Snowflake expands its AI footprint with two moves aimed at the financial sector’s punishingly firm risk and compliance bar: a Model Context Protocol server to plug governed data into agent workflows; a niche suite in Cortex AI targeting bank-grade use cases stretching from underwriting through fraud analytics.
The approach is designed to tackle a difficult problem in finance AI—how to let large language models and agents reason against sensitive, high-value data sets without losing control over where data goes, who touches it, and how it’s used. By centralizing computation near the data, and standardizing on how outside agents connect, Snowflake is positioning its platform as both the vault and the workbench.
The Consequences for Finance of Supporting MCP
Anthropic introduced the Model Context Protocol, which allows models and agents to easily connect with remote servers to access data and tools. External AI agents are securely connected to governed tables, documents, and third-party data in the Snowflake Data Marketplace via Cortex Knowledge Extensions, and policies are enforced as they perform their tasks.
In practice, that means:
- A portfolio research agent that combines earnings calls, market feeds, and internal analyst notes.
- An assistant for lenders summarizing risk from property data, customer conversations, and loan files.
- An insurance bot triaging claims with structured policies and unstructured adjuster reports.
Snowflake says that Anthropic, OpenAI, Mistral AI, Salesforce’s Agentforce, Workday, and developer tools like Cursor can combine their own software services via the MCP model.
What is Inside Cortex AI for Financial Services
Built on Cortex AI, the finance-oriented suite includes features intended to operationalize agentic workflows while maintaining governance. Key components include:
- Cortex AISQL, which allows analysts to bound model behavior with SQL-driven prompts and constraints.
- Cortex Agents, which orchestrate multi-step tasks across structured and unstructured data.
- A Data Science Agent for automating data prep, feature engineering, and model validation against risk and fraud scenarios.
The Snowflake Intelligence and Openflow processes complete the pipeline by transferring signals—like call center transcriptions, PDF disclosures, or trade logs—into formats they can use while also slapping lineage and access controls on them. For instance, a research organization can auto-transcribe earnings call transcripts, scrape guidance and sentiment into tables, and run queries with fundamentals alongside market data instantly without having to export files out of the platform.
It wants to reduce time-to-value with popular finance workflows, such as:
- Claims management
- Credit underwriting
- KYC and onboarding
- Surveillance and compliance reviews
- Quantitative research
By combining data and models where they already reside, companies can pilot agents, use case by use case, without having to undertake the dangerous rewrite of an entire platform.
Guardrails, privacy, and compliance for financial AI
Financial firms are as interested in what AI can’t do as what it can. Snowflake’s architecture keeps sensitive data within governed boundaries, providing row- and column-level security as well as the application of data classification tags and role-based permissions when agents run. Observability and audit trails enable teams to document prompts, outputs, and tool calls — a necessity for model risk management and exam readiness.
This is in line with guidance on model risk, such as SR 11-7 and OCC 2011-12 in the US, and European banking expectations for data lineage, monitoring, and explainability. By controlling flows and standardizing connection patterns with MCP, firms can also address leakage concerns and decrease the sprawl of unmanaged connectors and shadow pipelines — which regulators and internal audit increasingly flag for attention.
Why It Matters in the Race to Be an AI Platform
A lot of banks are finding it difficult to translate AI pilots into enduring ROI. A new analysis by researchers from MIT found the vast majority of companies are seeking tangible returns, and identified trust, skills gaps, and governance as the main frictions. The introduction of MCP and in-database agents helps reduce this friction by standardizing access and reducing the integration surface area, thereby answering who owns what quite clearly.
The potential upside is huge: McKinsey calculates that AI could deliver hundreds of billions in annual value to banking through greater productivity, reduced risk, and revenue lift. However, the winners will be those who ship safely — composing agents rapidly from modular services but without making a mess of their data and/or falling afoul of compliance. Snowflake’s gamble is that a secure, model-agnostic layer will be attractive to companies looking for best-of-breed models while trying to avoid lock-in to one platform or another.
Availability and the Near-Term Ecosystem Outlook
Cortex AI for Financial Services is now generally available, and customers can begin building governed agent workflows right now. The Snowflake MCP Server is publicly available in preview, providing a gateway for remote agents from partners such as Anthropic and others to work with enterprise data under existing policies.
For CIOs and chief risk officers, the strategy suggests a commonsense middle course: centralize sensitive data sets in one control plane; bring best-in-class models and tools to them through a common protocol; pursue measurable, regulator-ready outcomes as opposed to headline demos. If that formula plays out, finance AI might at long last begin to graduate from the proof-of-concept phase to actual production at scale.
