Content
# Financial Risk and Compliance Manager with A2A Protocol and MCP Server Architecture
### 🎥 Video Demo and Technical Report
Please see the [Video Demo](https://www.loom.com/share/64fce7a70ca14636b9c0a3bc42a54cc0?sid=8bcf61f1-6e76-40c0-a57d-c95a79e4593e) for a walkthrough of the system and [Technical Report](https://github.com/Pyligent/A2A-MCP-Compilance-Check/blob/main/report.md)
## 🚀 Overview
The Financial Risk and Compliance Manager with A2A Protocol and MCP Server Architecture is a modular, multi-agent system designed to automate compliance analysis for financial institutions. It leverages the Agent-to-Agent (A2A) protocol for inter-agent communication and the Model Context Protocol (MCP) server for standardized access to Generative AI tools, such as Retrieval-Augmented Generation (RAG) and Large Language Models (LLMs). The system indexes regulation documents, retrieves relevant context, and generates detailed compliance reports through a collaborative workflow involving multiple agents. This approach offers improved accuracy, efficiency, and scalability compared to traditional compliance systems.
---
## 🧩 Architecture
The system architecture consists of the following components:
- **Streamlit Frontend**: A user-friendly interface for submitting compliance queries and viewing results.
- **MCP Server**: A centralized server that provides access to Generative AI tools, such as Retrieval-Augmented Generation (RAG) using LangChain and FAISS, and Large Language Models (LLMs), using the Model Context Protocol (MCP).
- **Agents**: A set of specialized agents, including the Profile Checker, Risk Reporter, and Compliance Querier, that collaborate using the Agent-to-Agent (A2A) protocol to perform compliance analysis.
- **Regulation PDFs**: A collection of regulatory documents that serve as the knowledge base for compliance checks, indexed by the MCP Server's RAG functionality.
The following sequence diagram illustrates the chronological flow of interactions between components, highlighting the A2A communication between agents and the MCP Server's role in providing RAG services:
```mermaid
sequenceDiagram
participant UI as Streamlit Frontend
participant MCP as MCP Server (Flask)
participant Agent2 as Risk Reporter
participant Agent1 as Profile Checker
participant Agent3 as Compliance Querier
UI->>Agent2: 1. Sends query (via MCP)
Agent2->>Agent1: 2. Requests client profile (A2A)
Agent1-->>Agent2: 3. Returns profile data (A2A)
Agent2->>MCP: 4. Queries regulation context
MCP-->>Agent2: 5. Returns context
Agent2->>Agent3: 6. Sends risk report (A2A)
Agent3->>MCP: 7. Queries compliance details
MCP-->>Agent3: 8. Returns compliance response
Agent3-->>Agent2: 9. Sends final report (A2A)
Agent2-->>UI: 10. Returns result (via MCP)
```
**Notes on the Diagram**:
- **A2A Communication**: Direct Agent-to-Agent interactions (e.g., Agent 2 to Agent 1, Agent 2 to Agent 3) are shown using the A2A protocol.
- **MCP Server Role**: The MCP Server acts as a centralized hub, providing access to RAG services (using LangChain and FAISS) and LLMs. Agents interact with the MCP Server to retrieve regulation context and compliance details.
- **Integrated RAG Services**: The RAG functionality is embedded within the MCP Server, which indexes regulation documents and handles retrieval requests from agents.
---
## 📚 Regulation Data
| File | Description | Source |
|---------------------------|-------------------------------------------------------------------------------------------------|------------------------------------------------------------------------|
| **aml_bsa_manual.pdf** | FFIEC BSA/AML Examination Manual: Guidance on BSA/AML compliance, SAR filing, and due diligence for offshore transfers. | [FFIEC Website](https://bsaaml.ffiec.gov/manual) |
| **aml_31cfr.pdf** | 31 CFR Chapter X – BSA Regulations: Implementing regulations for the BSA, including SAR requirements (31 CFR 1020.320) and due diligence (31 CFR 1010.610). | [eCFR](https://www.ecfr.gov/current/title-31/subtitle-B/chapter-X) |
| **sec_iaa40.pdf** | Investment Advisers Act of 1940: Section 206 prohibits fraudulent, deceptive, or manipulative acts by advisers. | [SEC](https://www.sec.gov/about/laws/iaa40.pdf) |
| **sec_rule_206_4_1.pdf** | SEC Rule 206(4)-1: Addresses advertising by advisers, related to fiduciary duty. | [SEC](https://www.sec.gov/rules/final/2020/ia-5653.pdf) |
---
## ✨ Features
- **Multi-agent Architecture**: The system employs a modular design with specialized agents (Profile Checker, Risk Reporter, Compliance Querier) that collaborate to perform compliance analysis.
- **Retrieval-Augmented Generation (RAG)**: Integrates LangChain and FAISS for efficient ingestion and semantic search of regulation documents.
- **Interactive User Interface**: A modern, card-based Streamlit UI for easy interaction and visualization of compliance results.
- **Contextual Compliance Insights**: Provides detailed compliance reports with citations from relevant regulation documents.
- **Optional Google Cloud AI Integration**: Enhances the system with advanced AI capabilities for more sophisticated analysis.
- **Extensible Codebase**: A modular Python codebase that allows for easy customization and extension.
---
## ⚙️ Setup & Installation
1. **Clone the repository:**
```sh
git clone https://github.com/Pyligent/A2A-MCP-Compilance-Check.git
cd A2A-MCP-Compilance-Check
```
2. **Install dependencies:**
```sh
pip install -r requirements.txt
```
Or, if using Poetry or pip-tools, use `pyproject.toml`.
3. **Prepare regulation files:**
- Place your regulation PDFs in the `data/` directory.
4. **Prepare client profiles:**
- Place your client JSON files in the `client/` directory.
5. **Set environment variables (if needed):**
- For example, for OpenAI:
```sh
export OPENAI_API_KEY=your-openai-api-key
```
- You can also use a `.env` file.
6. **Start the MCP server:**
```sh
python mcp_server.py
```
7. **Start the agents (in separate terminals or as background processes):**
```sh
python agents/agent1_server.py
python agents/agent2_server.py
python agents/agent3_server.py
```
8. **Run the Streamlit UI:**
```sh
streamlit run app.py
```
9. **Access the application:**
- Open your browser and go to: [http://localhost:8501](http://localhost:8501)
---
**Summary Table for Manual Startup:**
| Component | Command | Default Port |
|-------------------------|-----------------------------------------|--------------|
| MCP Server | `python mcp_server.py` | 5000 |
| Agent 1 (Profile) | `python agents/agent1_server.py` | 5001 |
| Agent 2 (Risk) | `python agents/agent2_server.py` | 5002 |
| Agent 3 (Compliance) | `python agents/agent3_server.py` | 5003 |
| Streamlit UI | `streamlit run app.py` | 8501 |
---
## 🛠️ Configuration
- **Client profiles:** Place JSON files in the `client/` directory.
- **Regulation Data:** Place in `data/`.
- **RAG settings:** Configure chunk size, overlap, and vector DB in the UI sidebar.
- **Environment variables:** Use a `.env` file for API keys (e.g., OpenAI, Google Cloud).
---
## 🤝 Contributing
Pull requests and issues are welcome! Please open an issue to discuss major changes.
---
## 📄 License
MIT License. See [LICENSE](LICENSE) for details.
---
---
