Architecture Use Cases GENIUS Act Docs GitHub Request Demo
GENIUS Act mandatory compliance: November 2026

Your AI agents move money.
Can you prove every payment
was authorized?

Kontext is the verifiability layer for compliance and risk teams powering stablecoin and fiat transfers globally. We're the only solution providing auditable, tamper-evident cryptographic proof that your AI agents are moving money compliantly.

Request Demo View Documentation

The Compliance Gap

A regulator asks about payment #47,291.
What happens next?

Your settlement agent sent $28,000 USDC to a wallet in Lagos. The examiner wants proof it was authorized, screened, and compliant.

Without Kontext
3-5 days. Manual. Unverifiable.
01 Engineering pulls transaction logs from the payment service. Takes a day because the agent's decision context is in a separate system.
02 Compliance manually checks if the wallet was screened. No record of which sanctions list was used or when the check ran.
03 The team assembles a spreadsheet combining data from 4 systems. No way to prove it hasn't been modified.
04 The examiner asks: "Can you prove this record existed at the time of the transaction and hasn't been altered?"
Outcome: you cannot.
With Kontext
app.getkontext.com
AgentRouteAmountStatus
treasury-botUS → MX$8,200verified
settlement-agentGB → NG$28,000warning
payroll-v2US → PH$3,400verified
Evidence — payment #47,291
OFAC screening: clear (SDN + OpenSanctions)
Policy: GENIUS threshold flagged, authorized
Intent hash: agent + amount + purpose bound
Digest chain link #47,291 — tamper-evident
Export evidence bundle

Where Kontext Fits

Meets your agents wherever
they initiate payments.

Kontext connects at the point of transaction — regardless of how your agents move money. One compliance layer across every payment rail.

Your agents initiate payments via
Programmable Wallets
Circle, company-sanctioned wallets
Cross-Chain (CCTP)
Base, Ethereum, Polygon, Arbitrum
Virtual Cards
Agent-initiated card payments
Payment Tokens
USDC, USDT, EURC micropayments
every txn
Compliance Layer
Kontext
OFAC screen + audit log + digest chain + evidence bundle
One integration. Every rail. Every chain.
Kontext never blocks or delays a payment. If our API is unreachable, the SDK queues events locally and retries on reconnect. Your payment flow is never disrupted.
Already using Chainalysis, Elliptic, or TRM Labs? Kontext integrates with your existing screening provider. Pipe their results into Kontext's audit trail — one evidence bundle, every provider, every payment.
Auto-instrumentation catches transfers from any source — not just your code. Circle dashboard, wallet UIs, other scripts. If USDC moves from a monitored wallet, Kontext logs it.
Data flow
Your agent → SDK (in your environment) → api.getkontext.com (TLS 1.3)
Data sent: wallet addresses (hashed), amounts, chain, token, agent ID, timestamps
Data NOT sent: private keys, PII, transaction payloads, raw calldata
Storage: Postgres, US-east-1, single-tenant per project, encrypted at rest (AES-256)
Retention: configurable, default 1 year, up to 7 years for BSA compliance
0
Runtime dependencies
<50KB
SDK bundle size
0ms
Added to payment latency (post-send mode)
MIT
Fully auditable license

What Your Examiner Will Ask

Three questions. Kontext answers all of them.

Kontext connects to your existing payment infrastructure and begins building your compliance record from the first transaction. Your engineering team integrates it once; your compliance team uses it every day.

Examiner asks
"Was this wallet screened before the transfer?"
Kontext shows
Screening — 0x7a3b...f29e
OFAC SDN treasury.gov
OpenSanctions opensanctions.org
UK OFSI gov.uk
Recipient: 0x4c1d...a83b all providers
✓ All clear — proof recorded at 18:41:18 UTC
Examiner asks
"Did this agent have authorization to move $28,000?"
Kontext shows
agentsettlement-agent
scopeinvoice-payment
amount$28,000 USDC
limit$50,000 (authorized)
purposesupplier-invoice-9847
↓ SHA-256
0x8f2a...d41c — intent bound cryptographically
Examiner asks
"Has this audit record been modified since the transaction?"
Kontext shows
✓ Chain intact — tamper on #47,291 would break all subsequent hashes

"If a regulator asks you to prove that a specific payment was authorized, screened, and compliant — how long does that take today?"

The Compliance Command Center

Answer any regulator question
in under 10 seconds.

Live KPIs, evidence drawers for every payment, one-click audit export. Built for compliance and risk teams, with extensive support and documentation for developers to integrate quickly.

🔒 app.getkontext.com
Kontext
Overview
Payments
Agents
Policies
Audit Export
Verified today
1,247
+12% vs yesterday
Sanctions alerts
0
OFAC + OFSI + OpenSanctions
Policy warnings
3
2 GENIUS Act threshold
Chain coverage
98.7%
42 wallets monitored
Time Agent Route Amount Trust Status
18:42:03 treasury-bot US → MX $8,200 94 verified
18:41:18 settlement-agent GB → NG $28,000 76 warning
18:40:55 payroll-v2 US → PH $3,400 91 verified
18:39:42 supplier-bot EU → LT $14,500 82 blocked
18:38:11 fx-router-v2 US → SG $5,100 88 verified
Sample data shown for illustration. Your dashboard displays your real payment data.

What the compliance officer does

1. SPOT

See the warning row — settlement-agent sent $28,000 GB→NG with a trust score drop to 76

2. CLICK

Open the evidence drawer: OFAC screening result, policy evaluation trace, intent hash, digest chain link #47,291

3. EXPORT

One click: signed evidence bundle as JSON or CSV. Tamper-evident. Ready for the examiner.

See it with your data Read the docs

GENIUS Act — Signed July 18, 2025

Eight months to mandatory compliance.

Jul 2025
GENIUS Act signed
Mar 2026
You are here
Nov 2026
Prohibitions effective
OFAC screening
Every transaction must be screened against sanctions lists before execution or at time of logging.
↳ verify() screens every payment automatically
Audit trails
Transaction records must be maintained with BSA-grade evidence of authorization and intent.
↳ Tamper-evident digest chain, exportable on demand
SAR / CTR thresholds
$3K+ triggers enhanced due diligence. $10K+ requires Currency Transaction Report preparation.
↳ Automatic threshold flagging with evidence bundle

Security & Compliance

Built for vendor security reviews.

We know the questions your security team will ask. Here are the answers.

🔒
SOC 2 Type I
Controls in implementation. Security questionnaire available on request. Target certification: Q3 2026.
In progress
US data residency
All data stored in US infrastructure (Postgres, us-east-1). No PII stored — only wallet addresses, amounts, chains, and cryptographic proofs.
US-east-1
📄
Data Processing Agreement
DPA available before any pilot begins. Mutual NDA signed before day one. Data deletion available on request at any time.
Available on request
Portable audit format
The audit export format is publicly documented. Any third party can verify your compliance data independently, without Kontext's involvement. Your records don't depend on us.
Open format + MIT SDK
🔍
Security review package
Security questionnaire (CAIQ/SIG), architecture review documentation, and penetration test results available before pilot kickoff. We expect your security team to review us — and we make it easy.
Available on request

The cost of manual compliance

3–5 days
Average time to fulfill a BSA examiner data request manually
$50K–$500K
Range of BSA enforcement actions for inadequate record-keeping
10 seconds
Time for Kontext to produce a signed, tamper-evident evidence bundle
8 months
Until GENIUS Act prohibitions take effect (November 2026)

Enterprise Pilot Program

See your real payment data
in a compliance dashboard
within 24 hours.

We integrate with your stack, populate your dashboard with real transaction data, and deliver a working audit export — before you commit to anything.

Day 1 — Integration
Two lines of code wrap your payment client. SDK starts logging events to your Kontext dashboard.
Week 1 — Evidence
Your compliance officer can click any payment and see the full evidence bundle: OFAC screening, policy evaluation, cryptographic proof.
Day 90 — Decision
Export your full audit trail. Keep it regardless of whether you continue. No lock-in — the format is open and independently verifiable.
Request a demo
90 days, $0 pilot period, one payment workflow
Mutual NDA before day 1 · DPA available on request · Legaci Labs Inc.

What to expect after you submit

01
We respond within 24 hours to schedule a kickoff
02
30-minute call with your engineering + compliance leads
03
Your engineering team integrates the SDK (typically 1–2 hours)
04
Your compliance officer sees the first evidence bundles in the dashboard

Common Questions

What happens if your API goes down during a live payment run?
Kontext is a compliance observability layer — it never sits in your payment execution path. Your payments execute regardless of our API status. The SDK queues events locally and retries on reconnect. You cannot be blocked from transacting because of us.
Can we export all our data and leave?
Yes. The audit export endpoint returns complete JSON including all cryptographic proofs in a portable format. The digest chain format is publicly documented. Any third party can verify your audit data independently without Kontext's involvement.
How does Kontext handle GDPR right-to-erasure with immutable audit chains?
The digest chain stores no PII — only hashed wallet addresses, amounts, and transaction metadata. The erasure tension exists for any immutable audit system. We're working with counsel on the right approach and can provide detailed documentation for your DPO during the pilot.
You're a startup. What's the continuity risk?
The SDK is open-source (MIT) and the audit format is fully documented. If Legaci Labs ceases to exist, your audit data remains valid and independently verifiable by any third party using the published format. Your compliance record doesn't depend on our continued operation.
How is Kontext different from ecosystem protocols like Visa Commerce Protocol or Mastercard Crypto Credential?
Visa Commerce Protocol and Mastercard Crypto Credential are network-specific compliance layers — they work within their respective card and credential ecosystems. Kontext is infrastructure-agnostic. It sits at the application layer and works wherever your AI agents initiate payments: programmable wallets, cross-chain bridges, virtual cards, payment tokens, or direct on-chain transfers. If your agents use multiple payment rails (and they will), Kontext provides a single, unified compliance record across all of them — not just the ones that run through a specific network's protocol.
Why not build an internal audit trail?
You can build logging. What you can't easily build is tamper-evidence. An internal audit trail can be modified by anyone with database access — and an examiner knows that. Kontext's digest chain means altering one record breaks every subsequent hash. That's cryptographic proof your engineering team didn't build post-hoc, and it's the difference between "we have logs" and "we have evidence." The SDK is also zero-dependency and open-source (MIT), so your security team can audit every line.
Can we set different policies per agent?
Yes. Each agent has its own trust score, anomaly detection rules, and policy thresholds. You can set different transaction limits, allowed chains, and screening requirements per agent — so your treasury bot moving funds between your own wallets gets different treatment than a settlement agent paying suppliers in emerging markets. Policy violations are logged per-agent with the specific rule that fired.
What are the retention and scale limits?
Default retention is 1 year, configurable up to 7 years for BSA compliance requirements. The SDK processes events asynchronously with no impact on payment latency. Audit exports support full-period queries — a quarterly export across 300,000+ transactions returns in under 30 seconds. The digest chain scales linearly; each link is a single SHA-256 hash regardless of transaction volume.