Last month, a major cloud provider quietly shipped a feature most executives missed. Their agent runtime now emits a cryptographically signed log of every tool call, every model invocation, every external API touch, every byte of context fed into a decision. They called it an audit trail. That undersells what it is by about an order of magnitude.
Around the same time, a coalition of model labs published a draft spec for inter-agent attestation. Two financial regulators in different jurisdictions issued near-identical guidance within a fortnight, both demanding "demonstrable provenance" for AI-driven decisions in regulated workflows. A payments network announced a pilot for agent-to-agent settlement that requires signed action receipts before funds clear.
These events look unrelated. They are not. They are the early shape of an economy where the receipt becomes more valuable than the transaction.
The thing nobody priced
For thirty years, business software made one quiet promise: trust us, the database is right. The ledger said the customer paid. The CRM said the deal closed. The HR system said the employee was hired on a Tuesday. We believed it because there was a human chain of custody behind every entry. Someone clicked. Someone approved. Someone could be fired.
Agents broke that chain in about eighteen months.
When an autonomous system books a meeting, places an order, refunds a customer, files a document, hires a contractor, or moves money, the database still updates. But the human chain is gone. The CFO who used to be able to point to a person and ask "why did you do this" now points at a model checkpoint and a prompt and a context window that has since been garbage-collected.
This is the gap. And the gap has a price.
The price is paid every time a regulator demands an explanation you cannot give, every time a counterparty disputes a charge you cannot defend, every time a board asks why the agent did what it did and the answer is a shrug dressed up in three slides.
The companies that will own the next decade are the ones who understood early that proof is the product.
What a receipt actually is
Forget the paper slip from a coffee shop. A modern agent receipt is a structured artifact with seven things baked in: the identity of the acting agent, the identity of the principal it acted for, the policy under which it acted, the inputs it considered, the model and version it used, the action it took, and a signature chain that ties all of it to a moment in time that cannot be quietly rewritten.
A receipt is not a log line. A log line is something you write. A receipt is something you sign.
The difference matters because the value of evidence is exactly proportional to how hard it is to forge. Logs are easy to forge. Backdated database entries are easy to forge. A receipt with a signature chain rooted in hardware attestation is, for practical purposes, not.
This is why the cloud provider's announcement was a tectonic event disguised as a feature note. They moved the proof boundary from "our database says so" to "the silicon attests." Every agent action now arrives with a notarization that follows it forever.
Why this changes the shape of the firm
Take a moment and think about what your company actually sells.
If you are a B2B software vendor, you sell uptime, accuracy, and the implicit promise that what your system did was what your customer asked it to do. Today, you cannot prove the third thing. You can show logs. You can show dashboards. If a customer's agent disputes an outcome, you have a meeting, not a resolution.
If you are a marketplace, you sell matching and trust. Trust today means a star rating and a refund policy. When both sides of every transaction are agents acting for principals, the star rating is meaningless and the refund policy is too slow. The only thing that resolves a dispute at machine speed is a receipt that both agents already agreed to honor before they acted.
If you are a financial institution, you sell custody and settlement. Custody and settlement at agent speed require attestation that does not exist in your current core systems. The bank that solves this first eats the ones that do not.
If you are a professional services firm, you sell judgment. The receipt for judgment is the trickiest of all, because the input was a human gut and the output was a recommendation. As more of that judgment moves into models, the receipt becomes possible for the first time in the history of the profession. Possible, and therefore mandatory.
The pattern under all of these: the part of your business that used to depend on social trust is being repriced as a technical artifact. If you do not produce the artifact, your trust gets discounted to zero by counterparties who do.
The two-sided market for proof
Receipts are useless if no one accepts them. This is the part most operators miss.
A receipt is a claim. The claim has value only when a second party will treat it as binding. That requires three things in the wider economy: standards everyone signs into, verifiers everyone trusts, and dispute resolution that runs on the receipt as evidence rather than running on lawyers.
We are watching all three crystallize this quarter.
The inter-agent attestation spec from the model labs is the standards layer. It defines what fields a receipt has to carry and how the signatures chain. The cloud providers shipping signed runtimes are the verifier layer, because their attestation is what gives the receipt its root of trust. The regulators demanding provenance are forcing the dispute resolution layer, because once a regulator says "show me the receipt or pay the fine," every counterparty in the chain starts demanding receipts upstream.
Three months ago you could ignore this. Today you cannot. In twelve months, your largest customers will require it in procurement. In twenty-four months, your insurance will price you on whether you produce receipts your insurer can verify.
The strategic implication most boards are missing
Most companies are still thinking about AI as a productivity story. Cheaper coding. Faster reports. Fewer support agents. The receipt economy reframes the whole thing.
If proof is the product, then the value of any AI deployment depends on whether it produces evidence that other parties will honor. An agent that does brilliant work and emits no receipt is, in the new economy, indistinguishable from a liability. An agent that does mediocre work but produces clean, signed, verifiable receipts is bankable.
This inverts the procurement question. The right question is no longer "which model is best." It is "which deployment architecture produces evidence my counterparties will accept, my regulators will require, and my insurer will discount on?"
Almost no off-the-shelf product answers that question well. The vendors are still selling capability. Capability without provenance is a depreciating asset.
The four positions a business can take
There are exactly four postures available to a leadership team right now.
The first is denial. Keep treating AI as a productivity tool, keep buying point solutions, keep believing the database. This works until the first time a regulator, a partner, or a court asks for a receipt and you have a log file. Then it stops working catastrophically.
The second is consumption. Buy receipts as a service. There will be vendors who offer this. They will be useful for low-stakes workflows. They will also know everything about your operations, because to issue receipts they have to see every action. You are buying a service that turns your operations into someone else's training data and competitive intelligence.
The third is compliance theater. Bolt on a receipt layer that satisfies the letter of the regulation, store the artifacts, never integrate them into the actual operating logic of the business. This is the path most large companies will take by default. It satisfies auditors. It does nothing for the actual economic shift, because your agents are still acting without verifiable provenance and your counterparties still discount your trust accordingly.
The fourth is architecture. Treat the receipt as a first-class output of every system you build. Design your agent stack so that every action it takes produces a signed artifact that downstream systems, partners, regulators, and insurers can verify without phoning home to you. Make proof a deliverable on equal footing with the work itself.
Only the fourth position compounds.
What architecting for proof actually means
This is where most strategy posts wave their hands. Let me be specific.
Architecting for the receipt economy means six concrete decisions, made deliberately, at the level of the operating model.
You decide which classes of action your agents take are receipt-bearing. Not all of them need to be. A model summarizing a meeting for one user does not need cryptographic provenance. A model approving a refund, signing a contract, allocating capital, or filing a regulatory report does. Drawing this line is a leadership call, not a technical one, because it determines where your liability surface sits.
You decide where the root of trust lives. If it lives in your cloud provider's hardware, you have outsourced your evidentiary independence to them. If it lives in your own attestation infrastructure, you have a capability moat. Most firms should mix the two, with the most consequential actions rooted in infrastructure they control.
You decide what your receipts include and exclude. Too little, and they prove nothing. Too much, and you have just created the largest discovery target in your company's history. The contents of a receipt are a legal document and should be designed by people who think in legal documents, not just by people who think in JSON schemas.
You decide who can verify. A receipt only your systems can read is a worse-than-useless artifact, because it implies provenance you cannot actually demonstrate to outsiders. Verification has to be possible by counterparties, regulators, and adversaries, on demand, without your cooperation.
You decide how receipts integrate with your operating cadence. The receipt has to flow into how you settle disputes, how you close the books, how you pay your insurance, how you respond to a subpoena, how you onboard a partner. If the receipt sits in a separate compliance database that nobody touches in the regular flow of work, you have built a museum of proof, not an economy of it.
You decide how the receipt becomes a wedge. The companies that win this shift will use their proof advantage to enter markets others cannot. A vendor that can offer cryptographically attested AI agent action is a vendor a regulated buyer can deploy in eight weeks rather than fourteen months. That delta is the entire deal.
These are six decisions a software vendor cannot make for you. They are decisions about the shape of your business, the structure of your liability, and the geometry of your competitive position. They have to be made before you pick the vendor, not after.
The window is closing fast
The window on this is narrower than most boards realize. Three forces are closing it.
Regulators are converging. The two jurisdictions that issued near-identical provenance guidance last month will not be the last. Once three or four major regulators sit on the same definition of "demonstrable provenance," it becomes a de facto global standard, and you will be required to produce receipts whether you have built the capability or not.
Counterparties are demanding. The first large enterprise to require signed agent receipts in its vendor contracts will create a cascade. Every vendor will have to comply. Every vendor's vendor will have to comply. The standards propagate up the supply chain at the speed of procurement cycles.
Insurance is repricing. Cyber and operational risk underwriters have spent the last year trying to figure out how to price AI agent risk. Receipts are the answer they have been waiting for. Once a major underwriter offers a meaningful discount for verifiable agent provenance, every CFO in the country will start asking the CIO why the company does not have it.
When all three forces hit at once (and they will, this calendar year), the cost of catching up will be ten times the cost of getting ahead. The companies that built the architecture in 2026 will sell receipts-as-capability to the ones that did not, at margins that look obscene in retrospect.
Why this is an architectural problem and why we exist
You cannot buy your way through this. There is no SaaS product that produces a receipt economy posture for your business. The decisions above are organizational, legal, technical, and strategic at the same time, and they have to be made coherently, not in sequence by separate departments who hand off documents.
This is what we mean when we say architecture. Not a diagram. Not a vendor selection grid. A coherent set of choices about how your business will produce, hold, and trade proof in a market that has stopped accepting your word for it.
We work with leadership teams to make those choices, in the order they have to be made, with the tradeoffs surfaced and owned by the people accountable for them. We bring the pattern library from operators who are six months ahead. We design the receipt-bearing layer of your agent stack so that it integrates with how your business actually settles, reports, and competes, rather than sitting in a compliance silo nobody visits.
The boards who treat this as a procurement question will buy receipts from the boards who treated it as an architecture question. Decide which side of that trade you want to be on.