Banking and AI have had a complicated relationship. Not because banks didn't want to use AI - they did. Every institution was running pilots, testing chatbots, deploying some flavor of large language model to field customer queries.
The problem was more fundamental.
The AI could talk. It couldn't do anything.
Customer lookup, account management, card controls, money movement - all of it locked behind legacy core systems that weren't designed to be touched by an LLM. Getting AI access to any one of those functions required a custom integration. A separate build for every use case. A different engineering project every time the institution wanted to try something new.
You can't build agentic banking on that foundation. The integration debt alone cancels out any efficiency gains.
According to McKinsey's Global Banking Annual Review 2025, 71% of banking executives said AI would materially reshape their operating models. But most deployments stayed at the assistant layer - generating answers, not executing work. The infrastructure to go deeper wasn't there.
Nymbus just addressed that infrastructure gap.
What Nymbus Actually Shipped
On April 9, 2026, Nymbus - a cloud-native banking platform serving U.S. banks and credit unions - announced the launch of what it describes as one of the first secure Model Context Protocol servers purpose-built for core banking.
The framing matters here. This isn't a chatbot product. It's not an AI assistant layer sitting on top of banking data. It's a standardized connection layer between AI agents and core banking functions, built on the open MCP standard Anthropic introduced in November 2024.
The server ships with 19 front-office tools out of the box, covering the most common service-layer tasks banks deal with daily:
- Customer lookup and identity verification
- Account management and details retrieval
- Debit card controls (including card freezes)
- Money movement
- General front-office service workflows
A service agent can handle all of these through a single conversational interface. No switching between systems. No re-integration when a new AI tool gets added to the stack.
Where legacy cores needed a custom build for each use case, this is one standardized connection layer for all of them.
"AI creates real value in banking when it helps institutions get work done, not just generate answers."
- Jeffery Kendall, Chairman and CEO, Nymbus
The Security Architecture (This Is the Part That Actually Matters)
For any financial institution reading about agentic AI, the first question isn't "what can it do?" It's "what can we prevent it from doing?"
Regulated environments don't hand over system access and hope for the best. They need control surfaces.
Nymbus built the governance model into the server itself. Each institution decides:
- Which of the 19 tools are active
- Which employee roles can access which tools
- Which actions require human review and approval before execution
Layered on top: token-based authentication, PII masking in logs, encrypted connections, and full audit trails.
The AI agent operates exactly within the permissions the institution has defined. Not a call more.
"The Nymbus MCP Server helps banks augment existing processes with AI-assisted workflows that can speed up research, reduce manual effort, and support better decisions, while giving each institution granular control over what is enabled, how it is used, and where governance and auditability are required."
- Matthew Terry, CTO, Nymbus
This is worth sitting with for a second. Banking compliance isn't just about what the AI does - it's about what you can prove it did. Full audit trails, access logs, and configurable human-in-the-loop checkpoints aren't nice-to-haves for a regulated institution. They're the difference between a deployable product and a liability.
Why MCP? And Why Now?
The choice of MCP as the protocol isn't incidental. It's the strategic bet underneath this whole product.
MCP was introduced by Anthropic in November 2024 as an open standard for connecting AI systems to real-world data and tools. The adoption curve since has been fast:
- November 2024 - Anthropic releases MCP as an open standard with SDKs for Python and TypeScript
- March 2025 - OpenAI adopts MCP across its Agents SDK and Responses API
- April 2025 - Google DeepMind confirms MCP support in Gemini models
- Late 2025 - AWS, Azure, Google Cloud, and Oracle all announce MCP features or integration
- 2025-2026 - Stripe, Square, and Shopify build MCP servers for their own platforms
- April 2026 - Nymbus ships the first MCP server for core banking
For Nymbus, building on MCP means the server isn't locked to a single AI provider or tool. New AI agents, new LLM integrations, new tooling built on MCP - all of them can connect to the same banking core through the same server. The institution doesn't have to rebuild anything.
The USB-C comparison is overused at this point, but it's accurate: before USB-C, every device needed its own cable. MCP does the same thing for AI integrations. Nymbus just built the banking socket.
The timing is deliberate too. According to Oracle's Banking 4.0 analysis, 2026 is the year banks move from AI pilots to production-scale agentic deployments. Lightweight, composable core systems are becoming the architectural preference precisely because they let banks plug in AI agents without core overhauls. Nymbus is positioning the MCP server as that plug.
What Comes Next
The 19 tools currently in the server are front-office focused. That's the logical starting point - highest frequency, clearest ROI, most visible to customers and branch staff.
The pipeline Nymbus has signaled goes broader. Fraud investigation, case handling, and operational follow-up are already being developed as the next tool set - back-office and compliance functions, which are the most expensive to run manually.
Consider what that looks like in practice. Right now, a fraud alert requires a human to pull case files, cross-reference account data, review transaction history, and escalate with documentation. Reporting from SIBOS 2025 showed that banks deploying agent-based workflows in compliance were calling those functions their most material cost levers over the next two years.
An MCP-connected fraud investigation agent doesn't replace judgment. It removes the manual assembly around it.
If the front-office tools are about speed and service, the back-office tools will be about cost and compliance capacity.
The Broader Signal: Every Regulated Industry Has This Problem
Banking got its first production MCP server. But the problem Nymbus solved - AI agents locked out of core operational systems by fragmented, custom-integration-dependent architecture - is not unique to banking.
Healthcare has the same issue. Insurance has the same issue. Legal, government, logistics. Any sector running on legacy systems with strict compliance requirements is sitting on the same bottleneck.
The MCP protocol is sector-agnostic. The governance pattern Nymbus built - tool-level permissions, role-based access, human-in-the-loop checkpoints, full audit trails - is exportable to any regulated context.
Infront, a wealth management infrastructure provider, has already announced full MCP integration in the next 12-24 months. FinTech Weekly reported in January 2026 that Block, Anthropic, and OpenAI - in partnership with the Linux Foundation - announced the Agentic AI Foundation to establish open standards for agentic AI across financial and non-financial contexts.
Banking solved it first. It won't be the last vertical this happens in.
What This Means If You're Building
Four things worth paying attention to if you're an AI builder, a developer working in fintech, or evaluating MCP for a regulated industry:
1. The governance layer is the product, not the tools
19 tools is a capability list. The per-tool permissions, role-based access, configurable human review gates, and audit trails - that's the architecture that makes it deployable in a regulated environment. Any MCP server targeting regulated industries needs to solve this first, not as an add-on.
2. Standardization wins over customization at scale
The banks that couldn't scale AI weren't failing because of bad models. They were failing because every use case needed its own integration. MCP's value isn't the protocol spec - it's what happens when your AI tooling doesn't require re-integration every time you add a new agent.
3. First-mover advantage in vertical MCP is real
The MCP server ecosystem is still early. Stripe, Square, Shopify, and now Nymbus have staked out their verticals. The platforms that build MCP-native infrastructure now set the default integration patterns for their sectors.
4. Watch the back-office roadmap
Fraud investigation and case handling in the Nymbus pipeline are signals about where agentic banking actually goes: operational cost reduction at scale. Front-office AI is visible. Back-office AI is profitable.
The Bottom Line
Nymbus didn't build a chatbot. They built the infrastructure layer that lets AI agents do real work inside a core banking system, with full institutional control over every call.
19 tools today. Back-office functions in the pipeline. Built on an open standard that every major AI provider and cloud platform now supports. Designed for the compliance constraints that actually govern financial institutions.
The question for every other sector running on legacy cores: how long until they get their own version of this?
First mover in a wide-open space. The watch list just got longer.
Follow Us for weekly breakdowns of MCP, agentic AI, and AI infrastructure.
Sources: Nymbus official announcement · McKinsey Global Banking Review 2025 · Oracle Banking 4.0 · Pento: A Year of MCP · FinTech Weekly on open standards · LatentBridge: AI Trends in Banking 2026
Top comments (0)