Team spend policy template for AI agents
Every team deploying autonomous agents needs a written spend policy. This template covers the rules, the roles, and the escalation path — ready to adapt for your organization.
Section 1: Scope
This policy applies to all autonomous AI agents deployed by [Organization Name] that have the ability to spend money — whether via payment APIs, cloud billing, ad platforms, or cryptocurrency transactions. It covers agents in development, staging, and production environments.
Section 2: Spend limits
2.1 Per-transaction limits
- Development agents: $10 per transaction
- Staging agents: $100 per transaction
- Production agents: As defined per agent in the deployment runbook; default $500 per transaction
2.2 Daily limits
- Development environment: $50/day total across all agents
- Staging environment: $500/day total across all agents
- Production: Per-agent budget defined in deployment runbook; default $2,000/day per agent
2.3 Category limits
- Compute (GPU/cloud): $500/day
- API credits (LLM tokens, search): $300/day
- Advertising: Requires separate budget approval
- Goods and services: $200/day
Section 3: Approved merchants
Always allowed: openai.com, anthropic.com, runpod.io, modal.com, replicate.com, stripe.com
Requires approval: Any merchant not on the always-allowed list. New merchants must be reviewed by [Security/Engineering Lead].
Blocked: Merchants flagged by the security team. The blocklist is maintained in the sipi.bot dashboard.
Section 4: Approval chain
Transactions FLAGGED by the spend firewall follow this escalation path:
- Under $100: Auto-approve (set approval_threshold rule to $100)
- $100–$500: Team lead approval (respond within 4 business hours)
- $500–$2,000: Engineering manager approval (respond within 1 business day)
- Over $2,000: Director approval with written justification from the requesting agent's operator
Section 5: Monitoring and audit
- All transactions are logged in the sipi.bot tamper-evident audit trail.
- Monthly spend reports are generated from the audit log and reviewed by [Finance/Engineering].
- Anomalies (3x normal daily spend, new merchant first spend, off-hours spend) trigger a Slack alert to #agent-spend-alerts.
Section 6: Environment configuration
# Apply this policy via sipi.bot rules (example for production)
# Per-transaction cap
POST /api/rules {"rule_type":"per_transaction","params":{"max_amount":500},"action":"BLOCKED","label":"prod-tx-cap"}
# Daily total
POST /api/rules {"rule_type":"daily_total","params":{"max_amount":2000},"action":"BLOCKED","label":"prod-daily-cap"}
# Merchant allowlist
POST /api/rules {"rule_type":"merchant_block","params":{"block_all":true,"allowed":["openai.com","anthropic.com","runpod.io","modal.com","replicate.com","stripe.com"]},"action":"BLOCKED","label":"prod-merchants"}
# Approval threshold
POST /api/rules {"rule_type":"approval_threshold","params":{"min_amount":100},"action":"FLAGGED","label":"prod-approval"}
# Velocity (anti-runaway-loop)
POST /api/rules {"rule_type":"velocity","params":{"max_per_minute":10},"action":"BLOCKED","label":"prod-velocity"}
Frequently asked
Is this policy template enforceable?
Yes. Every rule in Section 6 maps directly to a sipi.bot rule type. Copy the curl commands, replace the values with your limits, and the firewall enforces the policy automatically.
How do I handle exceptions to this policy?
Use the FLAGGED decision path with an approval threshold. Transactions that need exceptions get FLAGGED, a human reviews them, and the approval (or denial) is recorded in the audit trail.
Can different teams have different policies?
Yes. Create separate sipi.bot instances (or API keys with different rule sets) for each team. The self-hosted core is free and MIT-licensed; spin up a dedicated instance per team if needed.