Cross-Platform AI Workflow Agents in Banking and Insurance: Interoperability Standards and Risk Management

AI agents are advancing from experimental tools to orchestrators of end-to-end workflows across banking and insurance. Most deployments remain in tightly governed pilots. Emerging interoperability standards for agents, APIs, and data are increasingly shaping how these pilots scale across core systems, while regulators set clearer expectations for AI risk management, documentation, and cross-system data governance.

This article examines where banks and insurers are piloting cross-platform AI workflow agents, how new interoperability standards are affecting vendor selection, and what institutions must document to demonstrate responsible, compliant use in both customer-facing and back-office processes.

1. From Task Automation to Cross-Platform AI Workflow Agents

Initial AI deployments in financial services centered on point solutions: fraud models, chatbots, and Robotic Process Automation (RPA) scripts within single applications. Cross-platform AI workflow agents mark a shift toward systems that plan and execute multi-step processes spanning multiple platforms.

Capgemini's World Cloud Report - Financial Services 2026, based on a survey of 1,100 executives, finds that 87% of financial services firms have adopted AI, 32% are using generative AI, but only 10% have deployed AI agents at scale, with 96% citing regulatory and compliance complexity as a key barrier to wider agentic AI adoption^{1Hard-Cover_Landscape-Template} Adoption is broad but remains focused on pilots and select business lines, particularly in capital markets, P&C insurance, and retail banking.

1.1 What distinguishes cross-platform workflow agents

AI workflow agents in banks and insurers are moving beyond single-application interfaces to goal-oriented systems that:

• Interpret user or system goals (e.g., "complete KYC refresh for this portfolio").
• Decompose workflows into steps (data retrieval, checks, decisions, escalations).
• Invoke tools and APIs across multiple systems (core banking, CRM, policy admin, trading, payments).
• Maintain state and context over extended processes.
• Escalate edge cases to humans with full audit trails.

Unlike RPA or hard-coded workflow engines, these agents rely on large language models (LLMs) or similar approaches for planning and exception handling, increasing both flexibility and risk.

1.2 Where leading pilots are emerging

Industry surveys and case studies indicate that pilots concentrate in workflows spanning multiple platforms but are tightly governed. Examples include:^{1Hard-Cover_Landscape-Template}

• Customer onboarding and KYC/AML

  • Systems: digital channels, CRM, document management, core banking or policy admin, sanctions and KYC utilities.
  • Agent roles: orchestrate document intake, run screening checks, draft risk memos, and propose decisions for human approval.

• Claims and incident handling (insurance)

  • Systems: claim intake portals, policy admin, pricing engines, fraud detection, payment systems.
  • Agent roles: triage claims, extract data from unstructured documents, check policy terms, propose settlements, trigger payments for human sign-off.

• Trade lifecycle and treasury workflows

  • Systems: order management, risk engines, middle-office controls, collateral systems, and reconciliations.
  • Agent roles: monitor exceptions, request data from risk systems, draft adjustments, initiate remediation tickets.

• Compliance, reporting, and policy change management

  • Systems: regulatory rule repositories, GRC platforms, product systems, document management.
  • Agent roles: map new regulations to controls, run impact analyses, propose control updates, as documented in recent case narratives from technology vendors working with banks and insurers.^{2Frontier Finance: Agentic AI Redefines Banking and Insurance}

These pilots are generally constrained by strong human review, pre-defined guardrails, and limited decision authority, reflecting regulatory expectations.

1.3 Single-platform vs cross-platform agents

A key design decision is whether agents operate within a single platform or orchestrate across multiple systems.

2. Interoperability Standards Shaping the AI Agent Stack

Cross-platform agents rely on interoperability standards: protocols for connecting agents to tools, standards for agent-to-agent communication, and domain-specific data and API standards providing consistent semantics.

2.1 Open agent connectivity standards (MCP and beyond)

The Model Context Protocol (MCP) has emerged as a central mechanism for connecting LLM-based agents to tools, data, and enterprise systems.

Anthropic introduced the Model Context Protocol (MCP) as an open standard in November 2024 to standardize how AI models connect to external tools and data; it has since been adopted by major providers including OpenAI and Google and donated to a Linux-Foundation-hosted Agentic AI Foundation in December 2025^{3Model Context Protocol} MCP enables agents to discover and invoke capabilities exposed by MCP servers, which wrap systems including databases, SaaS applications, and messaging platforms.

Analyst and vendor reports highlight several key properties for financial services:^{4What is MCP? | IT Pro}

• Standardized tool access: unified schemas for tools, parameters, and responses across clouds and vendors.
• Multi-agent orchestration: multiple agents can share MCP servers and coordinate multi-step workflows.
• Security implications: misconfigured MCP servers can expose sensitive functions or be vulnerable to prompt-injection attacks, requiring robust server design and isolation.

Other evolving standards in the agent ecosystem include:

• Agent2Agent (A2A): an open protocol introduced by Google in 2025 for agent communication and discovery, now part of a Linux Foundation project with participation from major cloud vendors.^5Agent2Agent
• W3C AI Agent Protocol Community Group: established in 2025 to define interoperable Web-scale protocols for agent discovery, identity, and collaboration, emphasizing security and verifiable credentials.^{6AI Agent Protocol Community Group}
• Research protocols (e.g., Coral, LOKA): academic proposals for decentralized multi-agent collaboration, identity, and payments that may inform future standards but are not widely adopted in regulated finance.^{7LOKA Protocol: A Decentralized Framework for Trustworthy and Ethical AI Agent Ecosystems}

For banks and insurers, these standards are gradually replacing proprietary integrations with more standardized connectivity layers.

2.2 Domain data and API standards (ISO 20022, FDC3, and others)

Agent interoperability also requires shared semantics for financial data and events.

Under ISO TC68, 23 countries agreed in 2017 to develop a standardized web-based API (WAPI) framework for financial services, with ISO 20022 providing the common business process data semantics for those APIs^{8APIs and ISO 20022 | ISO20022} ISO 20022 underpins many global payment and securities systems and increasingly serves as the semantic foundation for open banking and instant-payment APIs.

In capital markets, the FDC3 standard from FINOS defines a context model and "intents" for interoperable desktop workflows, enabling applications such as order blotters, research tools, and risk dashboards to exchange data and trigger actions consistently.^{9FDC3 1.2 | FDC3} Pilot agent workflows on front-office desktops can leverage FDC3 for understanding and acting on positions, orders, and instrument data without custom integrations.

Other relevant initiatives include:

• API standards alliances in payments and open banking, where networks and standards organizations harmonize API specifications.^{10New standards alliance to unlock further potential of API technology | Swift}
• Banking-specific reference models (e.g., BIAN, open banking profile extensions to ISO 20022) that help align agents with standard business capabilities and message schemas.

2.3 Mapping the standards landscape

The following table summarizes how standard categories intersect in cross-platform agent pilots.

Vendor selection increasingly factors in alignment with these standards to mitigate lock-in and reduce future integration costs.

3. Regulatory Focus: Cross-System AI Risk Management and Governance

While regulators have not specified rules for "AI agents," existing and new frameworks encompass agentic workflows, especially in credit, insurance pricing, trading, or processes with customer impact.

3.1 EU AI Act: high-risk use cases in banking and insurance

The EU AI Act (Regulation (EU) 2024/1689) entered into force on 1 August 2024 and will apply to most high-risk AI systems, including credit scoring and life and health insurance pricing, from 2 August 2026^{11AI Act | Shaping Europe’s digital future} High-risk AI obligations require comprehensive risk management, quality management systems, logging, transparency, human oversight, and post-market monitoring.

BaFin notes that AI systems used to evaluate creditworthiness or price life and health insurance are classified as high-risk AI systems under the EU AI Act, triggering stringent governance and documentation obligations^{12BaFin - Current topics - AI at banks and insurers: automatically fair?} For cross-platform agents, this means:

• If an agent participates in credit scoring or underwriting, the entire workflow is subject to high-risk governance.
• When workflows span multiple systems and vendors, institutions must show end-to-end control over data quality, access, and decision logic.

Supervisory bodies are adapting to these changes. EBA's recent work on AI in banking notes widespread machine learning adoption across profiling, fraud, and credit models, and stresses robust risk management and testing.The European Banking Authority's 2024 risk assessment finds most EU banks use AI methods, including regression, decision trees, NLP, and neural networks, for customer profiling, fraud, AML, and increasingly for credit scoring and regulatory models^{13Special topic – Artificial intelligence | European Banking Authority} EIOPA has issued opinions clarifying governance and risk requirements for insurers, even beyond specified high-risk cases.^{14Scaling AI in insurance: striking the right regulatory balance - European Insurance and Occupational Pensions Authority}

3.2 Sector-specific AI risk frameworks (NIST AI RMF and FS AI RMF)

Risk and compliance teams in global institutions increasingly align AI governance with industry frameworks.

NIST released its AI Risk Management Framework (AI RMF 1.0) on 26 January 2023 as a voluntary standard for managing AI risks and implementing trustworthiness requirements^{15AI Risk Management Framework | NIST} The framework outlines core functions (Govern, Map, Measure, Manage), emphasizing transparency, robustness, privacy, and fairness-all applicable to financial sector requirements.

The Cyber Risk Institute's Financial Services AI Risk Management Framework (FS AI RMF) provides a sector-specific control catalogue for AI in financial services, building on CRI profiles used by more than 100 institutions^{16Financial Services AI Risk Management Framework – Cyber Risk Institute} It offers:

• An adoption staging model (from experimentation to scaled use).
• A risk and control matrix tailored to financial services AI.
• Templates and guidance for integrating AI risks into GRC programs.

These frameworks are increasingly referenced in supervisory discussions, especially for multi-agent workflows.

3.3 Insurance-specific adoption and supervision

Insurance supervisors stress both innovation and consumer safeguards.

EIOPA reports that around 50% of non-life insurers and nearly a quarter of life insurers in Europe already use AI, with more planning adoption in three years^{17Scaling AI in insurance: striking the right regulatory balance - European Insurance and Occupational Pensions Authority} AI use is highest in non-life pricing, claims triage, and back-office automation, but generative AI and agents are entering more complex workflows.

EIOPA's governance opinion emphasizes proportionality, human oversight, data quality, and documentation. It recommends that governance measures match each AI application's risk level, not apply uniformly.^{14Scaling AI in insurance: striking the right regulatory balance - European Insurance and Occupational Pensions Authority} For agentic workflows impacting underwriting or claims, this requires detailed records of:

• How agents obtain and process data across systems.
• The boundaries of agent autonomy and human escalation.
• Methods for detecting and mitigating bias, discrimination, and explainability issues.

3.4 National testing frameworks and supervisory sandboxes

Some national authorities are piloting AI testing regimes tailored to banks and insurers.

Germany, for example, has introduced an AI testing framework for financial services, with Fraunhofer IAIS operating a live auditing sandbox. Major institutions including Commerzbank, Allianz, and DKB are using this framework in pilot audits to prepare for EU AI Act conformity, covering use cases from credit scoring and trading to automated claims and robo-advice^{18Germany Unveils Comprehensive AI Testing Framework for Finance Sector - BABL AI} Similar efforts are underway elsewhere, often linked to model risk or cybersecurity guidelines.

4. Architecture Patterns for Cross-Platform AI Workflow Agents

Technical architecture decisions impact the scalability and risk profile of cross-platform agents.

4.1 Hub-and-spoke orchestration with standardized tool access

A prevalent pattern involves a central orchestration layer:

• Orchestration agents receive tasks from users or systems.
• These agents invoke underlying tools via standard protocols (such as MCP) that expose enterprise systems as endpoints.^{4What is MCP? | IT Pro}
• Domain-specific micro-agents (e.g., "KYC document checker", "claims triage agent", "payment repair agent") handle specialized subtasks.
• The orchestrator manages state, applies guardrails, and coordinates human approvals.

This approach allows banks and insurers to:

• Replace underlying tools or systems without retraining orchestration logic.
• Enforce consistent access controls and logging at the orchestration layer.
• Scale agent adoption incrementally, leveraging a consistent connectivity framework.

4.2 Aligning with financial data/API standards

Data consistency strongly influences workflow quality. Pilots aligning agent inputs and outputs with ISO 20022 messages, FDC3 context objects, or institutional data models experience reduced reconciliation issues and greater auditability.

For example:

• A payment exception-handling agent using ISO 20022 can operate across payment rails and correspondent banks with consistent semantics.^{8APIs and ISO 20022 | ISO20022}
• A trading assistant using FDC3 can open relevant applications, pre-fill order tickets, and broadcast context without custom integrations.^{9FDC3 1.2 | FDC3}

Semantic alignment enables traceability when regulators review how agent decisions are formed.

4.3 Security and zero-trust considerations

Open protocols and connectors expand attack surfaces. Reviews of MCP deployments cite risks from misconfigured servers, weak authentication, and prompt-injection vulnerabilities.^{4What is MCP? | IT Pro} Financial institutions typically implement:

• Network and identity isolation for agent infrastructure, treating MCP servers and connectors as privileged middleware.
• Policy enforcement restricting agent tool access based on context.
• Content filtering and validation for prompts and outputs, especially in multi-system workflows.
• Red-teaming and adversarial testing focused on data leakage, unauthorized actions, and risk manipulation.

Documentation of these controls is crucial for compliance with both AI and cybersecurity standards.

5. What Institutions Must Document for Responsible Cross-Platform Agents

Supervisors and auditors increasingly demand end-to-end documentation of AI workflows. For cross-platform agents, this encompasses operational and governance evidence beyond model documentation.

Key documentation elements from emerging frameworks include:^{15AI Risk Management Framework | NIST}

5.1 System and use-case inventory

• Register of AI systems and agents detailing:
  • Purpose, owner, criticality.
  • Agent boundaries (capabilities and limits).
  • Mappings to regulatory categories (e.g., AI Act high-risk, model risk, DORA critical ICT).
• Detailed use-case descriptions, clarifying where agents advise, decide, and when human intervention is required.

5.2 Data lineage and cross-system data sharing

• Diagrams and flow records showing:
  • System read/write interactions.
  • Types of data accessed (personal, transaction, sensitive).
  • Cross-border flows and third-country cloud use.
• Data quality controls, enrichment steps, and reconciliation checkpoints within workflows.

These support AI and data protection compliance, including outsourcing oversight.

5.3 Model and agent behavior documentation

• Model cards for key models (LLMs, risk models, scoring engines), detailing training data, limitations, and known failure modes.
• Descriptions of prompt templates, guardrails, and policy constraints on agent behavior.
• Records of pre-deployment testing, including scenario-based tests for routing errors, bias, and transaction mistakes.

Some institutions are piloting machine-readable governance scores or deployment gates that encode regulatory requirements as executable policies.^{19AI Deployment Authorisation: A Global Standard for Machine-Readable Governance of High-Risk Artificial Intelligence}

5.4 Human oversight, escalation, and controls

• Clear statements of human roles, responsibilities, escalation paths, authority thresholds, and control ownership in each workflow.
• Evidence that oversight staff are trained on AI capabilities and limitations.

5.5 Ongoing monitoring and incident management

• Metrics and dashboards tracking:
  • Agent-handled vs human-handled volumes.
  • Error rates and disputed outcomes.
  • Performance drift and data-quality incidents.
• Incident management covering AI-related failures, including regulatory notification obligations.

Institutions using the NIST AI RMF or FS AI RMF often map documentation directly to framework controls for streamlined audits.

6. Actionable Conclusions and Typical Next Steps

Recent research and regulatory trends show consistent themes in cross-platform AI workflow agent adoption among leading banks and insurers.

6.1 Near-term priorities for CIOs, CTOs, and Heads of Risk

Institutions advancing beyond pilots often:^{1Hard-Cover_Landscape-Template}

• Rationalize use cases: focus on high-volume, moderate-risk workflows (e.g., KYC refresh, payment exceptions, claims triage) where cross-platform orchestration yields measurable ROI and manageable risk.
• Standardize connectivity: select primary protocols (e.g., MCP), align integrations with ISO 20022, FDC3, or internal models.
• Adopt a reference risk framework: map initiatives to NIST AI RMF or FS AI RMF, integrating with existing risk taxonomies.
• Strengthen governance: establish cross-functional AI governance bodies with authority over agent workflows.

6.2 Structuring a 12-24 month roadmap

A typical roadmap includes:

1. Discovery and inventory (0-6 months):

   • Catalog existing AI and agent pilots.
   • Classify use cases for regulatory impact.
   • Identify suitable workflows for cross-platform agents.

2. Standards and architecture (3-12 months):

   • Select core interoperability standards.
   • Design agent orchestration platforms with defined boundaries.
   • Set interface standards (ISO 20022, FDC3 compatibility) for new systems.

3. Governed pilots (6-18 months):

   • Launch pilots with KPIs, controls, and oversight.
   • Apply AI risk frameworks and document decisions for audits and regulators.
   • Refine guardrails and workflows using monitoring insights.

4. Scale-out with compliance (12-24 months):

   • Broaden pilots as documentation and controls stabilize.
   • Align for upcoming regulatory deadlines, including EU AI Act high-risk mandates from August 2026.^{11AI Act | Shaping Europe’s digital future}

Institutions combining open standards with mature risk controls are positioned to scale AI workflow automation across platforms while meeting regulatory expectations.

Frequently Asked Questions

What is the difference between an AI workflow agent and traditional RPA in banking?

RPA executes pre-defined scripts on fixed user interfaces or APIs, adapting poorly to novel situations. AI workflow agents use models like LLMs to interpret goals, plan multi-step workflows, and handle unstructured data, enabling coordination across systems. This increases flexibility and value, but also expands the risk surface and governance requirements.

Which interoperability standards matter most today for cross-platform AI in financial services?

Practically, three categories predominate: tool-connectivity protocols (e.g., MCP), agent communication efforts (Agent2Agent, W3C AI Agent Protocol), and domain standards (ISO 20022, FDC3) giving meaning to financial data. Institutions often combine these with internal canonical models and API design guidelines.^{20Model Context Protocol – Wikipedia}

How does the EU AI Act affect AI workflow agents used by banks and insurers?

If an AI agent participates in high-risk areas-credit assessment, scoring, or insurance pricing-the workflow is subject to the AI Act's requirements from August 2026. Institutions must then implement and document risk management, data quality, transparency, oversight, logging, and post-market monitoring for the entire system, including cross-platform data flows and third-party components.^{11AI Act | Shaping Europe’s digital future}

Can cross-platform AI agents be deployed on legacy core systems?

Yes, typically via intermediary layers. Legacy cores are exposed through APIs, message buses, or MCP-wrapped connectors, abstracting proprietary interfaces and enabling standardized, governed access. This allows agents to interact with legacy systems without embedding agent logic, supporting both security and gradual modernization.^{1Hard-Cover_Landscape-Template}

What should internal audit focus on when reviewing AI agent pilots?

Internal audit should assess whether agent pilots: are classified correctly under regulations; maintain complete documentation of workflows and data flows; implement robust access controls; provide clear human oversight and escalation; and are monitored with metrics to detect control failures or model drift. Aligning audit with frameworks like NIST AI RMF and FS AI RMF ensures comprehensive coverage of both technical and governance aspects.^{15AI Risk Management Framework | NIST}