Jean-Philippe Beaudet & Jonathan Rufrano

Why We Filed 

Over the past several weeks, TDC’s AI + Quantum and Compliance & Cybersecurity Working Groups led the preparation and submission of two formal public comments to the National Institute of Standards and Technology (NIST). Both filings respond to government requests for industry input on how AI agent systems should be identified, authenticated, authorized, and secured – questions that sit squarely at the intersection of our members’ work. 

As autonomous agents gain the ability to execute financial transactions, access proprietary data, call APIs, and interact with other agents, the rules governing their identity and authority will shape the architecture of the systems your organizations are building right now. TDC’s goal in filing is to ensure that those rules are informed by the technical reality our members navigate daily and to establish TDC as a credible, expert voice in a policy space that will define AI deployment for years to come. 

What We Responded To 

Filing 1: NIST CAISI – Security Considerations for AI Agents (March 2026) 

The Center for AI Standards and Innovation (CAISI) requested information on security threats, risks, and practices affecting AI agent systems across the full deployment lifecycle. TDC’s response drew on members’ hands-on experience in financial services, digital asset custody, blockchain security infrastructure, and agentic commerce. 

Filing 2: NIST NCCoE – Software and AI Agent Identity and Authorization (April 2026)

The National Cybersecurity Center of Excellence (NCCoE) proposed a new project exploring how software and AI agents should be identified and authorized, initially scoped to enterprise deployments. TDC’s response addressed six question categories spanning use cases, existing standards, identification, authentication, authorization, auditing, and prompt injection defense. 

Our High-Level Recommendations 

Core principle: Build from existing standards rather than creating parallel AI-specific frameworks from scratch. The building blocks already exist—they need to be extended, not reinvented. 

Across both filings, TDC advanced four interconnected recommendations: 

1. Expand the project scope beyond enterprise-only use cases. Consumer-facing and government AI agent deployments introduce identity and authorization risks that enterprise frameworks may not address – and standards that fail to account for all three segments will produce gaps from day one. 
2. Prioritize adaptation of mature, widely-deployed protocols. Standards like OAuth 2.0, NIST SP 800-63, SPIFFE/SPIRE, W3C Verifiable Credentials, and ISO/IEC 18013 (mDL) already provide robust foundations. The right approach is to extend these – not replace them – to accommodate non-human, autonomous actors.
3. Treat agent identity and authorization as distinct layers. Authentication establishes who an agent is; authorization determines what it is permitted to do. Conflating these layers is a root cause of current over-permissioning in agentic deployments. 
4. Design for accountability at scale. Every agent action should be cryptographically attributable to a verifiable identity, a delegating human principal, and an auditable authorization chain – before those agents are managing financial assets or acting across enterprise systems.

If you have any questions, please reach out to policy@digitalchamber.org.