OpenAI Unveils Enterprise AI Agents, Integrates Visa Payments

OpenAI has announced plans to buy Ona, a cloud-execution startup, and has partnered with Visa to allow AI agents to make payments with user permission. These moves aim to create smarter software agents that can handle tasks over longer periods and even pay bills with less human help. The new features may help companies control security and privacy while using AI. Visa's system is said to include limits and fraud checks, but experts note that rules for what happens if the AI makes mistakes are still being discussed. It appears that more work is needed before these safeguards become standard.

OpenAI is advancing its development of enterprise AI agents through two significant initiatives: the planned acquisition of cloud-execution startup Ona and a strategic partnership with Visa to enable agent-driven payments. These developments signal a major push to transform chatbots into persistent, autonomous software agents capable of executing complex, long-running tasks - from coding to paying bills - with greater corporate control over security and governance.

OpenAI bets on persistent enterprise agents - AI News Today June 12 2026: Top 10 AI Stories

The acquisition of Ona, announced June 11, 2026, is set to evolve OpenAI's Codex into a persistent enterprise agent platform operating within a customer's private cloud. According to the OpenAI blog, Ona's "customer-controlled execution model" allows agents to manage credentials and logs according to corporate policies across multiple days and devices. This is reinforced by reports from CNBC noting Ona's secure runtimes for long-running jobs, enabling engineers to delegate tasks like code compilation. The deal awaits regulatory approval, after which Ona's team will integrate with OpenAI.

OpenAI's enterprise agents are advanced, long-running software programs designed to operate autonomously within a company's own cloud environment. By acquiring Ona, OpenAI aims to provide persistent agents that can handle complex, multi-day tasks like coding and system management while adhering to corporate security and governance policies.

According to OpenAI, three needs drove the purchase:

Long-running tasks that survive browser refreshes and device changes
Fine-grained controls over security, governance, and credential scope
Deployment paths for agents in regulated industries

This strategy directly targets enterprises that are hesitant to expose proprietary code or sensitive data to external SaaS endpoints.

Visa partnership points to the rise of agentic commerce

In a move toward what the companies are calling "agentic commerce," Visa and OpenAI announced a strategic collaboration on June 10, 2026. The partnership allows AI agents to execute payments with user permission. Visa is integrating its global network and security infrastructure directly into OpenAI's platform, enabling developers to build experiences with agent-initiated payments. As noted in a Bloomberg report, potential uses include instructing an agent to pay bills or reorder supplies, with all transactions processed via Visa's standard authorization channels.

To address initial safety and compliance concerns, Visa has outlined several key guardrails:

Tokenization that binds a secure network token to a specific agent and use case
User-defined spending caps and merchant-category restrictions
Continuous fraud scanning that looks for agent impersonation or unusual velocity

This security framework is designed to mitigate the risk of "intent drift," a problem highlighted by security researchers where an agent's actions deviate from the user's original commands.

Governance and risk controls move into the spotlight

Despite these safeguards, significant governance questions remain. Regulators and industry bodies are actively debating liability for when an AI agent makes an erroneous purchase or is deceived by a fraudulent site. The National Association of State Credit Union Supervisors highlights unresolved challenges in authentication, authorization, and dispute resolution. Concurrently, security teams like Palo Alto Networks' Unit 42 identify indirect prompt injection as a top attack vector against autonomous browsing agents.

OpenAI and Visa's partnership is expected to accelerate the development of technical solutions for these risks. Experts advise that companies piloting agentic commerce will require robust audit trails, step-up verification for unusual transactions, and prompt-injection defenses integrated into the agent's core logic. The timeline for these safeguards to become industry-standard is not yet clear.

What is OpenAI's acquisition of Ona and why is it important for enterprise AI agents?

OpenAI's pending acquisition of Ona will integrate a customer-controlled cloud execution model, enabling AI agents to operate persistently within an organization's private environment. The deal, announced in June 2026 and still subject to closing conditions, transforms coding assistants into a persistent enterprise agent platform for secure, long-running workflows.
- Long-running workflows: Tasks can outlive a single browser session or device - ideal for multi-day engineering pipelines.
- Security & governance: Agents inherit Ona's hardened runtime, giving enterprises granular control over credentials, logging, and data locality.
- Production-grade deployments: OpenAI explicitly says the goal is to help teams deploy agents securely in production instead of limiting them to ad-hoc coding tasks.

How will the Visa partnership enable AI agents to make purchases?

Through a strategic collaboration, Visa and OpenAI are enabling AI agents to initiate Visa payments on behalf of users - a concept they call agentic commerce. It works like this:

Tokenized credentials: Visa replaces card data with network-specific tokens bound to each approved agent.
User-first controls: Spend limits, merchant-category restrictions, and required step-up approvals are set by the human.
Fraud stack: Every agent transaction is still routed through Visa's authorization, risk scoring, and chargeback systems.

Initial use cases include paying household bills or restocking pantry supplies after the user grants permission.

What practical benefits should enterprise teams expect from persistent AI agents?

With Ona's technology, persistent AI agents can operate continuously, independent of a user's session. Key enterprise benefits include:

24/7 background work - agents handle overnight regression testing or dependency upgrades without screen access.
Consistent context - branch history, environment variables, and IAM roles stay intact across shifts.
Audit trails - every action is logged inside the company's own cloud, meeting SOC 2 and HIPAA evidence requirements.

Early testers at regulated financial firms cited an average 38 % faster release cycle when persistent agents automated code-review chores.

Are there security or ethical concerns around AI agents making payments?

Yes, significant security and ethical concerns are being addressed by regulators and researchers, primarily focused on three areas:

Intent drift: The agent may be "authorized" to pay but still choose the wrong vendor, leaving unclear who eats the loss.
Prompt injection: A rogue product description on a merchant page could trick the agent into buying unintended items.
Data exposure: Agents need broad access to email, calendars, and payment files; a compromise could leak PII and financial credentials at scale.

Visa, Mastercard, and Nascus all recommend step-up verification for unusual purchases and scoped API keys to contain any breach.

When will these features reach general availability?

Ona acquisition: The deal is not yet closed; OpenAI says integration starts after regulatory approval, likely late 2026.
Visa agentic commerce: Visa and OpenAI call the launch "pilot phase mid-2026" with broader rollout expected early 2027.

Both timelines are subject to change; enterprises and developers can sign up for early-access wait-lists on the OpenAI and Visa partnership portals.