BFSI & FinTech autokiSawariSubmitted July 18, 2026

Typus MCP: The Enterprise Compliance Gateway for Agentic Banking

An MCP app on the Model Context Protocol built by autokiSawari at the Amrita University Amritapuri campus NitroStack × MCP To The Moon hackathon and deployed on NitroStack.

About this project

FinGate MCP: Enterprise Compliance Gateway With EU AI Act enforcement looming, financial institutions face an infrastructure crisis. Standard MCP servers act as unmonitored open pipes between AI and banking APIs, lacking the human oversight mandated for High-Risk Systems. FinGate MCP is a proxy layer between orchestration clients and downstream tools, enforcing strict structural validation, security, and human mediation. What It Does & Who It Is For It transforms AI ecosystems into compliant architectures by intercepting high-risk operations, forcing explicit authorization, and logging actions. Built for BFSI Compliance Officers ensuring regulatory adherence, Security Engineers blocking prompt injections, and AI developers deploying workflows. Four Security Pillars 🛡️ HITL Mediation: High-risk operations (e.g., $10K transfers) trigger an interception gate. The system suspends execution and routes an approval prompt via /api/mediate before edge-native rehydration. 🧠 Threshold Tuning: Using Bayesian Optimization, FinGate dynamically tunes risk thresholds based on historical approval patterns, reducing false positives while keeping strict 95th-percentile safety limits. 🔒 Cryptographic Verification: To block Man-in-the-Middle exploits, FinGate uses SHA-256 intent hashing. Human-approved parameters are cryptographically mapped directly to the backend payload. 📜 Audit Logging: Every intervention and user action is immutably logged via a SQLite Prisma model (MediationLog) for non-repudiable regulatory compliance. Domain-Driven Architecture Host App (Next.js): Handles stream routing (src/). Domains: agent/ (AI logic), security/ (HITL/Bayesian engine), infrastructure/ (Prisma bounds), and interfaces/ (TS definitions). MCP Server (NitroStack): The secured endpoint (mcp-server/) containing banking tools and strict Zod validations. Run bun run scripts/pentest.ts to test adversarial payloads and cryptographically prove intercept compliance.

BFSI & FinTech track

Build AI solutions for banking, payments, insurance, fraud detection, lending, and financial inclusion.

Team autokiSawari

  • Piyush GuptaLead

  • Karthik Sharan P

  • Mandala Hema sai

  • Abhilash TR

Frequently asked questions

What does Typus MCP: The Enterprise Compliance Gateway for Agentic Banking do?
FinGate MCP: Enterprise Compliance Gateway With EU AI Act enforcement looming, financial institutions face an infrastructure crisis. Standard MCP servers act as unmonitored open pipes between AI and banking APIs, lacking the human oversight mandated for High-Risk Systems. FinGate MCP is a proxy layer between orchestration clients and downstream tools, enforcing strict structural validation, security, and human mediation. What It Does & Who It Is For It transforms AI ecosystems into compliant architectures by intercepting high-risk operations, forcing explicit authorization, and logging actions. Built for BFSI Compliance Officers ensuring regulatory adherence, Security Engineers blocking prompt injections, and AI developers deploying workflows. Four Security Pillars 🛡️ HITL Mediation: High-risk operations (e.g., $10K transfers) trigger an interception gate. The system suspends execution and routes an approval prompt via /api/mediate before edge-native rehydration. 🧠 Threshold Tuning: Using Bayesian Optimization, FinGate dynamically tunes risk thresholds based on historical approval patterns, reducing false positives while keeping strict 95th-percentile safety limits. 🔒 Cryptographic Verification: To block Man-in-the-Middle exploits, FinGate uses SHA-256 intent hashing. Human-approved parameters are cryptographically mapped directly to the backend payload. 📜 Audit Logging: Every intervention and user action is immutably logged via a SQLite Prisma model (MediationLog) for non-repudiable regulatory compliance. Domain-Driven Architecture Host App (Next.js): Handles stream routing (src/). Domains: agent/ (AI logic), security/ (HITL/Bayesian engine), infrastructure/ (Prisma bounds), and interfaces/ (TS definitions). MCP Server (NitroStack): The secured endpoint (mcp-server/) containing banking tools and strict Zod validations. Run bun run scripts/pentest.ts to test adversarial payloads and cryptographically prove intercept compliance.
Who built Typus MCP: The Enterprise Compliance Gateway for Agentic Banking?
Typus MCP: The Enterprise Compliance Gateway for Agentic Banking was built by team autokiSawari at the Amrita University Amritapuri campus NitroStack × MCP To The Moon hackathon, in the BFSI & FinTech track.
What is an MCP app and how is it built?
An MCP app is an application built on the Model Context Protocol — an open standard that lets AI agents connect to tools, data, and APIs. This project exposes MCP tools and resources that agentic AI systems can call. It was built and deployed on NitroStack, the full-stack platform for shipping MCP apps and servers.