Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders.<\/em> Subscribe Now<\/em><\/p>\n\n\n\n For something launched in November, the Model Context Protocol (MCP) has begun amassing a large number of users, all but guaranteeing the mass adoption needed to make it an industry standard.\u00a0<\/p>\n\n\n\n But there is a subset of enterprises that are not joining the hype for now: regulated industries, especially financial institutions.\u00a0<\/p>\n\n\n\n Banks and other enterprises offering access to loans and financial solutions are not strangers to AI. Many have been pioneers in machine learning and algorithms, even playing an essential role in making the idea of investing using robots extremely popular. However, it doesn\u2019t mean financial services companies want to jump into the MCP and Agent2Agent (A2A) bandwagon immediately.\u00a0<\/p>\n\n\n\n While many regulated companies, such as banks, financial institutions, and hospitals, have begun experimenting with AI agents, these are typically internal agents. Regulated companies do have APIs. Still, so much of the integration these companies undertake has taken years of vetting to ensure compliance and safety.\u00a0<\/p>\n\n\n\n \u201cIt\u2019s very early days in a quickly accelerating domain, but there are some fundamental building blocks that are missing, at least as standards or best practices related to interoperability and communication,\u201d said Sean Neville, cofounder of Catena Labs. \u201cIn the early days of the web, there was no e-commerce because there was no HTTPS, and no way to transact securely, so you can\u2019t build Amazon. You need these basic building blocks in place, and now those building blocks on the web exist, and we don\u2019t even think about them.\u201d<\/p>\n\n\n\n Increasingly, enterprises and AI platform providers are establishing MCP servers as they develop multi-agent systems that interact with agents from external sources. MCP provides the ability to identify an agent, allowing a server to determine the tools and data it has access to. However, many financial institutions want more assurance that they can control the integration and ensure only approved tasks, tools, and information are shared.<\/p>\n\n\n\n John Waldron, senior vice president at Elavon, a subsidiary of U.S. Bank, told VentureBeat in an interview that while they are exploring the use of MCP, there are a lot of questions around the standard.\u00a0<\/p>\n\n\n\n \u201cThere are not a lot of standard solutions emerging, so we are still exploring a lot of ways to do that, including maybe doing that connection without an MCP exchange if the agent technology is common between the two and it\u2019s just two different domains,\u201d Waldron said. \u201cBut, what is the traceability of the data exchange without another exposure in that message? A lot of what\u2019s happening within MCP evaluation right now is figuring out if the protocol is just handling the exchange and doesn\u2019t provide any further risk leakage. If it is, then it\u2019s a viable path we\u2019ll explore for handling that exchange.\u201d<\/p>\n\n\n\n Financial institutions and other regulated businesses are no strangers to AI models. After all, much of passive investing grew when roboadvisers\u2014where algorithms made decisions on financial planning and investments with little to no human intervention\u2014became popular. Many banks and asset managers invested early in natural language processing to enhance document analysis efficiency.\u00a0<\/p>\n\n\n\n However, Salesforce Vice President and General Manager of Banking Industry Solutions and Strategy, Greg Jacobi, told VentureBeat that some of their financial clients already have a process in place to assess models, and they\u2019re finding it challenging to integrate AI models and agents with their current risk scenarios.\u00a0<\/p>\n\n\n\n \u201cMachine learning and predictive models fit pretty well with that risk framework because they\u2019re deterministic and predictable,\u201d Jacobi said. \u201cThese firms immediately take LLMs to their model risk committees and found that LLMs produce a non-deterministic outcome. That\u2019s been an existential crisis for these financial services firms.\u201d<\/p>\n\n\n\n Jacobi said these companies have risk management frameworks where, if they give inputs to models, they expect the same output every time. Any variances are considered an issue, so they require a method for quality control. And while regulated companies have embraced APIs, with all the testing involved there, most regulated entities \u201care afraid of openness, of putting out something so public-facing\u201d that they cannot control.\u00a0<\/p>\n\n\n\n Elavon\u2019s Waldron, however, doesn\u2019t discount the possibility that financial institutions may work towards supporting MCP or A2A in the future.\u00a0<\/p>\n\n\n\n \u201cLooking at it from a business perspective and demand, I think MCP is a very critical part of where I think the business logic is going,\u201d he said.\u00a0<\/p>\n\n\n\n Waldron said his team remains in the evaluation stage and \u201cwe haven\u2019t built a server for pilot purposes yet, but we\u2019re going to see how to handle that bot-to-bot exchange of messages.\u201d<\/p>\n\n\n\n Catena Lab\u2019s Neville said he is watching the conversation around interoperability protocols like MCP and A2A with great interest, especially since he believes that in the future, AI agents will be as much of a customer for banks as human consumers. Before starting Catena Labs, Neville cofounded Circle, the company that established the USDC stablecoin, so he has firsthand experience with the challenges of bringing new technology to a regulated business.\u00a0<\/p>\n\n\n\n Since MCP is open source and new, it is still undergoing constant updates. Neville said that while MCP offers agent identification, which is key for many companies, there are still some missing features, such as guardrails for communication and, most importantly, an audit trail. These issues could either be solved through MCP, A2A or even an entirely different standard like LOKA.\u00a0<\/p>\n\n\n\n He said one of the biggest problems with the current MCP revolves around authentication. When agents become part of the financial system, even MCP or A2A, there\u2019s no real way to do \u201cknow-your-customer\u201d on agents. Neville said financial institutions need to know that their agents are dealing with licensed entities, so the agent must be able to point to that verifiably.\u00a0<\/p>\n\n\n\n \u201cThere needs to be a way for an agent to say, \u2018this is who I am as an agent, here\u2019s my identity, my risk and who I am operating on behalf of.\u2019 That verifiable identity in a way all these different agentic frameworks can understand would be key.\u201d<\/p>\n Daily insights on business use cases with VB Daily<\/strong><\/p>\n If you want to impress your boss, VB Daily has you covered. We give you the inside scoop on what companies are doing with generative AI, from regulatory shifts to practical deployments, so you can share insights for maximum ROI.<\/p>\n \n\t\t\t\t\tThanks for subscribing. Check out more VB newsletters here.\n\t\t\t\t<\/p>\n An error occured.<\/p>\n<\/p><\/div>\n
\n<\/div>Models and agents are different<\/h2>\n\n\n\n
Agents can\u2019t KYC another agent<\/h2>\n\n\n\n
![\"\"\/](\"https:\/\/venturebeat.com\/wp-content\/themes\/vb-news\/brand\/img\/vb-daily-phone.png\")
\n\t\t\t\t<\/div>\n<\/p><\/div>\n<\/div>\t\t\t<\/div>\r\n