Arcade.dev raises USD $60 million to solve enterprise AI agent authorisation
San Francisco-based startup Arcade.dev has raised USD $60 million (approximately AUD $90 million) in a Series A funding round, bringing its total capital raised to USD $72 million following a USD $12 million seed round earlier in 2025. The round was led by SYN Ventures, with strategic participation from Morgan Stanley and Wipro. Arcade builds what it describes as a secure “action layer” for autonomous AI agents, solving a problem that has quietly become the single greatest barrier to deploying agentic AI in enterprise production environments: the authorisation accountability gap.
The company was co-founded by Alex Salazar, a former Okta executive, and Sam Partee, a former Redis engineer. Arcade is also the author of the Model Context Protocol (MCP) authorisation specification adopted by Anthropic, the company behind the Claude family of large language models. That technical credential positions Arcade not merely as a security vendor but as a standard-setter in how autonomous agents authenticate and operate across enterprise software stacks. The MCP standard governs agent-to-tool communication, and Arcade’s authorisation layer sits at the core of how that protocol enforces permissions in real-world deployments.
For professional services firms, including engineering consultancies, environmental practices, legal teams, and financial institutions, this development signals a shift in what is now feasible with AI automation. The obstacle to deploying AI agents has not been model intelligence for some time. It has been the inability to answer a deceptively simple question: can this agent, acting on behalf of this specific user, perform this specific action on this specific resource? Arcade’s funding round represents the market’s recognition that solving that question at infrastructure level is now a commercially urgent priority.
Key details: technical architecture, scale, and enterprise validation
Arcade’s platform addresses the authorisation accountability gap through a delegated authorisation model rather than the conventional approach of assigning AI agents permanent, highly privileged service accounts. Under Arcade’s framework, an agent does not hold standing permissions across a system. Instead, it inherits delegated authorisation at the moment of task execution, gaining access only to the specific resource required for the specific action being taken, and only if the human user initiating the request independently holds those permissions. This architecture means that even a malfunctioning or adversarially manipulated agent is structurally constrained from executing commands that the authorising human could not themselves execute.
The practical consequence of this design is a significant reduction in what the company calls the “hallucination blast radius.” Large language models can and do produce outputs that are factually incorrect or contextually inappropriate. In a chat interface, this is an inconvenience. In an agent environment where the model can move funds, modify database records, query sensitive personal information, or trigger workflow automations, a hallucinated instruction can cause irreversible operational harm. By enforcing granular, real-time machine identity verification and user delegation at the point of action, Arcade’s infrastructure prevents those hallucinated commands from executing even if the model itself generates them.
The platform’s growth metrics provide credible evidence of enterprise adoption. Arcade reports that its tool call volumes have increased 25-fold over the preceding six months to mid-2026. The platform is running in production environments at major financial institutions and global investment firms including Prosus, and it integrates with established developer frameworks such as LangChain. Beyond deployment scale, Arcade offers a library of over 8,000 custom-built MCP tools. These tools are designed specifically for how agents parse and interact with software, rather than functioning as simple API wrappers. The distinction matters technically: generic API wrappers frequently fail when interpreted by large language models because they were not designed with agent token budgets or reasoning patterns in mind. Arcade’s custom tool library reduces both token usage and agent failure rates by optimising the interface layer for machine consumption.
The platform also maintains a complete, centralised, tamper-evident audit trail covering every action taken by every agent. This is the compliance feature that removes the primary objection raised by legal and security teams when evaluating agentic AI deployments. Frameworks such as SOC 2, ISO 27001, and financial sector regulations require organisations to demonstrate forensic accountability for system actions. Without a verifiable audit trail that identifies which agent acted, on behalf of which user, at which time, and with which outcome, no compliance officer can sign off on production deployment. Arcade’s audit infrastructure directly answers that requirement.
Australian context: implications for professional services and regulated industries
Australia’s professional services sector, encompassing engineering, environmental consulting, legal, accounting, and financial advisory, is in the early stages of evaluating agentic AI for operational workflows. The specific use cases under consideration include automated querying of historical records and databases, regulatory document drafting, data extraction from monitoring platforms, and integration between project management systems and reporting outputs. In all of these contexts, the authorisation accountability gap identified by Arcade is directly applicable. Australian firms operating under the Privacy Act 1988, the Australian Privacy Principles, and sector-specific frameworks such as the Australian Prudential Regulation Authority’s CPS 234 information security standard will find Arcade’s audit and delegation architecture directly relevant to their compliance obligations.
References and related sources
- Primary source: pulse2.com
- finsmes.com
- letsdatascience.com
- traded.co
- aiweekly.co
How iEnvi can help
iEnvi integrates technology and data-driven approaches into environmental consulting. We monitor AI and technology developments that affect how environmental professionals deliver services to clients.
This is an iEnvi Machete news summary. Prepared by iEnvi to summarise the source article for environmental professionals tracking AI, data, and technology developments that affect consulting and project delivery.
Published: 21 Jun 2026
Need advice on this topic? Speak to an iEnvi expert at info@ienvi.com.au or 1300 043 684, or contact us online.
Need advice on this issue? iEnvi provides practical, senior-led environmental consulting across contaminated land, remediation, ecology and environmental risk.
Contaminated land advice Remediation services Discuss your site Talk to iEnvi