Artificial Intelligence and Core Banking: From Back Office to Innovation Engine

Core Banking systems are the silent backbone of the banking industry. Their mission can be summed up in a few words: to accurately record every movement of money, calculate exact balances, and ensure compliance with accounting and regulatory rules. Much of this infrastructure, inherited from the 1960s, has demonstrated remarkable robustness. But at a time when banking is transforming at an unprecedented pace, particularly with the rise of artificial intelligence, these monolithic architectures are increasingly misaligned with market expectations.

Competitive Pressure: The Urgency to Modernize

The current banking landscape bears little resemblance to that of twenty years ago. Open banking has unlocked data and multiplied the number of players. Instant payments, once the exception, have become the norm. Regulators now require continuous transparency and operational resilience measured in real time. As for customers, they judge their bank through the lens of smooth, interactive, and personalized digital applications. In this context, a Core Banking system can no longer remain a transactional black box. It must evolve into a true innovation platform: open, API-driven, real-time, and capable of interacting with a broad ecosystem of partners and services.

This is precisely the role assumed by next-generation Core Banking Systems. Their mission goes far beyond simple account management. They orchestrate the relationship between the bank, its customers, its partners, and supervisory authorities. Designed to be modular, cloud-native, and scalable, they absorb regulatory complexity such as ISO 20022, DORA, ISO 27001, and PCI-DSS, while giving banks the flexibility they need to innovate, whether through open APIs or process automation. In short, they become the agile foundation of a banking model undergoing profound transformation.

In this context of rapid innovation and change, a new step becomes unavoidable: the integration of artificial intelligence. AI is reshaping every industry, and banking is no exception. Digital neobanks have already made it a key lever to gain ground and capture market share. For traditional banks, this is no longer an option but an urgent necessity: missing this shift would mean being left behind as the competitive landscape is redrawn.

AI as a Catalyst for Innovation, but Only on Solid Foundations

Artificial intelligence is now establishing itself at the very core of banking systems. Long confined to specific functions such as fraud detection, credit scoring, or isolated automation, it developed as an efficient layer that remained largely detached from the operational core. Today, truly transformative use cases are beginning to emerge: AI assistants capable of synthesizing internal knowledge for advisors, automated credit decision-making processes, or personalized financial nudges sent to customers in real time. These advances point to a profound reinvention of the banking model driven by AI.

The overall potential is massive. According to McKinsey, generative AI could create between 200 and 340 billion dollars in annual value for the banking sector, representing 9 to 15 percent of operating profits. JPMorgan is already investing more than 2 billion dollars per year in its AI initiatives and states that the gains have already reached that level.

For AI to fully deliver on its promise, it must rely on a technological foundation capable of processing data in real time, within an environment that is secure, traceable, and properly governed. These requirements, however, collide with the limitations of legacy systems: rigid architectures, asynchronous processes, heavy update cycles, and complex audit procedures.

This is where next-generation core banking platforms demonstrate their full relevance. Designed to operate in real time and built on event-driven architectures, they transform the core into a true orchestration layer for data flows. Models can interact directly with business processes, trigger automated actions, and continuously learn from the events produced by the system. These open, modular, and traceable architectures provide the agility and transparency required to integrate AI as a structural component of the core, rather than as a peripheral tool, without generating technical, organizational, or regulatory debt. The result is the foundation for new banking models that are smarter, more integrated, and more responsive.

By becoming the catalyst for AI integration in banking transformation, next-generation core banking also takes on a new responsibility: ensuring that every interaction between intelligent agents and banking functions remains secure, controlled, and fully traceable. This responsibility calls for a structured framework in which technologies, protocols, and governance converge to regulate exchanges between artificial intelligence and financial infrastructures. Two emerging standards are already positioning themselves as key pillars of this framework: the Model Context Protocol (MCP) and the Agent-to-Payments Protocol (AP2).

MCP: A New Common Language Between AI and Core Banking

Developed by Anthropic, the Model Context Protocol (MCP) is built on a simple yet powerful idea: unifying the way AI systems interact with business applications. Instead of relying on a multitude of bespoke connectors and custom integrations, MCP establishes a common language based on the JSON-RPC standard. It enables an AI system to communicate with an MCP server that uniformly describes and exposes the capabilities offered by each system.

In the banking world, the Model Context Protocol opens up a new perspective: a smooth and standardized interaction between artificial intelligence and critical financial systems. An MCP-compatible core banking platform could expose, through this protocol, a set of functions such as balance inquiries, payment initiation, identity verification, or report generation, which intelligent agents could securely invoke. Rather than multiplying application-specific connectors, MCP introduces a shared language between AI systems and banking platforms, ensuring traceability, governance, and access control.

The concrete implementation of MCP within a core banking platform relies on well-established API foundations and protocols. For example, an MCP server would expose both resources such as accounts, transaction histories, and KYC data, and tools such as account creation, payment initiation, card blocking, or report generation, while leveraging existing security standards like OAuth 2.1 for access management. In a modern environment, it is therefore possible to build an MCP server directly on top of core APIs, offering an MCP client, such as a conversational agent, secure and standardized access to the full set of system capabilities. MCP does not replace APIs; it federates them and makes them intelligible to AI models, enabling governed, traceable, and contextualized interactions. This approach paves the way for a pragmatic industrialization of artificial intelligence in banking, where core functions become reusable cognitive building blocks, orchestrated without infrastructure overhaul or loss of control.

This logic is particularly relevant in a modern banking ecosystem, where each platform relies on a wide range of partners such as KYC, AML, scoring, cards, payments, and reporting providers. MCP acts here as an integration catalyst: it simplifies and accelerates collaboration between banks and their technology vendors while lowering barriers to entry. Tomorrow, an AI agent could, in real time, interact with a KYC provider or an AML engine to refine a verification or trigger a targeted control. AI thus becomes an intelligent assistant orchestrating interactions across systems, while core banking retains control over consistency, confidentiality, and regulatory compliance.

For banks, the benefits are clear: faster integration, a more modular architecture, and stronger governance. MCP does not claim to do everything, but it outlines a clear path forward: that of a core banking platform capable of speaking the language of artificial intelligence, without ever compromising its primary mission of ensuring trust, data sovereignty, and the security of financial data.

AP2: Securing and Legitimizing Payments Initiated by Agents

If MCP provides the common language, AP2 delivers the legal and technical safeguard. Launched in 2025 by Google Cloud and a consortium of major financial players including American Express, Mastercard, PayPal, and Revolut, this protocol addresses a central question: how can an AI be allowed to initiate a payment without compromising security and accountability?

AP2 is built around the concept of a digital mandate. This is a cryptographically signed contract that certifies a customer has explicitly authorized an agent to execute a payment. The mandate may cover a one-off transfer, a recurring debit, or a spending limit defined over a given period. When an AI agent initiates a transaction, it must present this mandate. The payment system verifies the signature and then executes the instruction with full confidence.

This mechanism is designed to operate across all payment rails: cards, SEPA transfers, instant payments, or even stablecoins. Within a core banking system, this translates into a simple rule: no valid AP2 mandate, no action. Each mandate is recorded in the ledger, just like an accounting instruction, ensuring full traceability and regulatory compliance.

With AP2, AI moves beyond the role of a simple assistant to become a true operational actor, but within a strict and secure framework. Automation meets accountability. This protocol represents a major evolution in the role of core banking. By natively integrating AP2, next-generation systems position themselves as trusted infrastructure capable of connecting AI with payment rails. The impact goes beyond technical security: it reshapes the boundaries of legal responsibility by anchoring every action performed by an AI agent in a signed, verifiable, and traceable mandate. Most importantly, AI is no longer confined to observation or advisory roles. It becomes an operational player in the value chain, under the rigorous control of a banking system designed to balance speed, innovation, and responsibility.

Beyond MCP and AP2: Governance, Explainability, and Multi-Agent Systems

These two protocols are foundational, but they are not sufficient on their own. Three additional dimensions are set to play a decisive role.

The first is AI governance. In banking, no automated decision can be left without justification. This requires audit logs that detail every interaction between an AI agent and the core: which data was accessed, which function was called, and in what context. These AI audit trails will soon become as essential as accounting logs.

The second is explainability. When a credit application is rejected or a payment is blocked, it is not enough to say that AI made the decision. The rationale must be clear and explicit: the transaction matches an identified fraud pattern, or the debt-to-income ratio exceeds a regulatory threshold. Without this level of transparency, trust from both customers and regulators will remain fragile.

Finally, the third dimension is the rise of multi-agent systems. A single agent cannot cover the full complexity of a bank. We are already seeing specialization emerge: one agent for onboarding, another for compliance, another for collections. These agents cooperate and communicate with one another through standards such as MCP and rely on safeguards like AP2 to take action. What is taking shape is a true digital team, where each agent plays a specific role within a collectively governed framework.

The Risks of Falling Behind

The banking ecosystem is entering a new era in which infrastructure technologies, interoperability, and artificial intelligence converge. Next-generation core banking platforms, combined with open protocols such as the Model Context Protocol (MCP) and the Agent-to-Payments Protocol (AP2), are redefining standards for performance, security, and agility. Together, they outline a model of banking capable of interacting with its ecosystem in real time, leveraging AI in a governed manner, and building truly intelligent financial services.

Conversely, ignoring this shift would mean locking banks into rigid architectures that are unable to keep pace with innovation and emerging use cases. The risk is no longer purely technological; it becomes competitive and strategic. Banks that adopt these interoperable and AI-compatible architectures early will gain a decisive advantage. They will no longer follow innovation; they will lead it. In a sector where speed of adaptation will be a key differentiator, delaying the transition to a next-generation core banking system that is interoperable, API-first, and aligned with emerging standards such as MCP and AP2 would result in a gap that will be difficult to close.