Chaindoc
Articles

Can AI Agents Sign Contracts? Yes, Since 2000. Here's Why It's Not That Simple

Can AI sign a contract? Yes, under UETA Section 14 and ESIGN Section 7001(h). Learn who's legally bound, what guardrails you need, and what's possible today.

Can AI Agents Sign Contracts? Yes, Since 2000. Here's Why It's Not That Simple

The surprising answer

Can an AI sign a contract? Yes. US law has recognized machine-formed contracts since the year 2000, which is a wild thing to say out loud given how new AI agents feel. The Uniform Electronic Transactions Act (UETA), adopted by 49 states, has a provision, Section 14, that says a contract can be formed by the interaction of "electronic agents," even if no human reviewed each individual step. The federal ESIGN Act, at 15 U.S.C. Section 7001(h), backs this up with nearly identical language.

Neither statute was written with GPT-5 or Claude in mind. Lawmakers in 1999 were thinking about EDI systems and e-commerce shopping bots, software that auto-confirms a purchase order when inventory hits a threshold. But statutes don't expire when the technology they anticipated gets weirder than expected. They just keep applying. That's exactly what's happening now: a 25-year-old answer is quietly settling a 2026 question, and almost nobody arguing about "AI contracts" online seems to know the statute already exists.

Here's the part that actually matters, though, and it's not "can a machine form a contract." That's settled. What's unsettled, and genuinely worth your attention if you're deploying AI agents anywhere near contracts, is *who's legally bound when it goes wrong* and *what authority the agent actually had*. That's agency law, not contract-formation law, a completely different, older body of doctrine. Get the distinction wrong and you'll either over-trust an agent that was never authorized to commit you to anything, or under-use a legitimate capability out of vague unease the law has already addressed.

If you want the deeper legal walkthrough on how any electronic signature becomes enforceable in the first place, our guide on whether DocuSign is legally binding covers the four baseline conditions (intent, consent, association, retention) that apply regardless of who, or what, is clicking "sign."

The one-line version: contract formation by machine has been legal for 25 years. The open question is authority, not validity, and that's a much narrower, much more manageable problem than most people assume.

What "electronic agent" means in law

UETA defines an "electronic agent" broadly: a computer program or other automated means used to initiate an action, or respond to electronic records, without review by an individual at the time of the action. Plain-English version: software that acts on its own, in the moment, without a human double-checking that specific action first.

According to Section 14 of UETA, a contract may be formed by the interaction of electronic agents, even if no individual reviewed the agents' actions or the resulting terms. The section also covers the mixed case, one electronic agent interacting with a live human who takes actions they know will conclude a contract. Read the full UETA text via the Uniform Law Commission for the exact statutory language rather than a paraphrase.

ESIGN's Section 7001(h) does the same job federally, in case a transaction crosses state lines or lands somewhere UETA hasn't been adopted (New York's the notable holdout, running its own state e-signature law instead). The ESIGN Act text is on Congress.gov if you want to check the language directly.

Practically: if your AI agent fills out a template, applies pre-set terms, and transmits acceptance, the resulting contract isn't invalid just because a human wasn't watching that click happen. The formation question is closed. Nobody can void a contract solely because "a bot did it, not a person." That argument expired around 2001.

What it doesn't mean: that any agent, deployed by anyone, automatically has permission to bind your company to whatever it agrees to. That's a separate question, and it's the one worth your actual attention.

Who is bound when an AI signs?

This is agency law, older than computers by centuries. It answers one question: when does one party's actions legally bind another party? Swap "AI agent" in where you'd normally think "employee" or "contractor," and most of the analysis holds up fine.

A principal, that's you or your company, is bound by an agent's actions within its actual authority: whatever you actually told the agent (human or software) it could do. Sign vendor contracts under $5,000. Send NDAs to new contacts. Never commit to payment terms without human review. Actual authority is whatever scope you defined, explicitly, in advance.

Then there's apparent authority, the one that trips people up. A principal can be bound even when the agent exceeded its instructions, if the principal's own conduct led the other party to reasonably believe the agent had that authority. If your AI agent has been auto-signing $50,000 vendor deals for six months without objection, a court won't care that your internal policy capped it at $5,000. You created the appearance of broader authority through your own pattern of conduct.

The third piece is ratification. Even if an agent overstepped its authority, a principal who later accepts the benefit of that action, knowing the facts, can end up bound anyway. Silently keeping the goods or continuing to perform under a contract you claim was unauthorized looks a lot like acceptance to a court, whatever your internal emails say.

None of this is AI-specific. It's the same framework that's governed employees signing on a company's behalf for over a century. The novelty isn't the doctrine, it's the speed at which an AI agent can generate authority-relevant conduct compared to one human employee.

DoctrineWhat it meansExample with an AI agent

Actual authority

The scope you explicitly gave the agent in writing, in advance

Agent is instructed to sign vendor contracts under $5,000 only

Apparent authority

The scope a counterparty reasonably believed the agent had, based on your own conduct

Agent auto-signed $50,000 deals for months unchallenged, so the cap you claim never really applied

Ratification

Accepting the benefit of an unauthorized action after the fact, knowing the facts

You keep performing under a contract the agent signed outside its limits instead of voiding it immediately

AI agent ≠ authorized signer by default. Deploying an AI agent doesn't automatically grant it signing authority for anything. Authority has to be granted explicitly, scoped in writing, and enforced technically, not assumed because the agent is capable of the action.

Worth being honest here: courts haven't had many chances yet to squarely rule on disputes involving LLM-driven agents signing commercial contracts. The doctrine above is settled, tested over decades with human and software agents alike. How a judge applies it to a specific fact pattern involving an autonomous LLM agent is newer, and anyone claiming to know exactly how that plays out is guessing. The framework is solid. The case law applying it to this exact technology is still being written.

What AI agents can already do with contracts today

Strip away the speculation and here's the boring, practical reality: AI agents interacting with contract systems mostly aren't autonomously "signing" anything in the dramatic sense people imagine. They're doing structured, permission-scoped work through APIs, and increasingly through the Model Context Protocol (MCP), an open standard introduced by Anthropic in November 2024 for connecting AI assistants to external tools and services.

A realistic workflow: an AI agent, working inside Claude or ChatGPT, pulls a contract template, fills in the counterparty's name and deal terms from a conversation or CRM record, and prepares it for signature. Depending on configuration, the agent either sends it out for a human to review and sign, or, within tightly pre-authorized limits (a spending cap, an approved template list, a counterparty whitelist), completes the send-and-track cycle itself. Our e-signature API guide covers how these integrations connect a document workflow to outside systems.

Chaindoc's own MCP server is a concrete, current example, not a hypothetical. It's in private beta as of mid-2026, and it lets Claude Desktop and similar assistants create documents from templates, send them for signature, and check status, directly from a conversation, using the same API integration layer developers already use for custom workflows. Our deeper look at the Chaindoc MCP server covers exactly which actions the agent can take and where the human approval step sits.

The pattern holds across the category: the AI does preparation and routine execution, a human retains the authority decision at the point that matters, and the audit trail records who (or what) took every action. Our guide to audit trail compliance covers what a legally defensible trail needs, and an agent-driven workflow raises that bar rather than lowering it, since you now need to prove not just who signed, but which system initiated the request and under what authorization.

Use both, not one or the other. Teams building serious AI-agent workflows typically keep their REST API integration for backend automation (CRM-triggered sends, invoice generation) and add MCP on top for the conversational, on-demand layer where a person is directing an AI assistant in real time. They're complementary, not competing approaches.

The risk framework: 4 guardrails before you let an agent near contracts

None of this requires guessing. If you're deploying an AI agent anywhere near contract workflows, here's the practical checklist, in order of how often teams skip them.

  1. 1
    Authority limits, in writing, before deployment. Define exactly what the agent can do: dollar caps, approved contract types, a whitelist of counterparties or template IDs. Vague scope ("handle routine vendor stuff") is where apparent-authority disputes come from later.
  2. 2
    A human approval gate for anything outside the pre-approved envelope. The agent can draft, fill, and queue. Anything above the cap, or outside the template list, routes to a person first. This single rule prevents most "wait, did we actually agree to that?" incidents.
  3. 3
    A complete, exportable audit trail of agent actions. Not just "signed at 3:42 PM." Which system initiated the request, what authorization it operated under, what template and terms it used, and who approved the final step. If a dispute ever reaches the ratification question above, this record decides it.
  4. 4
    Independent integrity verification, not just internal logs. A private database record showing "the agent did X" is only as trustworthy as the database it lives in. Blockchain-anchored document hashing, the kind Chaindoc builds into every signed document, means the integrity check doesn't rest entirely on one company's internal records years later, whether the signer was a human or an authorized agent.

Skip any one of these and you're not necessarily doing something illegal, contract formation by machine is legal, remember, you're just accumulating risk you'll sort out later, probably during a dispute, the worst possible time to figure out what your agent was actually authorized to do.

What the EU AI Act does and doesn't change

The EU AI Act, which entered into force in August 2024, is a governance and risk-classification framework for AI systems. Full text is available via EUR-Lex if you want the primary source. It sorts AI systems into risk tiers and imposes obligations, transparency requirements, human oversight provisions, documentation duties, scaled to that risk level.

Here's the distinction that gets lost in a lot of the commentary: the AI Act governs the AI *system*, not the *contract* it might help produce. It doesn't touch contract-formation rules, doesn't override UETA or ESIGN, and doesn't change who's bound when an agent acts within or beyond its authority. Contract validity in the EU still runs through eIDAS and member-state contract law, the same framework that governed e-signatures before any AI Act existed.

What the AI Act does add, if your AI agent handling contracts qualifies as higher-risk under its classification scheme, is a layer of obligations around transparency, human oversight, and risk documentation that sits alongside, not instead of, the contract and agency law questions covered above. It's a compliance overlay, not a replacement legal regime. If you're operating in the EU, treat it as an additional checklist item on top of the guardrails above, not a substitute for them.

Where this goes next

Here's an honest prediction, not a confident one: the statutory foundation isn't going to be the bottleneck. UETA Section 14 and ESIGN 7001(h) already cover the formation question, and there's no obvious pressure to revisit language that's worked without controversy for a quarter century.

The real action over the next few years happens in two places. First, standards and best practices around authority scoping and audit trails for AI agents specifically, probably driven by insurance underwriters and procurement teams before any regulator gets there, since they're the ones who'll actually price the risk. Second, a slow accumulation of case law as disputes involving LLM-driven agents reach courts and get decided under the existing agency framework, narrowing some of today's uncertainty around apparent authority in AI-specific fact patterns.

What almost certainly won't happen: a new law declaring "AI can't sign contracts." That ship sailed in 2000, whether or not most people arguing about this online realize it.

Developer configuring an AI agent workflow to prepare and send contracts for electronic signature

AI agents mostly prepare and route contracts today, with a human retaining the authority decision at the key step.

Building an AI Agent That Touches Contracts?

Chaindoc's MCP server lets Claude and similar AI assistants create, send, and track documents through the same permission-scoped API your developers already use, with a full audit trail and blockchain-anchored verification on every signed document.

Tags

#ai-contracts#mcp-server#electronic-signatures#compliance
FAQ

Frequently Asked Questions

Answers to popular questions about Chaindoc and secure document workflows.