MCP Hits 97M Downloads: AI Agent Developer Guide
MCP Is Now Foundational Infrastructure for AI Agent Development
In March 2026, Anthropic reported that the Model Context Protocol's official TypeScript and Python SDKs hit 97 million monthly downloads. With over 200 pre-built servers and adoption across Claude, Cursor, and a growing ecosystem of AI tools, MCP has become the standard way AI agents connect to external systems.
For AI agent developers — particularly those building in fintech and payment infrastructure — MCP represents a fundamental shift in how we architect agent-tool interactions. Instead of building custom integrations for every data source, MCP provides a standardised protocol that handles authentication, capability declaration, and secure tool execution.
What Is MCP and Why Should Developers Care
The Model Context Protocol is an open standard for connecting AI assistants and agents to external tools and data sources. Think of it as the USB-C of AI integrations: a universal connector that works across different AI systems and tools.
The core architecture is straightforward:
MCP Hosts — AI applications like Claude Code, Claude Desktop, or your own AI agent that need to access external tools. MCP Servers — lightweight programs that expose specific capabilities (database access, API calls, file operations) through a standardised interface. The Protocol — defines how hosts discover server capabilities, request tool execution, and handle responses securely.The key innovation is capability declaration: each MCP server explicitly declares what tools it offers, what parameters they accept, and what permissions they require. The host (and ultimately the user) controls which capabilities the agent can access.
Building MCP Servers for Payment Systems
For fintech developers, MCP opens up the ability to give AI agents controlled access to payment infrastructure. Here's what that looks like in practice:
Ledger Query Server
An MCP server that gives agents read-only access to your double-entry ledger. The agent can query transaction history, check balance positions, and verify settlement status — but the server's capability declaration explicitly excludes any write operations.
Payment Status Server
Exposes payment lifecycle information: initiation, processing, settlement, and failure states across multiple payment rails (Open Banking, SEPA, Faster Payments). An AI agent connected through this server can monitor payment flows and flag anomalies without having access to initiate or modify payments.
Compliance Screening Server
Wraps your KYC/AML screening service in an MCP interface. AI agents can request screening results for transactions, check watchlist status, and retrieve compliance reports — all through a standardised protocol with audit logging built in.
Infrastructure Monitoring Server
Connects agents to your Kubernetes cluster metrics, PostgreSQL performance data, and Redis queue depths. An operational AI agent can monitor your payment infrastructure health and alert on issues before they affect transaction processing.
Security Model: Why MCP Works for Financial Systems
The reason MCP is gaining traction in fintech — a domain notoriously cautious about new technology — is its security architecture:
Explicit capability boundaries. Each MCP server declares exactly what it can do. A ledger query server cannot suddenly start modifying transactions. The capability declaration is the contract, and the protocol enforces it. User-controlled permissions. The end user (or system administrator) explicitly approves which MCP servers an agent can access. This aligns with the principle of least privilege that financial regulators expect. Audit trail. Every tool invocation through MCP can be logged with full request/response payloads. For payment systems where regulatory auditing is mandatory, this built-in traceability is essential. No ambient authority. An MCP-connected agent doesn't inherit the permissions of the user running it. It only has access to the specific capabilities declared by the servers it's connected to.MCP + Rust: Building Production-Grade Agent Infrastructure
For Rust developers building AI agent infrastructure, MCP servers are a natural fit. The protocol's emphasis on type-safe capability declarations aligns perfectly with Rust's type system.
A typical Rust MCP server for payment systems would use:
- Axum for the HTTP transport layer
- Serde for serialising/deserialising MCP protocol messages
- SQLx for type-safe database queries in ledger and transaction servers
- Tokio for async handling of concurrent agent requests
The Emerging MCP Ecosystem
Beyond the 200+ pre-built servers, the MCP ecosystem in 2026 includes:
MCP Apps — a new extension announced in early 2026 that allows tools to return interactive UI components. For fintech applications, this means an agent could render a transaction dashboard, a reconciliation report, or a compliance screening form directly in the conversation. MCP Registries — centralised directories of MCP servers, making it easy to discover and deploy pre-built integrations for common services like PostgreSQL, Redis, Slack, and GitHub. Enterprise MCP — emerging patterns for deploying MCP servers in regulated environments with SSO, role-based access control, and compliance-grade audit logging.What This Means for AI Agent Developers in the UK
The UK fintech ecosystem is particularly well-positioned to benefit from MCP adoption:
Open Banking APIs + MCP — wrapping Open Banking APIs in MCP servers gives AI agents the ability to query account data, check payment status, and monitor consent mandates through a standardised protocol. This is significantly simpler than building custom Open Banking integrations into every agent. Regulatory alignment — the FCA's approach to open finance emphasises standardised APIs and user consent. MCP's capability declaration and permission model mirrors these regulatory principles. Talent convergence — developers who understand both MCP/agent patterns and fintech domain (payment rails, settlement, compliance) are in high demand. London's concentration of AI companies and fintech firms creates a natural hub for this intersection.Getting Started With MCP Development
For AI agent developers looking to build MCP servers:
1. Start with a read-only server. Query your database, expose monitoring metrics, or wrap an existing API. Read-only servers are lower risk and teach you the protocol patterns.
2. Define capabilities precisely. The value of MCP is in its explicit capability boundaries. Be specific about what each tool does, what parameters it accepts, and what it returns.
3. Add structured logging from day one. Every tool invocation should be logged with enough context to reconstruct what the agent was doing and why. In fintech, this logging is non-negotiable.
4. Test with Claude Code. Claude Code has native MCP support, making it the easiest way to test your servers during development. Connect your server and verify that capabilities are correctly declared and tool responses are well-formatted.
