Rain has launched its Agent Control Layer, embedding programmatic spending controls across its APIs for AI agent payment flows.
The release, announced in June 2026, builds on infrastructure that enterprise clients have already been using in production. Agents running on Rain's platform are currently executing travel bookings, software subscriptions, end-to-end procurement workflows, and cross-border money transfers. The Agent Control Layer extends this foundation with a governance framework designed to make autonomous payment activity both auditable and bounded, while opening access to a wider developer base.
Governance at the point of issuance
The core design principle of the Agent Control Layer is that controls are enforced before a transaction is attempted rather than applied after the fact. Through Rain's APIs, operators can configure constraints across a range of parameters: acceptable merchant category codes, approved merchants or payment recipients, transaction amounts and frequency, the number of active agent cards permitted at any given time, and card expiry. If a transaction falls outside those permitted parameters, it does not proceed.
For card payments, Rain's virtual card infrastructure allows operators to define what an agent may do prior to activation, setting spend limits, merchant allowlists, spend intervals, and expiry windows. At the programme level, operators can apply aggregate spend limits across their user base and monitor for unusual patterns. The US-based company counts Sponge, a Y Combinator-backed firm building infrastructure for autonomous agents, among its current customers. Sponge issues virtual cards against users' stablecoin balances, usable wherever Visa is accepted online.
The Agent Control Layer also extends to Rain's broader money movement suite, which encompasses virtual accounts, onramps, offramps, and both fiat and stablecoin payments to individuals and businesses. Operators can define approved counterparties, amounts, frequency, and timing for agent-initiated payment flows. Any changes to those terms require action by a human administrator.
Agentic payments as an infrastructure category
The release reflects a broader shift in payments infrastructure towards accommodating machine actors. As AI agents take on more autonomous roles in procurement, vendor management, and financial operations, the question of how to govern their spending behaviour at the infrastructure layer (rather than through application-level controls) is becoming a practical concern for enterprise operators.
Rain positions the Agent Control Layer as one component of a wider roadmap that includes compliance frameworks built for autonomous actors, programmable settlement across card, banking, and blockchain rails, and early work on interoperability standards for agentic commerce. The company has described the initial beta release as production-ready infrastructure, intended to support live workflows rather than serve as a future-state proposition.
The release marks Rain's formal entry into what is emerging as a distinct infrastructure segment: governance tooling for AI-driven financial activity, where controls over spending, counterparties, and timing need to be defined programmatically and enforced at the point of issuance or initiation.
