At QCon London 2026, Jim Gough and Andreea Niculcea from Morgan Stanley showed what happens when a large financial institution tries to get its API estate ready for AI agents. The pair have spent five years building Morgan Stanley's API program, and over the last year, they've had to rethink significant parts of it. The catalyst was the Model Context Protocol (MCP), which has gone from obscurity to industry standard in roughly eighteen months, fundamentally changing who, or what, is consuming your APIs.
Gough, a Distinguished Engineer and the architect behind Morgan Stanley's API program, opened by noting a shift on the business side. Nobody ever got excited about an OpenAPI spec, he said. But MCP specs? People are jumping up and down. The demand is straightforward: business users want to talk to their data in natural language, trades, risk, and portfolio positions, and have an agent figure out how to fetch the answers.
But Gough was quick to flag where the simplicity breaks down. A handful of tools is easy. Scaling to dozens creates disambiguation problems, overlapping descriptions that confuse agents into retries and waste tokens. Even in the demo, Claude went through multiple naming variations before finding the right symbol prefix for a simple Vodafone trade lookup. That chattiness drives up cost fast, and it's pushing the industry toward specialized MCP gateways that need business context, a shift from the "dumb pipes" philosophy that has served API gateways well.
The real substance was how Morgan Stanley uses CALM, the Common Architecture Language Model, an open-source project under FINOS, to manage all of this at scale. CALM lets teams define architectures as code: a JSON schema describing the intended state of a system. Patterns act as organizational templates. Developers grab one, fill in their configuration, and the platform generates everything needed for deployment from that single source of truth.
Niculcea, who leads the self-service capability team, ran through live demos showing this pipeline in action. She deployed both a REST API and an MCP server from CALM patterns, then layered on a compliance guardrail, a denied-symbols list that blocked queries for specific financial instruments. The control was defined in a CALM configuration, wired into the architecture, and enforced on deployment. When Claude tried to query the restricted symbol again, it got a hard rejection.
She then demonstrated deployment gates: build-time validation that catches incomplete architectures before anything reaches production. Missing image versions and missing security controls on relationships: the CALM CLI flags all of it using structural validation with Spectral rulesets. Niculcea was direct about the impact: Morgan Stanley's first API took roughly two years to reach production. With CALM and automated security approvals, that's down to one or two weeks.
The second half covered platform evolution. Niculcea described how her team handles operational rollouts, patching, resource updates, and security rotations across more than a hundred deployments without individual teams lifting a finger. CALM Hub, an open-source visualization tool, provides the golden source of what's deployed where. The platform team writes a new bundle, runs it through the same gates, and rolls it out centrally. She's completed zero-downtime infrastructure upgrades across the full production estate since the start of this year.
Gough closed with a demo of Google's Agent-to-Agent protocol running alongside MCP, a portfolio rebalancer that discovered trading agents by skill and booked trades autonomously. His point wasn't that A2A will replace MCP, but that the adapter layer will keep shifting. APIs remain the stable contract underneath. If your controls and pipelines are codified, you can swap the interaction layer without rebuilding everything.
Asked by an audience member how this approach has changed the culture among developers and architects, Gough openly acknowledged the trade-off. Developers do lose some flexibility when the platform encodes opinions about security and deployment. But they gain a working production baseline from day one that already passes every gate. The patterns can also bootstrap entire projects, pulling in frameworks like Spring Initializr or Quarkus Start, preconfigured with the right defaults, so teams can start from something already running in production rather than a blank slate.
Most developers prefer that deal, Gough said. You give up some freedom in how you wire things together, but you skip months of hoop-jumping and get straight to business logic. And for control teams, having visibility into what's actually deployed rather than what a six-month-old architecture diagram says turns out to be just as valuable.