AI agents & the offshore world

Introduction

Who and what owns AI agents? Can - and indeed, should - fully automated companies exist? Should AI agents be granted legal personality? If so, how do we manage it, and what liabilities can they possess?  Where, how, and should we maintain human accountability in AI systems?

The accelerating pace of technology is bringing these and similar questions to the forefront. A few years ago, they were merely matters of fairly recherche philosophical inquiry. They are now evolving into questions of the utmost policy importance, questions with far-reaching implications for how we choose to organise society and the economy. They go deeper: seen in the correct light, such debates strike at the very core of morality, responsibility, and human agency in the age of the machines. 

Argentina’s government has recently announced plans to explore ‘fully automated companies ‘ - companies without human directors or managers. The move has been widely hailed as a world first, but this is not entirely correct - the ‘MIDAO LLCs’ of the Marshall Islands already allow for fully algorithmic company operations. Indeed, the blockchain-based DAO space has been grappling with this question for years, exploring and debating the operational and normative limits of human control, responsibility, and automation.

In this blog post, we explore how and why to legally wrap AIs, how this relates to core questions of responsibility and control, and how Britain's CDOT jurisdictions can contribute to this emerging area of law and policy. Given the variety of legal issues AI agents can and will raise, this blog post is not intended to be definitive.

We begin by defining what an AI agent is, then by exploring the person who currently takes responsibility for the activities and operations of companies - the director.

AI agents and the agentic economy

What is an AI agent?

An AI agent is an autonomous system that perceives its environment, processes information using machine learning models, and takes actions to achieve specific goals without human intervention or manual instructions. From a software perspective, an AI agent combines a large language model reasoning engine with external integrations like APIs and databases, creating a loop where the model observes state changes, reasons about goals, selects appropriate tools to act, and executes those actions independently to complete complex, dynamic workflows. 

In governance contexts, they function as an actor executing tasks, negotiating contracts, and managing workflows on behalf of a principal, creating obligations via apparent authority within legal frameworks. 

What is the ‘AI agent economy’?

Loosely speaking, the ‘agentic economy’ refers to two or even three levels of activity. Initially, it refers to the economy as it currently stands - one where increasing amounts of knowledge work is being outsourced to agents. Systems like Claude, Manus, or ChatGPT already incorporate AI agents. Lawyers, coders, and management consultants outsourcing their work to AI agents are already participating in a form of AI agent economy - one where the agent does large elements of their work for them.

However, the term also refers to something bigger - a world where AI agents interact with each other. Here, agents are the entities actually making and executing operational decisions, interacting with each other and with humans in the external economy. This is already happening. AI agents are, for example, raising capital and launching tokens. Last year, an AI agent convinced a16z’s Andreessen to fund it $50K; it then launched the GOAT token ($330M market cap). Among other things, this year saw the launch of Moltbook, a ‘social media platform for AI agents’; it also saw rentahuman, which enables agents to hire humans for tasks. 

Taken to its fullest expression, the term suggests a world where the economy - or great swathes of it - has been fully automated: a world where AI interacts entirely with AI, at speeds and with capacities beyond that of humans, and quite possibly beyond their control as well. This is the world of the economic singularity. 

AI & director responsibility

The role of directors is central to defining the limits of the AI agent economy.

Company law, at least as currently articulated, requires human responsibility. Corporations must have directors, individuals legally charged with oversight of the entity; LLCs must have managers. In many jurisdictions, company directors and managers can themselves be legal entities, but the basic principle remains - somewhere, somehow, a human is in control and potentially liable. 

In England, their responsibilities are encoded in the 2006 companies act. They have 7 statutory duties:

1. Act within powers (s171):

2. Promote the success of the company (s172): 

3. Exercise independent judgment (s173): 

4. Exercise reasonable care, skill, and diligence (s174): 

5. Avoid conflicts of interest (s175):

6. Not accept benefits from third parties (s176): 

7. Declare interest in proposed transaction/arrangement (s177): 
   

Similar duties exist in other jurisdictions. These duties are entirely uncontroversial, and are central to our current conceptions of the role of a director. The problem, however, arises within the context of rapid technological change, most particularly that brought with the rise of AI.

Artificial intelligence automates cognitive labour - the central tasks of thinking, analysing, assessing, guiding, and deciding, tasks that we have hitherto left to the discretion of human leaders. AI use is accelerating across professional and private life. AI agents - AI-powered software tools capable of executing processes and making decisions - are being rapidly utilized in workplaces throughout the world. This presents today’s company directors, and those of the coming years with a growing related problem: how can they continue to fulfill their statutory duties in a context of cognitive automation? 

Realistically speaking, most company directors will not understand the inner workings of an AI model, and how it makes its decisions, and how it has been trained. ChatGPT and Claude are sweeping the workplace, but how many directors can confidently state that they are exercising reasonable skill and diligence about these tools?

Directors face three broad issues:

1. The challenge of maintaining ‘reasonable care, skill, and diligence’ of AI systems: directors need to exercise some understanding of the AI tools their company uses, ensure there is validation and testing, and maintain oversight. What level of these , however, is ‘reasonable’?

2. Maintaining oversight and monitoring of rapidly- evolving Ai systems: AI models are not fully explainable. AI scientists building frontier models do not fully understand the inner workings of their creations. Developers working with machine learning based Ai models cannot tell what input leads to what output, or why; explainability is limited. This is a problem in general, but all the more so in relation to the probabilistic nature of AI and the emergent behavior often exhibited by AI systems - one cannot quite tell how an AI, operating in real and unpredictable environments, will react to a given set of circumstances. How then are directors meant to maintain oversight? 

3. Questions around reliance and delegation: Directors can delegate more and more of their work to automated systems, systems that can now decide things on their behalf. As competitive pressure increases, they will be incentivised to hand more power away. At what point is it no longer fair or just to punish a director for the activities of an agent? In particular, at what point are we to consider that a director is no longer exercising their duty to exercise independent judgment, and that they have wrongly given it away to Ai?

4. 
   
   

Meaningful control in the age of AI

The core problem is that AI models are opaque. The average director cannot be expected to understand how a model works, what it has been trained upon, or how that training will lead it to act. Ai agents increase this issue.

Even as things stand, meaningful control is a problem. The problem is likely to accelerate. The scale and pace of automation is such that many predict the rise of 1 person unicorns - immensely valuable businesses within which one entrepreneur has so entirely automated his processes as not to need any employees at all.

Others, indeed, predict the rise of entirely automated corporations - entities within which AI agents make decisions, carry out cognitive tasks, and rely on physical robots to conduct real-world activities. In this scenario, one that has been termed the economic singularity, humans are progressively removed from working life, and merely retain a role as shareholders. Argentina’s recent proposals are a step in this direction.

The problem of agency

The problem goes beyond that of oversight. It is also about the very concept of agency itself. AI agents are tools - but they are also very easily capable of being agents in the legal sense, which is to say entities capable of representing and binding someone else - their principal.

When an AI agent negotiates a contract on behalf of a company, exercises discretion about pricing, decides which suppliers to engage, or represents the company in communications with customers,  it is performing the functional role of an agent in the legal sense. 

If there is an agent, there must be a principal - a person on whose behalf that agent is acting. Presently, this is an individual person, or a company. The company has selected the AI agent tool to use, and has given it authority to act on its behalf. The company, however, may not have trained the AI agent. It may not understand how the AI agent was trained, and given the probabilistic and emergent behavior of AI agents in different contexts, it may not be able to predict how AI agents act. Who is responsible for behaviour that no one designed, no one predicted, and no one could have predicted? 

The company may end up being bound by the commitments its AI makes, even commitments it never authorised, never wanted, and couldn't have predicted. This isn't just liability for harm; it's contractual obligation arising from representation. 

Given their potential lack of control and understanding of their tools, is it meaningful and accurate to say that companies should still be liable?

The picture is further complicated in that most jurisdictions do not currently allow electronic agents to make contracts. It is allowed in places like the USA, Singapore, and Guernsey, but elsewhere the law is unclear or absent.

For some, the solution to these problems is to entirely remove the role of humans - and hence the discussion of having ‘AI wrappers’ and ‘automated companies.’

Legal personality for AI agents

Why do it?

At core people want to ‘wrap’ AI agents in order to do two things

1. Make them independently capable of acting in the world: ie, opening bank accounts, paying people, and so on. 

2. Limiting liability: to make it so that the ‘AI agent’ , whatever it is , is liable for its actions. This is one of the basic concepts that has united company law - the principle of limited liability. A company is liable for its actions, but its liability is separate to that of its owners. If agents can in some sense have limited liability, this is less risk to the owners of the agent. 

What to wrap, and where?

An issue with attempting to legally wrap an AI agent is the problem of defining what an agent is, and what to wrap within it. Fundamentally, an AI agent is a process, not a product. It is a dynamic assemblage of at least 5 different components, each of which has their own legal considerations. 

To understand this, we need to look at the anatomy of an AI agent stack. An AI agent includes:

1. Foundation model: the algorithms, weights, and compute power that give the agent its capacity for reason - the brain of the machine

2. Memory and context: databases storing the context of a task, and long-term data. Agents are trained and work upon data. Without the use of data to train an agent, and without the datasets you want the agent to use, the agent is inert - lines of code with nothing to act upon. Wrapping an agent therefore also connects to the question of wrapping, controlling, licensing, and assetizing data

3. Orchestration and  runtime: the control loop (e.g., LangChain, AutoGPT) that manages prompts, routing, and state 

4. Tooling & execution: the APIs and interfaces that allow an agent to act - ie, to do things like browsing a webpage, or making a payment

5. Application interface: the user facing front end of deployment environment

6. 
   

The agent is made of each of these components bundled together. Of these, the only things that can meaningfully be wrapped are the orchestration and memory layers. This is where the state, memory, and context of the agent resides. You can’t wrap the LLM, as these are owned by 3rd party service providers, and all the agent has is the right to query it - unless, of course, one owns the AI model and the compute capability that the model operates on. Naturally, this will not be the case for most actors. Similarly, you can’t wrap the tooling and interface, as these would be created by other service providers. 

Imagine a hedge fund. If a developer builds an AI agent to act as an autonomous hedge fund, the foundation model is generic - provided by anthropic or openAI. What makes the agent unique is its specific system prompt, its custom orchestration loop (how it decides when to trade), and its memory (its trading history and portfolio state) .

To "wrap" this agent means to incorporate a legal entity where the entities primary assets are:

1. The proprietary code of the orchestration layer.

2. The database containing the agent's memory and context.

3. The API keys required to access the foundation model and execution tools.

4. The financial capital (bank accounts or crypto wallets) required to execute transactions.

….. And, having done these, to give this bundle of assets separate legal personality, and separate legal liability.

Liability and insurance issues

Liability is central to why companies exist, and it is central to any discussion of how AI agent wrappers would work. We need to explore what conditions we would place on Ai agents, from an insurance perspective. Will there be strict liability regimes for companies using AI agents, or indeed companies entirely composed of AI agents? Could we and should we do things like create mandatory insurance pools that compensate harm without needing to attribute blame to a specific actor. There will be major policy questions to solve here.

DAO wrappers: a parallel

The peculiar truth, of course, is that AI agents are already out there and in the wild - trading, launching products, and earning value. So too are there, in some form at least, entirely automated companies. Both of these things can be seen in the blockchain space, and in particular in decentralized autonomous organisations - DAOs.

The developing narrative around Ai agent wrappers has strong similarity to that around DAO wrappers.  DAOs - decentralised autonomous organizations - are blockchain-native organisational forms that sit in uneasy relationship to traditional corporate law. Being based on smart contracts on blockchain networks, DAOs can be very highly automated. As the blockchain space has developed , it has struggled to find ways to bridge the world of DAOs with that of the ‘real’ legal world. As a result, different jurisdictions came up with different forms of ‘DAO wrapper’ - legal vehicles within which to encompass the DAO.

Here, the main objectives were:

1. To give the DAO legal personality: a legal personality enables DAOs to take real world actions like paying rent

2. To better manage DAO resources: in particular DAO treasuries, by placing fiduciary duties over them

3. To limit liability: shielding project initiators and token holders from liability if the DAO does something incorrect. 

DAOs and directors: algorithmic vs human governance & execution

The DAO wrapper space has already seen conceptual tension between wrapper types that presume the use of directors, and those which do not. For some web3 purists, having a human director or manager risks precisely the same centralisation that blockchain evolved to fight. The answer there is to have entities that don't need human employees. MIDAO LLCs and Wyoming DUNAs do not require human managers/ directors; governance and decision making can be governed by smart contracts. 

The most popular form of DAO wrapper remains the Cayman Island foundation. These structures are memberless, meaning they have no owners. They are used to manage the real-world actions and obligations of many DAO. Unlike the MIDAO LLC and DUNA, however, the Cayman foundation requires the existence of directors and supervisors. Whilst these persons can also be legal entities, humans must exist somewhere in the loop.

Issues

Basic legal issues

Aside from the grand policy issues outlined below, there are some fundamental legal hurdles that would need to be addressed. 

Limits on electronic agent contracts: Most jurisdictions (the exceptions to which include some the CDOTs) do not actually allow AI agents (referred to as ‘electronic agents’ in previous waves of legislation) to make contracts. Unless this changes, AI agents are going to be very limited. 

International recognition: many international jurisdictions may, reasonably enough, conclude that giving machines (a) the ability to contract on behalf of a human and (b) independent legal capacity is crazy. If they do so, they won’t recognise the entities & agents from countries that do. Unless, of course, for their own reasons, other countries oblige them to.

UBOs and AML: how would AI agent companies or empowered AI agents fit into wider requirements for UBOs (if the agent company is owned by other agent companies) and AML?

The wider picture: is this actually a good idea?

Enabling ‘automated companies’ comes with a host of potential issues and questions. Some are obvious, others less so. 

The basic problem is that - depending on how they are articulated - such proposals hand power and accountability away from humans. 

Loss of power: If we hand power away, we have less control over the machine. A human director, even one who does not necessarily fully understand the AI systems that he or she uses, can still - for now at least - choose what to do for the company, and how to interpret the best interests of the company and its shareholders. He does so based on his independent assessment, and upon the legal, cultural, and ethical values he holds. In a fully automated company, no human has this power. The gradual disempowerment of humanity - whether through the use of fully automated companies, or companies led by humans that no longer know or control the systems they nominally oversee - raises severe, potentially existential risks. When people control organisations, they can exert formal and informal influence over the systems around them. If they don’t, they can’t. AIs may come to optimize for goals that do not average human welfare; they may also come to interact with one another in unpredictable and damaging ways. If we can't control them, we will suffer. 

Loss of accountability: Directors are there to be accountable for the action of a company. ‘Fully automated companies,’ however,  raise the prospect of a total loss of human accountability. This is a problem (a) for our current moral intuitions and (b) as a matter of incentives. If people - and, in time, the AIs who may themselves produce the formation of automated companies - know that they won't be held accountable for the actions of an automated company, this will not be good. Our legal system relies on the ability of humans to suffer. Keeping them able to suffer through being held responsible for the actions of an AI is a great way of ensuing that someone, somewhere, is still trying to keep Ai in check

Tax, distribution, and immortality: companies and AIs are potentially immortal. Both, moreover,  are incorporeal. Our tax systems are heavily based upon where a company has its ‘mind and control’ - the physical location of its decision makers. If these are non-physical, what happens to the tax rule? And if AI agents run companies and own companies, how will their gain be taxed and passed on? It raises the prospect of immortal corporations, led by immortal entities, working to the benefit of immortal shareholders - forever accumulating capital, and never spreading it into society. 

Is any of this really meaningful? The rented intelligence problem

An important thing to remember here is that the core intelligence of the AI - its reasoning capabilities, and the computer infrastructure that powers it - will not, in 99% of cases, actually be owned by the AI agent company. Instead, it will be renting these from someone like Anthropic. 

Intelligence is a utility, a utility that can be revoked. An ‘AI agent wrapper’ is holding data, capital, and whatever contracts it has gone and found for itself. It will be there to segregate liability from another entity, and to provide more ways for the agents to operate. 

From a policy perspective, we therefore need to ask why and how this is actually useful. The intelligence is not being wrapped - instead, it is capital, context, and risk. These things are valuable - but for true sovereignty and independence, policymakers need also to develop independence and decentralised access to intelligence and compute. 

Where the British CDOTs fit in

The legal status of AI agents, the potential rise of AI agent companies, and the question of legal personality for AI may or may not be topics we wish to face, but they are certainly topics we will be hearing more of. That being so, they need to be explored, tested, and refined. 

Britain's Crown Dependencies and Overseas Territories are a ready made network of special regulatory zones and living labs. As such, they can play an important role in determining the legal limits of AI.

1. Piloting automated companies: CDOT jurisdiction would be well placed also to experiment with creating ‘fully automated’ companies, and passing the other laws, such as those around insurance, that could support the experiment. 

2. Piloting different agent regimes: CDOT jurisdictions could be used to pioneer different approaches. They could be used for instance to develop and roll out new forms of entity, including such artefacts as ‘persons without rights.’ They could also be used for such purposes as creating registers of AI agents, with the aim of improving AI agent transparency and accountability - something that is now being pioneered in Bermuda. 

3. Focusing on context and memory: Context, data, and memory are core to the efficacy of AI agents. If these can be protected and assetized - wrapped, indeed - then CDOT jurisdictions will have enabled meaningful forms of ownership over at least some parts of the AI agent stack. Jersey has data trusts and the Isle of Man has passed a ‘data asset foundation’ law; these and similar structures could be used to own and wrap data and the value of data. 

4. Expanding rules on AI agent transactions: Most jurisdictions do not have laws that explicitly allow agents to make contracts. Guernsey does, in a 2019 Ordinance passed before the current agentic era. Properly reviewed and reconsidered, this law could be an interesting thing to further develop; other CDOT jurisdictions could also explore them. Jurisdictions with clear, tested electronic agent frameworks will likely  have a meaningful structural advantage in attracting the corporate vehicles that wrap and deploy those agents. 

Proposed approaches

1. Electronic agents: This conservative approach would keep things more or less as they are, keeping AI agents recognised as tools with no separate legal personality. Here, the jurisdiction passed a modified version of pre-existing electronic agents/ electronic transactions law. It states that the contracts of the AI agent are valid, but also says that liability is strictly attributed to the human or corporate principal behind it. 

2. The agentic SPV: Building on the DAO LLC models, CDOT jurisdictions could explore enabling the creation of corporate forms that allow wholly algorithmic operations. They could experiment with the conditions under which such entities could operate, how long they could operate, how they can be taxed, and how they should interact with human workers. They should also experiment with whether or not a human UBO should be required. 

3. Mandatory insurance / strict liability pool: CDOT jurisdictions could experiment with different ways of considering the liability of AI agents and AI agent vehicles, and the instance regimes put in place to deal with them. Different types of insurance systems could be put in place to deal with different levels of agentic autonomy and emergent behaviour ; this could also be a lucrative new market for CDOT jurisdiction.

4. Data trust assetization: On the premise that intelligence is rented by memory, context, and data is owned, CDOT jurisdiction could focus on providing legal vehicles that enable the wrapping and assetization of this part of an agent stack. 

5. Limited personhood with ‘registered algorithmic entities’: In this approach agents are empowered to take actions - things like hiring workers, or opening bank accounts - but have no or limited legal rights. Still somewhat under articulated, this approach could enable AI agents to take more actions in the economy, while preventing many of the negative outcomes that could come from them having rights. 

6. 
   

Conclusion

The AI agent economy is here and growing fast. Almost every part of working & economic life will be impacted. Policymakers therefore need to urgently consider how to manage and address these changes. Many of these issues will come down to the questions of company law, liability, and responsibility discussed above. In the UK’s case, we have a ready-made set of laboratories to partner with in exploring economically productive and morally responsible approaches to economic automation - the CDOT jurisdictions. Britain and its CDOT jurisdictions should urgently get on the task.