OceanAlt
RAP v1.0Public ReviewReleased 2026-07-15

The Responsible Agentic Payments Framework

RAP · An open, protocol-neutral standard

When the payer shifts from a human to code, an entire compliance system — built on the assumptions that a person sits behind each transaction and that transactions are slow enough to review — fails at once. RAP is an open, protocol-neutral standard for keeping machine-initiated payments attributable, controllable, auditable and compliant — adoptable on both sides of the Pacific.

Maintained by OceanAlt — a neutral convener (governance body to be established in Singapore).

Why it exists

Agentic payments (x402 + stablecoins) turn the payer into code — moving at machine speed, micro-value, high-frequency, with no human in the loop. Existing KYC/AML tooling will fail at scale, and regulation has not yet answered. In this window, whoever defines the standard and provides the tools holds the trust layer for agentic payments. This framework binds to no single protocol or vendor — it is a neutral convening.

Four principles

Accountability-first

Every machine-initiated payment must trace back to an accountable legal entity.

Defense-in-depth

Layered defenses: agent-side firewall, network-layer screening, settlement-layer compliance.

Protocol-neutral

Adapts to x402 / AP2 / Visa Intelligent Commerce / Mastercard Agent Pay — no single-stack lock-in.

Privacy-proportionate

Only the minimum data compliance requires, with clear cross-border boundaries. Trustworthy is not surveillance.

Seven pillars

1

Identity & Attribution · KYA

core

Know-Your-Agent. Every paying agent binds to an accountable entity, verifiable by counterparties. The foundation of the framework — and today's biggest gap.

  • ·Each agent has a unique, verifiable identity (verifiable credentials / on-chain attestations)
  • ·Identity is bound to a KYC'd legal entity
  • ·Counterparties can verify attribution and mandate validity before the transaction
2

Mandate & Limits

A human's grant to a machine is a bounded envelope, not a blank cheque.

  • ·Explicit mandate scope (purpose, counterparties, time window)
  • ·Per-transaction / daily / cumulative limits; block or escalate on breach
  • ·Mandates revocable at any time, effective immediately
3

Controls & Guardrails

A firewall belongs between the agent and its wallet.

  • ·Spending-policy engine: allowlists, blocklists, rule-based interception
  • ·Resistance to prompt-injection hijacking; anomaly circuit-breakers
  • ·Emergency kill-switch + human escalation for high-risk transactions
4

Screening & AML

AML at machine speed must be upfront, automated and explainable.

  • ·Sanctions / mixer / risk-score screening of counterparty addresses (third-party data)
  • ·Travel Rule information passing for agent-to-agent transfers
  • ·Typology-based continuous monitoring and red-flag alerts
5

Auditability & Accountability

When something goes wrong, answer: who authorized it, what the machine did, who is responsible.

  • ·Immutable, complete transaction and decision logs
  • ·Clear accountability chain (entity → mandate → agent → transaction)
  • ·Incident response and recourse process
6

Privacy & Data Governance

Trustworthy is not surveillance; cross-border data needs clear boundaries.

  • ·Data minimization
  • ·Explicit jurisdictional and cross-border processing rules
  • ·Due process and user recourse
7

Interoperability & Governance

A standard lives or dies by adoption and shared upkeep.

  • ·Identity and mandate credential formats interoperable across major protocols
  • ·Maintained by a neutral body, open for public comment
  • ·Versioned evolution with a traceable changelog

Maturity levels

L1 · Basic

Agent attributed + basic limits + sanctions screening. Fits small-value, low-risk flows.

L2 · Standard

L1 + spending firewall + Travel Rule + full audit + hijack resistance. Fits commercial platforms.

L3 · Institutional

L2 + continuous typology monitoring + human escalation + incident response + third-party audit. For regulated institutions and cross-border settlement.

Governance & participation

Convened by a neutral body (to be established in Singapore), reviewed with issuers, protocol teams, platforms, and experts from compliance and law-enforcement backgrounds; open for public comment, versioned. This is a living document — whoever cites it becomes part of the standard.

How to cite

Suggested citation

OceanAlt. "The Responsible Agentic Payments (RAP) Framework, v1.0." 2026. https://media.oceanalt.com/en/rap

Help build RAP

Are you an issuer, protocol team, platform, or compliance / security practitioner? We invite you to review, cite, or adopt RAP in your product. To see it run, try the live compliance demo in 200Lab.

RAP v1.0 · Public Review draft. For industry discussion and collaboration; not legal or compliance advice. Open for comment, updated by version.