A workflow teardown of autonomous agent payments. The old way (manual compliance review) vs. the agent way (real-time screening in 100ms). This is the difference between a $330,000 OFAC fine and a clean audit trail.
Your autonomous agent is executing a payment via x402 protocol. The transaction looks normal. Here's the 14-day timeline of what happens when nobody screens the counterparty.
Your payment agent sends 0.5 ETH (worth ~$1,700) to wallet 0x7B3F...aA2e for a data API subscription. Transaction confirmed in 12 seconds. Nobody reviews it because that's the whole point of autonomous agents.
What nobody checked: 0x7B3F...aA2e is a OFAC Specially Designated Nationals address, added 47 days ago. It's linked to a sanctioned entity through a chain of on-chain transactions. OFAC maintains 782 sanctioned crypto addresses. This is one of them.
Same wallet, recurring subscription. The agent has no memory of screening it. This is now your second violation. OFAC doesn't care that it was automated. Strict liability means the machine breaking the law is YOU breaking the law.
Violation #2 committedChainalysis or TRM Labs alerts your payment processor. Your account gets frozen. Someone in compliance (if you have a compliance team) gets an email. If you don't have a compliance team, the first you hear about it is a letter from Treasury.
You now have 30 days to file a Voluntary Self-Disclosure (VSD) with OFAC. Miss this window and penalties multiply. But to file a VSD, you need: the full transaction history, the screening evidence you don't have, a remediation plan, and a compliance program description.
Legal fees: $40,000 - $150,000OFAC issues a penalty notice. Base amount per violation: $358,256 (2024 rate). With mitigating factors (VSD, compliance program): potentially reduced to ~$100,000. Without: full amount or more. Two violations, no compliance program, no screening evidence: you're looking at the full amount, times two.
Penalty: $330,000 - $716,000Here's what happens when sanctionsai.dev sits between your agent and every payment. The agent never changes behavior. The screening happens in the protocol layer, before the transaction is signed.
Your payment agent calls the x402 facilitator with the destination wallet and amount. Nothing changes in your code except one line.
Before the transaction is signed, the wallet address is checked against 782 OFAC crypto addresses, 19,086 sanctioned names, and 240+ sanctioned jurisdictions. Fuzzy matching catches address variations and entity aliases.
If the wallet is clean, the payment executes in the same 12 seconds as before. The agent doesn't even know screening happened. If the wallet is flagged, the transaction is blocked and you get an alert with the full OFAC record.
Every screen is logged: timestamp, wallet, result, OFAC list version, response time. This is your evidence. If Treasury ever asks "did you screen this transaction?", you have a timestamped, tamper-evident record proving you did.
The list updates daily. A wallet that was clean yesterday might be sanctioned today. Every transaction, every time. No caching, no shortcuts, no "we already checked that one."
# Your agent's payment code. One line added. from sanctionsai import screen import x402 # Before signing any transaction, screen the counterparty result = screen.wallet("0x7B3F...aA2e") if result.is_clean: # Safe to proceed tx = x402.pay(wallet=result.address, amount=0.5, currency="ETH") print(f"Paid {tx.amount} ETH in {tx.latency_ms}ms") else: # Halt and log. Agent retries with alternative provider. print(f"BLOCKED: {result.match.entity} - SDN List") alert_compliance(result) # Audit trail saved automatically
Screen your first wallet free. 5 checks per day on the free tier, no credit card. When you're ready to protect every transaction your agents make, $0.05 per check.
The 5 checks every agentic payment flow should run before signing. Sent to your inbox. No spam, unsubscribe anytime.
Also used to notify you about new vertical pages and compliance updates.