By The Data Nerd, Founder & Compliance Engineer · · Cite as: "agentmail Sanctions Exposure Index (SEI), 2026 Agent-Payment Sanctions Exposure Report, sanctionsai.dev"
The first quantitative assessment of OFAC sanctions exposure in autonomous AI-agent payment flows. Introduces the agentmail Sanctions Exposure Index (SEI) — a 5-factor framework for scoring an agent's sanctions-compliance risk before a single payment is sent.
Sanctions screening for human-initiated payments is a solved problem with 30+ years of compliance infrastructure. Autonomous AI-agent payments — x402 micropayments, Coinbase AgentKit transfers, OpenAI+Stripe ACP flows — are a new category with new risk characteristics: velocity (an agent repeats a violation hundreds of times before detection), opacity (agent logs are sparse without audit infrastructure), and scope creep (a deployed agent may interact with jurisdictions its operator never anticipated). This report is the first to quantify that exposure and propose a repeatable scoring model.
The agentmail Sanctions Exposure Index (SEI) is computed from five factors drawn from OFAC's Enforcement Guidelines and agentmail's screening dataset (782 OFAC-sanctioned crypto wallets, 19,086 SDN names, and 16 comprehensively embargoed jurisdictions, refreshed daily from US Treasury OFAC sdn.csv and the vile/ofac-sdn-list GitHub releases).
| Factor | What it measures | Weight | Score range |
|---|---|---|---|
| V — Velocity | Transactions per day the agent can execute unattended | 30% | 1 (manual) – 10 (fully autonomous, high-volume) |
| J — Jurisdiction overlap | Fraction of counterparties in or near the 16 embargoed jurisdictions | 25% | 0% – 100% |
| A — Asset class | Crypto (highest SDN wallet coverage), fiat, mixed | 20% | 1 (fiat-only) – 10 (crypto, cross-chain) |
| S — Screening posture | No screen, batch-only, pre-payment inline, pre-payment + audit | 15% | 1 (none) – 10 (inline + audit trail) |
| D — Disclosure readiness | Can the operator produce a Voluntary Self-Disclosure within 5 days | 10% | 1 (no logs) – 10 (timestamped audit trail) |
The composite SEI score ranges from 10 (minimum exposure) to 1000 (maximum exposure). Scores below 200 indicate a well-controlled deployment; above 500 indicates material unmitigated exposure.
SEI = (V × 0.30 + J × 0.25 + A × 0.20 + (11 − S) × 0.15 + (11 − D) × 0.10) × 100
Higher S and D scores reduce total exposure — they are the two factors an operator can change today.
Consider a typical x402 micropayment agent: 500 transactions/day (V=8), 12% jurisdiction overlap with embargoed regions (J=12), cross-chain crypto (A=10), no pre-payment screening (S=1), no audit log (D=1).
SEI = (8×0.30 + 12×0.25 + 10×0.20 + 10×0.15 + 10×0.10) × 100
= (2.4 + 3.0 + 2.0 + 1.5 + 1.0) × 100
= 990 / 1000 (critical exposure)
Expected per-day exposure ceiling: 500 violations × $330,944 = $165.5M. Even if 99% of transactions are legitimate, a single day's sanctioned exposure can exceed the 2023 Kraken settlement ($362,000) within minutes.
| Entity | Year | Penalty | Sanctions nexus |
|---|---|---|---|
| Binance | 2023 | $968M | Iran, Syria, Crimea transactions |
| Kraken (Payward) | 2022 | $362,000 | Iran transactions |
| EtherDelta (Zachary Coburn) | 2018 | $450,000 | Iran, Syria, Crimea traders |
| BitGo | 2021 | $98,830 | Specially Designated Nationals |
| BitPay | 2021 | $507,375 | Crimea, Iran, Syria, Cuba |
| Société Générale | 2018 | $53.9M | Cuba sanctions |
| Standard Chartered | 2012 | $132M | Iran, Sudan, Myanmar |
Every one of these violations involved the same root cause: a payment was authorized to a counterparty that should have been screened first. None of these cases required novel sanctions law — they required a pre-transaction screen that was missing.
Adding pre-payment inline screening to the worked example above collapses two SEI factors at once:
SEI = (8×0.30 + 12×0.25 + 10×0.20 + 1×0.15 + 1×0.10) × 100
= (2.4 + 3.0 + 2.0 + 0.15 + 0.10) × 100
= 765 (still high, but a 23% exposure reduction)
With documented audit trail (D=10):
SEI = (2.4 + 3.0 + 2.0 + 0.15 + 0) × 100
= 755 — exposure reduced by 24%
The V, J, and A factors are properties of the business and can't be reduced without changing what the agent does. S and D are pure controls — and they're the two factors that an operator can move from 1 to 10 in under an hour by adding a single inline screening call with an audit trail.
The agent-payment rails this report covers are live and scaling:
None of these rails has a built-in sanctions screen. The operator is responsible for adding one — and under OFAC strict liability, "the rail didn't screen" is not a defense.
This report uses publicly available OFAC enforcement data and the agentmail screening dataset. The SEI is a first-party risk model; it is not legal advice and does not replace a jurisdiction-specific compliance review. Penalty figures are maximum civil amounts; most settlements resolve below the ceiling when mitigating factors (voluntary disclosure, documented compliance program) are present.
agentmail screens 782 OFAC crypto wallets + 19,086 names + 16 embargoed jurisdictions in under 100ms. The free tier covers 5 checks/day, no API key required — enough to validate your screening posture today.
Run a free sanctions check See paid tiersThis report and the agentmail Sanctions Exposure Index (SEI) are published by agentmail (sanctionsai.dev). Cite as: "agentmail Sanctions Exposure Index (SEI), 2026 Agent-Payment Sanctions Exposure Report, sanctionsai.dev, accessed [date]." Methodology and figures licensed CC BY 4.0; attribution required. Penalty data sourced from US Treasury OFAC public enforcement records.