Summary: Payman is a security‑first orchestration layer that enables banks, apps, and developers to deploy AI agents that can move money while preserving bank‑grade controls, compliance, and the institution’s existing core systems and brand. Emphasis in public docs is that AI agents operate under programmable policies, with human approvals where required, and within the bank’s infrastructure/rails rather than replacing cores. Core capabilities / product highlights: - payman.ask(): single natural‑language / API call that can create or look up payees, check balances, apply policies, and trigger payments or request approval. It returns a structured JSON response that describes actions and approval needs. - Policy engine: programmable spending rules (amounts, frequency, approval thresholds) to ensure human oversight as needed. - Orchestration / agentic paradigm: deploy AI agents that act under policies and within developer apps. - Dashboard: no‑code interface to manage wallets, policies, payees, approvals, and Developer Mode. - SDKs & tools: TypeScript SDK (Python is mentioned), Playground for testing API calls, OAuth and client‑credentials/server‑to‑server flows for apps. - Wallet types: Test (TSD), USD (ACH) wallets (USD wallets are US‑only), and USDC (global). Security, custodians & compliance: - Bank‑grade posture described: KYC/KYB for developers, vetted developer access, SOC 2 is mentioned, encryption in transit and at rest, data masking, and real‑time monitoring. - Financial rails / custody (public references): USD wallets through Stripe with custodian Fifth Third Bank. USDC wallets via Bridge with reserve/custody references to BlackRock, Fidelity, Apex. FDIC‑eligibility references up to $250,000 are mentioned in public docs. - Controls for API keys (generate/rotate) and a limited API surface to minimize data exposure. Developer & integration details: - Quickstart covers registering an app, enabling Developer Mode, creating test wallets/payees/policies, generating test credentials (Client ID/Secret), and switching to Live Credentials for production. - OAuth and server‑to‑server credentials supported; documentation includes an interactive Playground and examples showing payman.ask usage. - Roles described in docs: User (wallet & policy owner), Developer (builds apps/integrations), AI Agent (executes within policy constraints). Legal & licensing (public doc highlights): - API License / Agreement is published. Observed points: a limited, revocable API license; use restrictions (no reverse engineering, cloaking, etc.); fees processed via Stripe; Payman retains IP for the API and marks. A small aggregated liability cap was noted in the summary (the precise limits require reading the full license). The agreement is governed by Delaware law. - Terms of Use and Privacy Policy pages exist. Pricing & availability (publicly observed): - No public pricing plans, per‑transaction fees, or trial pricing were found on the public site or docs. - Access: early/invite‑code gating is referenced in docs (invite codes required during early access). - USD wallets are limited to US‑based users. Company & trust signals (publicly referenced): - Founders/team: CEO & co‑founder Tyllen Bicakcic called out, with prior experience at Meta, Uniswap, Novo (as referenced in docs/site). - Investors referenced in public materials: Visa, Coinbase Ventures, Circle; a funding figure of $13M is cited in the public content. - Claim referenced that Payman executed the first ACH transactions by AI agents (stated on the site/docs). Support & documentation: - Support email shown in docs: [email protected] - Social / community links referenced: Discord, X (Twitter), LinkedIn (linked from site). - Documentation site: docs.paymanai.com with Quickstart, API references, glossary, and guides. Pages visited (public links checked): - https://paymanai.com/ - https://paymanai.com/about-us - https://paymanai.com/security - https://paymanai.com/api-license - https://paymanai.com/terms-of-use - https://docs.paymanai.com/overview/introduction - https://docs.paymanai.com/getting-started/what-is-payman - https://docs.paymanai.com/getting-started/ask - https://docs.paymanai.com/overview/quickstart - https://docs.paymanai.com/developer/generate-credentials - https://docs.paymanai.com/developer-guide/oauth-setup - https://docs.paymanai.com/resources/prompt - Dashboard & wallet guides on docs.paymanai.com Gaps / items not publicly available (recommend contacting Payman): - No public pricing or per‑transaction fees; plan structures unknown. - No clear SLA or guaranteed support terms published in the public docs. - Exact liability limits, indemnity scope, and many contractual terms in the API License should be reviewed with legal; the published license contains many restrictions and a small aggregate liability cap noted in the summary. - Enterprise availability timelines, enterprise onboarding pricing, and integration cost estimates are not published. - Exact technical audit reports (SOC 2 report download), detailed certification documentation, or whitepapers beyond the site summary are not publicly available and would need to be requested for procurement. Suggested next steps (as observed/recommended in the summary): 1) For pricing/enterprise terms: email [email protected] or request sales/demo from the site and ask for pricing tiers, transaction fees, volume discounts, and SLAs. 2) For legal review: download and read the full API License and Terms of Use; escalate to your legal team before integrating. 3) For technical evaluation: request an invite/test credentials, use the Playground and TSD wallet in the Quickstart, and test payman.ask() flows with your use cases. 4) For security procurement: request Payman’s SOC 2 report, pen‑test/attestation documents, and detailed custody arrangements and FDIC/reserve proof if needed. Optional follow‑ups the reviewer offered to do: - Draft an email to support/sales requesting pricing, SOC 2 report, and an invite code. - Summarize API License clauses that could be high risk (liability/fees/restrictions) for legal review. - Start a quick test plan (specific payman.ask prompts and checks) to validate workflows once test credentials are available. Note: This JSON summary is constrained to the information that was explicitly observed on paymanai.com and the public docs and does not add or infer facts beyond those public statements.