A Chat With Igor Kulatov, Co-Founder And CTO Of Aurora Borealis: Five Years Running Autonomous B2B Commerce In Production

Aurora Borealis runs one of the longest-living autonomous B2B commerce engines in production. Since 2020 the platform has handled programmatic procurement, settlement, reconciliation and dispute resolution between independent software systems, through API-only interfaces, across five countries, for digital goods. The company had been operating this way for four years when the industry coined the term “agentic commerce”.

Its co-founder and CTO, Igor Kulatov, has spent thirteen years building infrastructure ahead of the categories it later belonged to. He worked on machine-to-machine messaging at the IoT startup, before the market had a name for IoT.

As engineering co-founder and CTO of NAGA Group AG, the German fintech that completed one of the fastest IPOs in the history of the Frankfurt Stock Exchange Scale segment in 2017, he built exchange-grade trading infrastructure and oversaw a regulated crypto integration seven years before the EU’s MiCA framework took force. We spoke with Igor about five years of running autonomous commerce in production, and about the forecasts he expects the industry to miss.

Tell Us About Aurora Borealis. What Does The Company Do?

Our systems buy, sell, price, settle and reconcile with our counterparties’ systems at machine speed. A procurement happens, money moves, inventory updates, both sides record the trade for audit and no human approved that transaction. People set the policy and the spending boundaries; the agents operate inside them.

We work in digital licensing settlement, enterprise software procurement and marketplace inventory routing for some of the largest publishers of games and software in the world. Until this year we had written almost nothing about the work. The systems either run or they fail, and our customers pay for the first. The conversation around agentic commerce has now reached a point where the people who have operated it in production for years should join it.

You Were Building This Before “Agentic Commerce” Existed As A Term: How Did You Get Here?

I never set out to be early; it kept happening. I worked on machine-to-machine messaging before IoT became a buzz word.

At NAGA I designed multi-protocol normalisation for the broker gateway, the problem of making heterogeneous systems speak through one interface, which MCP and A2A standardised years later.

Then at NagaX we built a crypto integration in 2017, seven years ahead of MiCA.

Aurora Borealis started from a practical observation: in B2B digital commerce, the transactions between large counterparties are repetitive, rule-bound and high-volume. Software handles that better than people do.

In 2020 we built it that way from day one — designed for fully autonomous operation, no humans in the transaction path.

We called it engineering. The industry named it agentic commerce four years later.

Trading infrastructure gave me one habit I still rely on. When systems move money with no one watching in real time, you learn what has to be true about your architecture before you can sleep at night. Autonomous commerce demands the same habit.

Agentic Commerce Is One Of The Biggest Stories In Tech Right Now. What Is The Industry Getting Wrong?

The pace and the shape of B2B adoption. The headline forecasts, with Gartner’s $15 trillion in agent-intermediated B2B spending by 2028 the most quoted, assume a consumer flywheel: the technology works, adoption explodes. I have run the verticals where production volume exists today for five years, and our curve looks nothing like that. It moves slower, vertical by vertical, and regulation, trust and liability set its speed.

Regulation drives B2B adoption rather than lagging it, because counterparties withhold scale until their lawyers can defend the framework. Each time we onboard a counterparty in a regulated jurisdiction, their general counsel opens with a version of the same question: what happens when the agent commits a five-million-dollar error under our delegation? Until that answer holds up, delegation stays small.

Trust compounds per counterparty in B2B.

A consumer platform can serve a million new buyers on a single Prime Day because the brand precedes the relationship. Our system starts each new relationship at zero and bootstraps it through small, low-stakes transactions before the trust graph supports real spending authority. Over five years that bootstrap has taken months per counterparty. We found no way around it, and I have seen no one else solve it.

Liability closes the loop. A consumer absorbs a $20 agent mistake; a $5 million autonomous error in B2B becomes a board-level event, and the insurance that would let a CFO authorise delegation at material scale does not exist. The E&O carriers I have spoken to give the same answer: too little loss data to price the exposure.

The market will still grow large, on a longer horizon than the headlines allow. Gartner, the same firm projecting $15 trillion, also predicts companies will cancel more than 40 percent of their agentic AI projects by 2027. The five-year curve has been running in narrow verticals since before the term existed, and the firms operating in those verticals today will define the category by 2032.

What Has Running Autonomous Commerce Taught You About Security?

Take two events from the same agent. It submits a $50 SaaS renewal to a vendor it has paid monthly for two years. Minutes later it submits a $50,000 wire to a counterparty it has never seen, in a jurisdiction the principal never approved, at three in the morning on a Sunday.

An identity stack rates both events identical: valid credentials, valid scope, agent attested. The first keeps the business running. The second ends with someone explaining to the board what happened.

Identity checks read the request shape. The signal sits in the commercial action: the amount against the agent’s pattern, the counterparty’s history, the hour, the match between the action and the plan the principal authorised at session start. Trade surveillance has evaluated commercial actions this way on regulated trading venues since the 1990s.

The agent-security industry is rebuilding that vocabulary from the identity side and it will converge on the surveillance model whether it recognises the lineage or not.  I came from trading infrastructure and built that way from day one.

What Is The Hardest Unsolved Problem In The Space?

Getting two independent companies’ systems to commit a single trade atomically. The protocols announced over the last eighteen months handle identity, authorisation and intent well: who the agent is, what it may do. After that point one side has to debit a ledger, the other has to credit a different one, both have to update inventory and record the trade, and any step can fail halfway through, with no shared coordinator both companies trust.

Inside one organisation, engineers solved atomic commit decades ago. Across organisational boundaries, undoing a trade means executing another one. An agent wires $50,000, a later step fails, and no reverse_wire call exists: the counterparty holds the funds, may have disbursed them downstream, may have provided a service no one can un-provide.

The counterparty has to issue a refund or a credit note, a separate trade with its own dispute path and its own ways to fail. We have engineered around this in production for five years, and the disputes we see begin in the two sides holding different views of which state the trade is in.

The industry files the result under “reconciliation drift” or “settlement risk”, comfortable names for unsolved atomicity. The first deployment that hits real scale without solving it will learn the difference in production.

What’s Next For You And For Aurora Borealis?

Aurora Borealis keeps running and growing the commerce engine. 

The layer I want to build next is the infrastructure every company entering agentic commerce will need before it can transact at all. Merchant systems have to be rebuilt for buyers made of software: machine-readable catalogs, programmatic negotiation, settlement that commits cleanly. Defence has to operate at the speed of the transactions and read their commercial meaning.

And merchants need a way to verify that an agent holds the authority and the policy boundaries it claims. The companies entering this space carry payments expertise, or security, or AI, and almost never more than one. I intend to keep building at that intersection.

What I am building assumes the category arrives in a fixed order. The vertical settles first, the one where regulators have already answered who pays when an agent commits a five-million-dollar error. Trust comes next, counterparty by counterparty, the way ours did across months of small transactions before the graph could carry real spend. Volume comes last. Most of the money chasing this space has the order reversed, and I expect a lot of it to stall in front of the first general counsel who wants that liability question answered before anything scales.

Igor Kulatov is co-founder and CTO of Aurora Borealis, which has been operating fully autonomous B2B commerce infrastructure since 2020, handling programmatic procurement, settlement, and dispute resolution between independent software systems across five countries for the world’s largest publishers of gaming, software and digital licencing.

He previously served as CTO and engineering co-founder of NAGA Group AG, a Frankfurt-listed fintech, where he built exchange-grade trading-platform infrastructure and oversaw a regulated crypto integration that preceded the EU MiCA framework by seven years.

—Content in partnership with author—