EPISODE · Jun 18, 2026 · 20 MIN
FINOS FDC3 & Common Cloud Controls - Rob Moffat, FINOS
from FINOS Open Source in Finance Podcast · host FINOS
Rob Moffat (Chief Architect at FINOS) maps out the intersection of workspace interoperability, open-source AI deployment, and multi-cloud security frameworks. He compares MCP (Model Context Protocol) with FDC3, tracks the rollout of the Common Cloud Controls (CCC) live validator tool, and reveals how open-source standards prevent multi-vendor lock-in at the desktop and infrastructure layers.🇬🇧 Join us in London! Dive into FDC3 Con and CCC working sessions on June 23-24, ahead of OSFF London on June 25, 2026: https://hubs.ly/Q041YV9Z0 (Use Code: 26YTOSFFLN20C)🕒 Timestamps:0:00 AI Integration Realities: MCP vs. FDC3 Context Paradigms0:41 Podcast Intro, Key Dates, and Global Showcase Streaming1:25 Shout-Out to Our Key Sponsors and Foundation Supporters2:50 The Evolution of FDC3: Moving Past the 2.0 Era into Context Sharing4:15 Why Request-Response Frameworks Fail at Complex Desktop Interop5:40 Empowering AI Agents with the FDC3 Semantic Context Matrix7:22 Introducing FDC3 Con: What to Expect at the Dedicated London Workshop8:50 Common Cloud Controls (CCC): Standardizing the Infrastructure Defense Layer10:35 The Hyperscaler Drift: Translating Security Requirements Natively12:15 Unveiling the CCC Live Validator: Testing Configurations via Code14:40 Breaking Down Multi-Vendor Lock-In from the Desktop to the Cloud16:15 Getting Involved: How to Contribute to Open Banking Workspaces18:10 Logistics and Free Pass Perks: Food, Networking, and Community Benefits📊 The Problem: Fragmented API Protocols and Multi-Cloud Configuration DriftFinancial technology stacks are heavily fractured at both ends of the architecture. On the desktop, the emergence of Model Context Protocol (MCP) handles basic request-response data queries but misses the rich, stateful orchestration layer needed to tie legacy banking applications together. Meanwhile, at the infrastructure layer, cloud security teams are forced to manually translate uniform security constraints into completely distinct vendor syntaxes, creating systemic compliance drift and massive platform team overhead.🏗️ The Solution: Unified Context Surfaces and Open Compliance ValidatorsRob Moffat details how open-source abstractions are resolving fragmentation at every level of the financial enterprise:FDC3 as the Agent Interface: Providing an operational workspace framework that allows AI agents to read, interact with, and seamlessly drive multi-application workflows natively without massive API custom coding.Common Cloud Controls Taxonomy: Building a vendor-agnostic catalog that translates core compliance mandates into predictable, repeatable infrastructure configurations.The CCC Live Validator: Rolling out code-driven validation tools that automatically check native cloud environments against the master CCC schema to detect configuration drift instantly.⚙️ Why This Matters for Financial EngineeringSecuring the Desktop Supply Chain: Ensuring that as banks add AI assistance to trade execution or client onboarding screens, those tools use pre-vetted semantic security context lines.Neutral Governance Pipelines: Bypassing proprietary SaaS cloud-security products in favor of open, community-maintained validation infrastructure that scales natively across AWS, Azure, and Google Cloud.🌐 More about FINOS: https://www.finos.org/📧 Join our newsletter: https://www.finos.org/sign-up🎙️ Listen to our Open Source in Finance Podcast: https://www.youtube.com/@FINOS/podcastsLinkedIn: https://www.linkedin.com/company/finosfoundation#FINOS #OSFFLondon #FDC3 #CommonCloudControls #MCP #CloudSecurity #Interoperability #FinTechArchitecture #MultiCloud
What this episode covers
Rob Moffat (Chief Architect at FINOS) maps out the intersection of workspace interoperability, open-source AI deployment, and multi-cloud security frameworks. He compares MCP (Model Context Protocol) with FDC3, tracks the rollout of the Common Cloud Controls (CCC) live validator tool, and reveals how open-source standards prevent multi-vendor lock-in at the desktop and infrastructure layers.🇬🇧 Join us in London! Dive into FDC3 Con and CCC working sessions on June 23-24, ahead of OSFF London on June 25, 2026: https://hubs.ly/Q041YV9Z0 (Use Code: 26YTOSFFLN20C)🕒 Timestamps:0:00 AI Integration Realities: MCP vs. FDC3 Context Paradigms0:41 Podcast Intro, Key Dates, and Global Showcase Streaming1:25 Shout-Out to Our Key Sponsors and Foundation Supporters2:50 The Evolution of FDC3: Moving Past the 2.0 Era into Context Sharing4:15 Why Request-Response Frameworks Fail at Complex Desktop Interop5:40 Empowering AI Agents with the FDC3 Semantic Context Matrix7:22 Introducing FDC3 Con: What to Expect at the Dedicated London Workshop8:50 Common Cloud Controls (CCC): Standardizing the Infrastructure Defense Layer10:35 The Hyperscaler Drift: Translating Security Requirements Natively12:15 Unveiling the CCC Live Validator: Testing Configurations via Code14:40 Breaking Down Multi-Vendor Lock-In from the Desktop to the Cloud16:15 Getting Involved: How to Contribute to Open Banking Workspaces18:10 Logistics and Free Pass Perks: Food, Networking, and Community Benefits📊 The Problem: Fragmented API Protocols and Multi-Cloud Configuration DriftFinancial technology stacks are heavily fractured at both ends of the architecture. On the desktop, the emergence of Model Context Protocol (MCP) handles basic request-response data queries but misses the rich, stateful orchestration layer needed to tie legacy banking applications together. Meanwhile, at the infrastructure layer, cloud security teams are forced to manually translate uniform security constraints into completely distinct vendor syntaxes, creating systemic compliance drift and massive platform team overhead.🏗️ The Solution: Unified Context Surfaces and Open Compliance ValidatorsRob Moffat details how open-source abstractions are resolving fragmentation at every level of the financial enterprise:FDC3 as the Agent Interface: Providing an operational workspace framework that allows AI agents to read, interact with, and seamlessly drive multi-application workflows natively without massive API custom coding.Common Cloud Controls Taxonomy: Building a vendor-agnostic catalog that translates core compliance mandates into predictable, repeatable infrastructure configurations.The CCC Live Validator: Rolling out code-driven validation tools that automatically check native cloud environments against the master CCC schema to detect configuration drift instantly.⚙️ Why This Matters for Financial EngineeringSecuring the Desktop Supply Chain: Ensuring that as banks add AI assistance to trade execution or client onboarding screens, those tools use pre-vetted semantic security context lines.Neutral Governance Pipelines: Bypassing proprietary SaaS cloud-security products in favor of open, community-maintained validation infrastructure that scales natively across AWS, Azure, and Google Cloud.🌐 More about FINOS: https://www.finos.org/📧 Join our newsletter: https://www.finos.org/sign-up🎙️ Listen to our Open Source in Finance Podcast: https://www.youtube.com/@FINOS/podcastsLinkedIn: https://www.linkedin.com/company/finosfoundation#FINOS #OSFFLondon #FDC3 #CommonCloudControls #MCP #CloudSecurity #Interoperability #FinTechArchitecture #MultiCloud
NOW PLAYING
FINOS FDC3 & Common Cloud Controls - Rob Moffat, FINOS
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Mar 19, 2026 ·34m
Feb 18, 2026 ·11m
Feb 11, 2026 ·45m