The Model Context Protocol (MCP) is an open standard that lets AI assistants connect to external systems through one common interface. For a research desk, MCP means any approved AI client can read the firm's research record, query the collective view, and draft proposals, while the record's own rules decide what every caller is allowed to do.

Key takeaways
  • MCP is an open protocol, originally introduced by Anthropic, now supported across major AI clients.
  • It replaces one-off integrations: expose a system over MCP once and every MCP client can use it.
  • For research desks, the payoff is bring-your-own-AI without bring-your-own-rules.
  • Governance must live server-side; MCP carries the identity, the database enforces the rights.
  • A governed record plus MCP lets AI work inside the research process instead of beside it.

What is the Model Context Protocol?

MCP standardizes how an AI assistant talks to the systems around it. An MCP server exposes two things: resources, which are content the assistant can read, and tools, which are actions it can invoke. The assistant discovers both in a standard form, so connecting a new system requires no custom integration on the AI side. The desk's assistant gets the firm's systems the way a browser gets websites: through one protocol, whoever built the other end.

Why does MCP matter for a research desk?

Three reasons. First, it ends the integration tax: the firm exposes its research record once and every current and future MCP client can work with it. Second, it removes vendor lock-in on the AI side, because the assistant is replaceable while the record stays. Third, and least appreciated, it moves the governance question to the right place. When every AI client goes through the same server, the server is where the rules can actually be enforced.

What can an analyst do over MCP?

With a governed record like Alphasyn on the other end, an analyst working in their AI client can ask the firm's collective brain a question and get an answer grounded in the firm's own research, pull the full record for one company as markdown, and draft an update to a view with the evidence attached. The proposal lands in the same approval queue as everything else, waiting for the lead analyst. The full tool surface is described on the platform page.

How does MCP access stay governed?

Not by the protocol, and not by prompts. MCP carries the caller's identity to the server; what that identity may do is enforced underneath, in the database. In Alphasyn's design, row-level security ties every read and write to the caller's tenant and role: a reader cannot propose, a contributor cannot accept their own proposal, a rival firm's query returns zero rows. The same matrix applies whether the caller is a web console, a scheduled agent, or an AI assistant over MCP. That is the property that makes bring-your-own-AI safe: the rules do not travel with the client, so they cannot be left behind by one. The broader model is covered in What is a governed research record?

Frequently asked questions

Does MCP lock a firm into one AI vendor?

No, the opposite. MCP is an open standard supported by multiple AI clients. A firm that exposes its research systems over MCP can switch or mix AI assistants without rebuilding the integration.

What is the difference between MCP and a normal API?

An API is built for developers to integrate against in code. MCP is built for AI assistants to discover and use directly: the server describes its tools and resources in a standard form, and any MCP client can use them without custom integration work.

Can an AI assistant change the research record over MCP?

It can propose changes, with evidence attached, if the connected identity has coverage rights. It cannot accept a proposal into the live view. In a governed record, acceptance is reserved for the accountable lead analyst regardless of which client is connected.

Is MCP access secure enough for a regulated firm?

Security depends on the server, not the protocol. In Alphasyn's design, permissions, tenant isolation, and role separation are enforced in the database with row-level security, so every MCP call runs under the caller's identity and the same rules as every other client.