing down price, delivery date, or quantity may still form an enforceable contract, as long as a court can fashion a remedy.

For founders deploying procurement agents, this creates a real risk: your AI may bind you to purchase commitments at prices and quantities no human approved. The UCC's open-terms doctrine, designed to facilitate commercial dealings between sophisticated parties, becomes a liability amplifier when the "party" on your side is a stochastic model.

Regulatory Guardrails: TRAIGA and the EU AI Act

TRAIGA: Texas's AI Governance Framework

The Texas Responsible Artificial Intelligence Governance Act (TRAIGA), signed into law on June 22, 2025, and effective January 1, 2026, applies to developers and deployers of AI systems that do business in Texas or produce products used by Texas residents. TRAIGA broadly defines an "artificial intelligence system" as "any machine-based system that, for any explicit or implicit objective, infers from the inputs the system receives how to generate outputs, including content, decisions, predictions, or recommendations."

For founders deploying autonomous agents, TRAIGA creates two key obligations. First, it prohibits using AI to unlawfully discriminate against protected classes, infringe constitutional rights, or encourage self-harm or crime. An AI agent that makes autonomous decisions about pricing, credit terms, or service eligibility could trigger anti-discrimination scrutiny if its outputs produce disparate outcomes. Second, TRAIGA provides a safe harbor for entities that "substantially comply" with the NIST AI Risk Management Framework — meaning that if you build your governance program around NIST's GOVERN, MAP, MEASURE, and MANAGE functions, you have an affirmative defense against AG enforcement. Civil penalties range from $10,000 per curable violation to $200,000 per incurable violation, plus ongoing daily penalties.

We've covered TRAIGA's compliance requirements in detail in our TRAIGA compliance guide for Texas AI startups.

EU AI Act and GDPR Article 22

For founders serving European customers, two regulatory regimes constrain autonomous decision-making. The GDPR's Article 22 grants data subjects "the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her." If your AI agent makes autonomous decisions about EU users — denying a loan, setting prices, terminating a subscription — Article 22 requires either explicit consent, contractual necessity, or a legal basis, plus safeguards including "the right to obtain human intervention."

The EU AI Act (Regulation 2024/1689), which we analyzed in our EU AI Act deadline guide, adds a layer on top. AI systems that make autonomous decisions affecting individuals' legal rights or significant interests may be classified as "high-risk," triggering obligations around risk management, data governance, transparency, and human oversight. For autonomous agents that negotiate contracts, set pricing, or make eligibility determinations, the high-risk classification is a live possibility — particularly if the system processes personal data to make those decisions.

Building Human-in-the-Loop Checkpoints

The legal frameworks above all point to the same practical conclusion: you need human-in-the-loop controls before your agent takes binding action, not after. Here is how to structure them.

Tier Your Agent's Authority by Transaction Value

Not every decision needs a human checkpoint. A tiered authority structure — informed by the NIST AI RMF's risk-tiering approach — lets your agent operate autonomously within defined limits while escalating high-stakes decisions:

  • Tier 1 (Autonomous): Quotes up to $5,000, standard refund processing under $1,000, routine procurement under $10,000. No human review required. The agent operates within its UETA "electronic agent" scope, and attribution under § 9 is clean.
  • Tier 2 (Human approval required): Quotes $5,000–$50,000, refunds $1,000–$10,000, procurement $10,000–$100,000. The agent generates the proposal but cannot execute it. A human reviews and approves before the transaction is sent.
  • Tier 3 (Human approval + officer sign-off): Anything above Tier 2 thresholds, any contract with indemnification or IP clauses, any commitment involving personal data of EU residents. The agent drafts; a human reviews; an officer signs off.

Publish Scope-of-Authority Disclaimers

Under Restatement (Third) of Agency § 2.03, apparent authority turns on what the third party reasonably believed. You can narrow that belief by publishing clear scope-of-authority statements in your terms of service, on the interfaces where the agent operates, and in any communication the agent sends. A statement like "This AI assistant can provide pricing information and generate quotes up to $5,000. It is not authorized to issue refunds, modify contract terms, or make binding commitments on behalf of [Company]" does not eliminate apparent authority entirely, but it provides evidentiary support that a third party's belief in broader authority was not reasonable.

Maintain an Audit Trail

UETA § 12 requires electronic records to be retained in a form capable of accurate reproduction for later reference. For AI agents, that means logging every input, output, and human override as a single linked record. When a dispute arises — and it will — you need to show what the agent was instructed to do, what it actually did, and where the human checkpoint was (or was not) invoked. Pair this with ISO/IEC 42001:2023's monitoring requirements, and you have both the legal retention baseline and the governance framework to support it.

Actionable Next Steps

  1. Audit your deployed AI agents today. Inventory every system that takes autonomous action — sales agents, support bots, procurement tools, scheduling assistants. For each, document what authority it has, what transactions it can execute, and whether a human reviews the output before it takes effect.
  2. Implement transaction-value tiering. Set hard limits on what your agent can do without human approval. Use API-level controls, not policy documents, to enforce them. If the agent can call a payment API, cap the amount at the API level.
  3. Draft scope-of-authority disclaimers. Publish them wherever the agent interacts with third parties — chat interfaces, email footers, terms of service. The goal is to make it unreasonable for a counterparty to believe the agent has broader authority than you've defined.
  4. Align with NIST AI RMF for TRAIGA safe harbor. If you operate in Texas, substantial compliance with the NIST framework gives you an affirmative defense against AG enforcement. Build your governance documentation around the GOVERN, MAP, MEASURE, and MANAGE functions.
  5. Review EU exposure. If your agent makes decisions about EU users, assess whether GDPR Article 22's human-intervention requirement applies and whether your system might be classified as high-risk under the EU AI Act. Build the human-oversight mechanism before you need it.
  6. Get legal review of your agent's contracting authority. The statutes say your agent can bind you. The question is whether your contracts, terms of service, and operational controls properly allocate the risk. Have counsel review the authority structure, the disclaimers, and the audit trail before — not after — the agent makes a $50,000 mistake.

Deploying an autonomous AI agent that can sign contracts, issue refunds, or negotiate deals? We help founders structure the legal controls, authority frameworks, and compliance guardrails before the agent goes to production.

Get in touch