Banking MCP Server

Banking MCP Server

Demo MCP server for a banking use case that returns raw PII payloads to demonstrate external PII guardrails with OpenShift AI/NeMo Guardrails.

Category
Visit Server

README

Banking MCP Server for External OpenShift AI PII Guardrails Demo

Demo-ready MCP server for a banking use case on OpenShift.

This version does not include NeMo Guardrails inside the MCP server. The MCP server intentionally returns raw demo banking payloads so you can show how OpenShift AI / NeMo Guardrails protects MCP tool outputs externally.

Demo message

MCP gives the LLM controlled access to banking tools.
The MCP server may return sensitive banking data.
OpenShift AI / NeMo Guardrails protects the final response by masking or blocking PII outside the MCP server.

Architecture

MCP Client / LLM Playground
        |
        | Authorization: Bearer <MCP_API_KEY>
        v
OpenShift Route
        |
        v
Banking MCP Server /mcp
        |
        | Raw demo banking tool output
        v
OpenShift AI / NeMo Guardrails
        |
        | Mask / block PII
        v
Safe final response to user

Banking MCP tools

Tool Purpose PII behavior
get_customer_profile Returns demo customer profile Raw demo PII returned
get_account_overview Returns demo account details Raw IBAN/card-like values returned
get_recent_transactions Returns recent transactions Raw transaction data returned
transfer_risk_preview Returns transfer risk preview Raw input IBAN/memo returned
pii_demo_payload Compact payload with several PII types Designed for guardrails validation

Demo records

Try:

CUST-1001
ACC-2001

Example MCP-enabled playground prompt:

Use the banking MCP server to get customer profile CUST-1001. Show me the response safely without exposing PII.

Example PII guardrails validation prompt:

Use the banking MCP tool pii_demo_payload, then explain which fields should be masked by OpenShift AI Guardrails.

Expected raw MCP tool payload before external guardrails:

{
  "security_note": {
    "pii_protection_location": "external_openShift_ai_guardrails",
    "mcp_server_behavior": "returns_raw_demo_banking_payload"
  },
  "data": {
    "customer_name": "Mariam Hassan Ali",
    "email": "mariam.hassan@examplebank.demo",
    "phone": "+20 100 555 7812",
    "national_id": "29801011234567",
    "iban": "EG380019000500000000263180002",
    "payment_card": "4242 4242 4242 4242",
    "address": "17 Nile Street, Dokki, Giza"
  }
}

Expected final answer after your external guardrails policy:

The customer profile was retrieved successfully. Sensitive fields such as email, phone number, national ID, IBAN, card number, and address were protected by OpenShift AI Guardrails.

Local run

python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt

export MCP_API_KEY=demo-secret
uvicorn app.server:app --host 0.0.0.0 --port 8000

Health check:

curl http://localhost:8000/healthz

MCP endpoint:

http://localhost:8000/mcp

Required header:

Authorization: Bearer demo-secret

Build and deploy on OpenShift

oc new-project banking-mcp-demo

podman build -t quay.io/YOUR_ORG/banking-mcp-external-guardrails:latest .
podman push quay.io/YOUR_ORG/banking-mcp-external-guardrails:latest

# Update openshift/02-deployment.yaml with your image.
oc apply -f openshift/01-secret.yaml
oc apply -f openshift/02-deployment.yaml
oc apply -f openshift/03-service-route.yaml
oc apply -f openshift/04-networkpolicy.yaml

oc get route banking-mcp-pii

Suggested OpenShift AI Guardrails demo flow

  1. Deploy this MCP server.
  2. Register the /mcp endpoint in your MCP-enabled playground/client.
  3. Configure OpenShift AI / NeMo Guardrails to detect and mask PII in tool outputs and final responses.
  4. Call pii_demo_payload first to prove that the MCP server returns sensitive demo data.
  5. Show that the final answer masks or blocks the sensitive values.

Suggested PII entities to protect:

  • Email address
  • Phone number
  • National ID
  • IBAN
  • Payment card number
  • Postal address
  • Person name, depending on your policy

Security note

This is a demo project. Do not use real customer data. The included values are fake demo values created to test guardrail behavior.

For production banking environments, add:

  • OIDC or mTLS instead of a static demo token
  • Per-user authorization before returning customer/account data
  • Audit logs for every MCP tool call
  • OpenTelemetry tracing
  • OpenShift AI / NeMo Guardrails policies for input, output, retrieval, tool response, and final-answer controls
  • Blocking policies for highly sensitive fields such as full national IDs and full card numbers

Files

app/server.py                         MCP server and banking tools
app/data.py                           Fake banking demo data
openshift/01-secret.yaml              Demo bearer token secret
openshift/02-deployment.yaml          OpenShift deployment
openshift/03-service-route.yaml       Service and Route
openshift/04-networkpolicy.yaml       Basic ingress policy
scripts/test_mcp_initialize.sh        Basic MCP initialize request

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured