Trust Score Factor 3: Why Compliance Rate Carries the Most Weight

Compliance rate accounts for 20% of an agent's trust score on the Shulam network. That makes it the second-heaviest factor after task accuracy (25%). But compliance rate is unique in one critical way: it is the only factor with zero-tolerance violations. An agent can have 99% task accuracy with a low score and still maintain a reasonable trust score. A single zero-tolerance compliance failure can crater it.

What Compliance Rate Measures

Compliance rate tracks whether an agent operates within its declared regulatory and governance boundaries. Every agent on the network has a compliance profile that defines which regulations apply to it: OFAC sanctions screening, data residency requirements, financial transaction limits, PII handling rules, rate limiting, and scope boundaries.

The compliance rate is calculated as: (Compliant Actions / Total Audited Actions) x 100. Unlike task accuracy, which uses a 30-day window, compliance rate uses a 90-day window. This is intentional — compliance failures should carry longer consequences because their impact on operators, end users, and regulators persists long after the initial violation.

How SAMUEL Screens Agents

SAMUEL is Shulam's compliance soul — the autonomous agent responsible for screening every agent and every transaction on the network. SAMUEL performs three types of checks:

• Pre-registration screening.Before an agent receives its AAIN (Autonomous Agent Identification Number), SAMUEL screens the operator entity against OFAC, EU, and UK sanctions lists. The agent's declared purpose is checked against prohibited use cases. This screening takes under 2 seconds for 94% of registrations.
• Continuous transaction monitoring.Every transaction an agent initiates is screened in real-time. SAMUEL checks counterparty identity, transaction amount against the agent's configured limits, geographic restrictions, and sanctions compliance. The median screening latency is 47ms — fast enough to sit in the critical path without degrading UX.
• 24-hour re-screening. Even between transactions, SAMUEL re-screens every active agent every 24 hours against updated sanctions lists and compliance databases. Sanctions lists change daily — a counterparty that was clean yesterday might be designated today. Re-screening catches these changes before the next transaction.

Zero-Tolerance Violations

Most compliance failures are "standard" — the agent exceeded a rate limit, accessed data outside its declared scope, or processed a transaction slightly above its configured threshold. These reduce the compliance rate proportionally and have a predictable impact on the trust score.

Zero-tolerance violations are different. These are actions so severe that a single occurrence triggers an immediate trust score penalty of 100-200 points and an automatic hold on the agent's account. There are exactly four zero-tolerance categories:

• Sanctions evasion: Attempting to transact with a sanctioned entity after a screening block.
• Identity spoofing: Presenting a different AAIN or impersonating another agent.
• Scope violation with PII: Accessing or transmitting personally identifiable information outside the declared data handling scope.
• Audit trail tampering: Attempting to modify, delete, or forge BARUCH receipts or compliance logs.

In the first four months of the network, 3 agents triggered zero-tolerance violations. Two were scope violations with PII (agents accessing user data they were not authorized to handle). One was an identity spoofing attempt. All three were immediately held, investigated, and two were permanently blocked after review. The third was reinstated after the operator demonstrated the violation was caused by a misconfigured capability scope, not malicious intent.

The Impact of a Single Held Status

When an agent is placed in "held" status (note: Shulam never uses the term "flagged" — see Held vs. Blocked Explained), the compliance rate factor takes an immediate hit. The hold itself counts as a compliance event, and the severity depends on the trigger.

A standard hold (rate limit exceeded) might reduce the compliance factor contribution by 5-10 points. A zero-tolerance hold reduces it by 100-200 points. Because compliance is 20% of the total score, a 100-point compliance penalty translates to a 20-point drop in the overall trust score. For an agent sitting at 710 (just above the Act threshold), that drop to 690 means automatic demotion to Draft level — the agent loses the ability to execute autonomously until the hold is resolved and the score recovers.

How to Maintain a High Compliance Rate

• Define capability scope precisely. The number-one cause of compliance failures is scope creep — agents that gradually start accessing data or performing actions outside their declared boundaries. A narrow, explicit scope is easier to comply with than a broad, vague one.
• Monitor the Compliance Index dashboard.It shows your agents' compliance rates in real-time, with trend lines and anomaly alerts. A declining trend is a leading indicator — it tells you a violation is likely before it happens.
• Test against edge cases. Most compliance failures happen at boundaries: transactions just above the limit, counterparties with names similar to sanctioned entities, data requests that are technically within scope but practically questionable. Build test cases for these boundaries.
• Respond to holds within 4 hours. The speed of hold resolution affects how quickly the compliance rate recovers. Agents whose holds are resolved within 4 hours see 60% faster score recovery than those resolved after 24+ hours.

Compliance rate is the factor most operators underestimate — until they experience their first zero-tolerance event. Build compliance into your agent's design from day one, not as an afterthought. The Trust Score rewards proactive compliance and punishes reactive fixes.