A backtest is a claim. A receipt is evidence.

A timeline with a filled point marked 'decision signed' well before an open point marked 'outcome', under the headline: a backtest is a claim, a receipt is evidence.

This month, Bloomberg reported that JPMorgan researchers built a set of AI-powered investing agents that shift between stocks and bonds as market conditions change.[1] In backtests over two decades of history, the best of the eight agents beat a traditional 60/40 portfolio by 0.7 percentage points a year with lower volatility, and all eight outperformed on a risk-adjusted basis. Agents, powered by large language models, built and tested for the allocation process at one of the largest banks in the world, in simulation for now, by the bank's own account.

TL;DRThe largest banks are building agents for the investment process, and the evidence offered for them is still the backtest: an in-sample claim, produced after the fact, by the party with the incentive. There is a stronger evidential pattern, and we have run it in the open in another domain: sign the decision before the outcome window closes. Agents make it practical for the first time, because every decision can carry a signed, offline-verifiable receipt from the moment it is made.

The most interesting sentence is JPMorgan's own caveat

The report's strategists were careful about their result in a way that deserves quoting: they warned against “uncritically accepting what amounts to in-sample, overly confident answers of AI”.[1] That is one of the most sophisticated institutions in finance looking at its own strong result and immediately reaching for the evidential question. They are right to.

Every model risk team knows why. A backtest is a claim about the past, produced in the present, by the party that benefits from it being impressive. It is in-sample by construction. It cannot be falsified retrospectively, only argued with. None of that makes backtests bad, they are how strategy research works, but it makes them a particular kind of artefact: a claim that must be trusted, not a record that can be checked. Validation frameworks in banking exist precisely because of that gap.

The stronger pattern: commit before the outcome

There is an old scientific answer to “how do you make a prediction credible?”: register it before the result is known. We have run this pattern in the open, in a different domain. On 9 May 2026, the inaugural entry in AqtaBio's append-only public ledger listed all five of its top-ranked Ebola risk tiles in the Congo Basin biome. Eight days later the WHO declared a public health emergency of international concern for Ebola in DR Congo and Uganda. The signal was biome-correct and the country was rank 4, not rank 1, and we published exactly that, caveats first.[2] What made it worth anything was not the ranking. It was the date: the claim was committed, publicly and verifiably, before the outcome window closed.

A backtest says: had we been running this, here is what would have happened. A dated commitment says: we were running this, here is what we said, and you can check when we said it. The second is a different class of evidence, and no amount of rigour upgrades the first into it after the fact.

Agents make the stronger pattern practical

Registering predictions used to be expensive ceremony: a human publishing forecasts on a schedule. An investing agent changes the economics, because the agent's decisions already pass through software, and software can sign. Route the agent's calls through a gateway that signs a receipt at decision time, naming the model, the policy applied, a hash of the inputs, and the timestamp, and an out-of-sample track record starts accruing automatically: every allocation decision dated and tamper-evident from the moment it was made, verifiable offline by an allocator, a validator, or a regulator, without trusting the operator's own records.[3] That is what AqtaCore's request path does for each call it allows through.

Six months of receipts is not a backtest. It is the thing a backtest is trying to imitate: a record of decisions made without knowledge of the outcome. When the review committee asks how the agent behaved in the drawdown, the answer stops being a reconstruction from mutable internal state and becomes a stack of receipts anyone in the room can verify.

What a receipt does not do

Honesty about the limits, because that is the register this argument requires. A receipt does not make a strategy good. It does not prove the model was skilful, and it does not by itself prove which compute produced the decision, a boundary we document in detail in the threat model of our own system.[3] Model validation still has to do its work; a receipt is the evidence layer under that work, not a substitute for it. What it removes is exactly one thing: the need to take the operator's word for what the agent did and when.

Agents are being built for the investment process at institutions whose results move markets. The question that follows them in every review, every audit, and every mandate discussion is the same one JPMorgan asked of its own result: why should anyone believe this? Evidence dated before the outcome is the strongest answer there is. We build the layer that makes it automatic.

Share this article:

References

  1. JPMorgan Builds AI Agents That Beat 60/40 Portfolio in Backtests, Bloomberg, 9 July 2026. Includes the strategists' caution against "uncritically accepting what amounts to in-sample, overly confident answers of AI". Source
  2. Eight days before the WHO: AqtaBio's first prospective Ebola signal, and what it does and doesn't prove. The commit-before-outcome pattern in the open, caveats included. Source
  3. ATTESTATION-v1, Aqta's open specification for signed AI decision receipts, with published offline verifiers and a self-authored threat model stating what a receipt does and does not prove. Source

About Aqta

We build the trust layer for AI in regulated industries: a signed, offline-verifiable receipt for every AI decision, across any model, that anyone can check without trusting us. Built in Dublin and Switzerland. More at about / research / manifesto.

Aqta on LinkedIn

© 2026 Aqta. All rights reserved.