Last updated
total_balance.png

BCB Open Banking API - Model Context Protocol (MCP) Server

Responsible-Use Notice
Connecting this MCP server grants AI-driven access to live banking operations.
By using these endpoints you accept full responsibility for any actions taken and acknowledge the associated risk of using AI.

  • Operational Impact – With write privileges the AI can initiate transfers and other transactions.
  • Data Handling – Sensitive financial data may be processed by AI models; safeguard it accordingly.
  • Access Control – Issue credentials only to personnel you explicitly authorize.
  • Read-Only Preferred – Keep production credentials in read-only mode unless write access is essential.
  • Human Verification – Manually review and approve all AI-suggested transactions before execution.

This integration is experimental and provided “as-is.” Use at your own risk and implement appropriate safeguards.

Overview

The BCB Open Banking API MCP (Model Context Protocol) Server exposes Bermuda Commercial Bank's Open Banking REST API through the Model Context Protocol, enabling AI assistants like Claude to interact with banking services through natural language.

This implementation provides secure, authenticated access to:

  • Account information and balances
  • Transaction history and details
  • Foreign exchange quotes
  • Internal transfers between accounts
  • Payment and transaction status tracking

Architecture

The MCP server acts as a secure proxy between AI assistants and the BCB Open Banking API:

Claude Desktop ↔ MCP Server ↔ BCB Open Banking API ↔ T24 Core Banking

Key Components

  • Tools: Direct API operations (get account, make transfer, etc.)
  • Prompts: Template interactions for common banking scenarios
  • Proxy Service: Secure authentication and request forwarding
  • Authentication: OAuth 2.0 client credentials flow

Prerequisites

Before setting up the MCP server for your LLM client, Claude in this example, ensure you have:

  1. Claude for Desktop - Latest version installed
  2. Node.js - Latest version (At least 22) installed
  3. mcp-remote package - Install globally: npm install -g mcp-remote
  4. BCB API Credentials - Valid client ID and secret from BCB
  5. Network Access - Ability to reach BCB's API endpoints

Installation & Configuration

Step 1: Install Required Dependencies

# Install mcp-remote globally
npm install -g mcp-remote

# Verify installation
mcp-remote --version

Step 2: Configure Claude Desktop

Edit your Claude Desktop configuration file:

Location:

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%/Claude/claude_desktop_config.json

Configuration:

{
  "mcpServers": {
    "Bermuda Commercial Bank": {
      "command": "npx",
      "args": [
        "mcp-remote",
        "https://bcb-openbankapi-mcp-dev-a8chdsb5bedzbtb4.eastus2-01.azurewebsites.net/sse",
        "--header",
        "Bcb-Client-Id:${CLIENT_ID}",
        "--header",
        "Bcb-Client-Secret:${CLIENT_SECRET}"
      ],
      "env": {
        "CLIENT_ID": "your_actual_client_id",
        "CLIENT_SECRET": "your_actual_client_secret"
      }
    }
  }
}

Important Configuration Notes:

  • Replace your_actual_client_id and your_actual_client_secret with your BCB-provided credentials
  • The MCP server URL shown is for development

Step 3: Restart Claude Desktop

After saving the configuration file, completely restart Claude Desktop to load the new MCP server connection.

Available Tools

The MCP server exposes the following banking operations:

Account Management

  • bcb_get_account_details - Get comprehensive account information
  • bcb_get_all_accounts - List all customer accounts with pagination

Foreign Exchange

  • bcb_get_fx_quote - Get real-time currency conversion quotes

Transfers & Payments

  • bcb_make_internal_transfer - Execute transfers between customer accounts
  • bcb_get_payment_status - Check status of specific payments

Transaction History

  • bcb_get_account_transactions - Retrieve account transaction history
  • bcb_list_payment_statuses - Get paginated payment status list

Template Prompts

The server includes pre-built prompt templates for common scenarios:

FX Quote Assistant

Guides users through foreign exchange quote requests with structured parameters and explanations.

Internal Transfer Prompts

Provides templates for various transfer scenarios with proper validation and confirmation flows.

Transaction Analysis Prompts

Helps users analyze transaction patterns, categorize expenses, and generate financial insights.

Usage Examples

Account Information

Get Specific Account Details:

Show me the full details for my account 10000162925

List All Accounts:

List all my BCB accounts and show total balance by currency

Foreign Exchange Quotes

Simple FX Quote:

How much would 100 USD be in GBP according to BCB right now?

Detailed FX Request:

BCB FX quote assistant: please convert 100 USD into EUR and explain the result

Internal Transfers

Basic Transfer:

Make internal transfer 0.25 USD from my checking account 10000162925 to savings account 10000162926. Add end-to-end ID SALARY-JUNE and note 'Salary savings' as remittance

Transfer with Status Check:

Make internal transfer 0.15 USD from my checking account 10000162925 to savings account 10000162927. Add note 'Salary savings EUR'. Check transaction status afterwards.

Transaction Analysis

Recent Transactions with Analysis:

Please list the most recent 20 transactions for my BCB account 10000162925. Once you have the data, please: Group the transactions by calendar month and show total debits, total credits, and net flow for each month. List the five largest debit transactions (amount, date, narrative). Give me an overall summary of spending patterns and any notable spikes

Payment Status Tracking:

Show me the 20 most recent payment statuses for my BCB account 10000162925, then group them by status and show totals for each status

Pagination

For large result sets, use follow-up prompts:

get next 20 transactions

Security Considerations

Authentication Flow

  1. MCP server receives request from Claude
  2. Extracts client credentials from headers
  3. Obtains OAuth token from BCB token endpoint
  4. Forwards authenticated request to BCB API
  5. Returns response to Claude

Data Protection

  • All API communication uses HTTPS/TLS encryption
  • Client credentials are passed via secure headers
  • Authentication tokens are short-lived
  • Sensitive account data is not logged

Access Control

  • Each client has specific API permissions configured by BCB
  • Read-only credentials can be issued for query-only access
  • Transfer/payment capabilities can be disabled per client
  • IP restrictions can be applied to client credentials

Error Handling

The MCP server provides user-friendly error messages for common scenarios:

  • Authentication Failures: "Invalid credentials" or "Access denied"
  • Insufficient Permissions: "Operation not permitted for this client"
  • Invalid Account Numbers: "Account not found or not accessible"
  • API Limitations: "Request rate limit exceeded" or "Service temporarily unavailable"
  • Validation Errors: Specific field-level validation messages

Monitoring & Logging

The MCP server logs all operations for audit and troubleshooting:

  • Request Logging: All API calls with sanitized parameters
  • Performance Metrics: Response times and success rates
  • Error Tracking: Detailed error logs with context
  • Security Events: Authentication attempts and failures

Logs are structured for easy analysis and compliance reporting.

Limitations & Constraints

API Rate Limits

  • MCP client requests are subject to the same rate limits, quotas, and usage policies as the standard REST API
  • For all lists operations, number of returned records is limited to 25 records per page

Functional Limitations

  • Payment initiation limited to internal transfers
  • Historical data availability depends on account age
  • Some account types may have restricted API access

Technical Constraints

  • Configuration changes require Claude restart
  • Large transaction sets require pagination

Troubleshooting

Common Issues

MCP Server Not Loading:

  • Verify claude_desktop_config.json syntax is valid JSON
  • Check that mcp-remote is installed globally
  • Ensure network connectivity to MCP server URL
  • Restart Claude Desktop completely
  • Check the Claude Logs (if you have NVM installed this can cause issues)

Authentication Failures:

  • Verify client ID and secret are correct
  • Check that credentials haven't expired
  • Confirm IP address is whitelisted (if applicable)
  • Validate account permissions with BCB

Unexpected Responses:

  • Check account numbers are accessible to your client
  • Verify date ranges are within allowed limits
  • Ensure requested operations are permitted for your client type
  • Review BCB API documentation for parameter requirements

Support Resources

For technical issues:

  1. Check BCB API status page for service interruptions
  2. Validate configuration against this documentation
  3. Contact BCB technical support with specific error messages

Development & Testing

Test Environment

  • Development MCP server: https://bcb-openbankapi-mcp-dev-a8chdsb5bedzbtb4.eastus2-01.azurewebsites.net/sse
  • Test credentials available from BCB for development

For questions about this integration, contact BCB's support team.

piechart.png
Previous page