Give your AI assistant secure, read-only access to your bank accounts. MCP server supporting Plaid, Teller, Enable Banking, and Tink.
🏦 bank-mcp
Give your AI assistant secure, read-only access to your bank accounts.
Most people manage their finances by logging into bank portals, downloading CSVs, and building spreadsheets. bank-mcp eliminates that friction by letting your AI assistant query your bank accounts directly — balances, transactions, spending breakdowns — through natural conversation. It connects to real bank APIs via the Model Context Protocol so any MCP-compatible client (Claude Code, Claude Desktop, and others) can understand your finances.
- 5 providers, 15,000+ institutions — US and European banks covered
- Read-only by design — no write access, no transfers, no modifications
- Works with any MCP client — Claude Code, Claude Desktop, Cursor, and more
- Pluggable architecture — add your own provider in under 100 lines
Table of Contents
- Supported Providers
- Quick Start
- Client Setup
- Available Tools
- Screenshots
- Architecture
- Provider Setup Guides
- Caching
- Multiple Connections
- Security
- Adding a New Provider
- Troubleshooting
- Development
- Contributing
- License
Supported Providers
| Provider | Region | Institutions | Auth Method | Setup Difficulty | |----------|--------|-------------|-------------|-----------------| | Enable Banking | Europe | 2,000+ | RSA key + session | Medium | | Teller | US | 7,000+ | mTLS certificate | Medium | | Plaid | US / CA / EU | 12,000+ | Client ID + secret | Easy | | Tink | Europe | 3,400+ | OAuth2 token | Easy | | Mock | Demo | — | None | Instant |
US Banks
Supported through Plaid and Teller — covering the top 20 US institutions and thousands more:
JPMorgan Chase · Bank of America · Wells Fargo · Citibank · Capital One · U.S. Bank · PNC · Truist · Goldman Sachs · TD Bank · Citizens · Fifth Third · M&T Bank · Huntington · KeyBank · Ally · Regions · BMO · American Express · USAA
European Banks
Supported through Enable Banking and Tink — covering major banks across the EU and UK:
HSBC · BNP Paribas · Deutsche Bank · ING · Crédit Agricole · Santander · Société Générale · UniCredit · Intesa Sanpaolo · Barclays · Lloyds · BBVA · CaixaBank · Commerzbank · Rabobank · ABN AMRO · Swedbank · Handelsbanken · Nordea · PKO Bank Polski
Quick Start
1. Configure a bank connection
npx @bank-mcp/server init # Credential-based setup (all providers)
npx @bank-mcp/server connect # Browser-based OAuth (Enable Banking, Tink)
init walks you through entering credentials manually. connect automates the browser-based OAuth flow — it opens your bank's login page, handles the callback, and saves the session automatically.
2. Add to your MCP client
Add bank-mcp to your AI tool's MCP configuration. Here's the most common setup:
Claude Code (.mcp.json in your project root or ~/.claude/.mcp.json globally):
{
"mcpServers": {
"bank": {
"command": "npx",
"args": ["@bank-mcp/server"]
}
}
}
Using a different tool? See Client Setup for Claude Desktop, Cursor, VS Code, Windsurf, Codex CLI, Gemini CLI, and Zed.
3. Try it
Ask your AI assistant about your finances in natural language:
"What's my checking account balance?"
"Show my spending by category this month"
"Find all Amazon purchases over $50"
"Compare my spending this month vs last month"
Demo Mode
Don't have bank credentials yet? Start with realistic fake data:
npx @bank-mcp/server --mock
This launches with a mock provider that generates deterministic sample accounts and transactions — perfect for testing your setup or building on top of bank-mcp before connecting real accounts.
Client Setup
bank-mcp works with any MCP-compatible client. Pick your tool below.
Claude Code
Add to .mcp.json in your project root (or ~/.claude/.mcp.json for all projects):
{
"mcpServers": {
"bank": {
"command": "npx",
"args": ["@bank-mcp/server"]
}
}
}
Or add via the CLI:
claude mcp add bank -- npx @bank-mcp/server
Claude Desktop
Add to your claude_desktop_config.json:
{
"mcpServers": {
"bank": {
"command": "npx",
"args": ["@bank-mcp/server"]
}
}
}
Config file location:
- macOS:
~/Library/Application Support/Claude/claude_desktop_config.json - Windows:
%APPDATA%\Claude\claude_desktop_config.json
Cursor
Add to .cursor/mcp.json in your project root (or ~/.cursor/mcp.json globally):
{
"mcpServers": {
"bank": {
"command": "npx",
"args": ["@bank-mcp/server"]
}
}
}
VS Code (Copilot)
Add to .vscode/mcp.json in your workspace:
{
"servers": {
"bank": {
"type": "stdio",
"command": "npx",
"args": ["@bank-mcp/server"]
}
}
}
Windsurf
Add to ~/.codeium/windsurf/mcp_config.json:
{
"mcpServers": {
"bank": {
"command": "npx",
"args": ["@bank-mcp/server"]
}
}
}
OpenAI Codex CLI
Add to ~/.codex/config.toml (or .codex/config.toml in your project):
[mcp_servers.bank]
command = "npx"
args = ["@bank-mcp/server"]
Or add via the CLI:
codex mcp add bank -- npx @bank-mcp/server
Gemini CLI
Add to ~/.gemini/settings.json (or .gemini/settings.json in your project):
{
"mcpServers": {
"bank": {
"command": "npx",
"args": ["@bank-mcp/server"]
}
}
}
Zed
Add to your Zed settings.json:
{
"context_servers": {
"bank": {
"command": {
"path": "npx",
"args": ["@bank-mcp/server"]
}
}
}
}
Don't see your tool? bank-mcp uses standard MCP stdio transport. Any client that supports MCP stdio servers can connect using
npx @bank-mcp/serveras the command.
Available Tools
| Tool | Description | Key Parameters |
|------|-------------|----------------|
| list_accounts | List all bank accounts across connections | connectionId? |
| list_transactions | Fetch transactions with filtering | accountId, from?, to?, minAmount?, maxAmount? |
| search_transactions | Full-text search on descriptions and merchants | query, accountId?, from?, to? |
| get_balance | Current and available balances | accountId, connectionId? |
| spending_summary | Expenses grouped by merchant or category | accountId, from?, to?, groupBy? |
Screenshots
All examples below use Claude Code with the mock provider (npx @bank-mcp/server --mock).
Listing accounts — "List my bank accounts"

Checking balances — "What's my current balance?"

Transaction history — "Show my transactions from the last 15 days"

Searching transactions — "Find all Starbucks purchases in last 2 weeks"

Spending by category — "Show my spending by category this month"

More examples (merchant analysis, subscriptions, grocery comparison, financial overview)
Top merchants — "Which merchants am I spending the most at?"

Subscription tracking — "Show my recurring subscriptions"

Grocery comparison — "Compare Trader Joe's vs Whole Foods spending"

Full financial picture — "Give me my full February financial picture"

Architecture
File Structure
~/.bank-mcp/
config.json # Connections & credentials (permissions: 600)
keys/ # RSA keys and certificates
src/
providers/
base.ts # Abstract BankProvider class
registry.ts # Provider registration
enable-banking/ # PSD2 via Enable Banking API
teller/ # US banks via mTLS
plaid/ # US/CA/EU via Plaid API
tink/ # EU Open Banking via Tink API
mock/ # Deterministic fake data
tools/ # MCP tool implementations
utils/
cache.ts # In-memory TTL cache
http.ts # Fetch with timeout + retry
Provider Interface
Every provider extends the same abstract class, making it straightforward to add new integrations:
abstract class BankProvider {
abstract listAccounts(config): Promise<BankAccount[]>;
abstract listTransactions(config, accountId, filter?): Promise<Transaction[]>;
abstract getBalance(config, accountId): Promise<Balance[]>;
abstract getConfigSchema(): ConfigField[];
}
Provider Setup Guides
Enable Banking (PSD2)
What you need:
- [ ] An Enable Banking account with a registered app
- [ ] Your RSA private key (
.pemfile) - [ ] An active session ID from the OAuth consent flow
npx @bank-mcp/server init
# Select: Enable Banking (PSD2)
# Enter: App ID, key path, session ID
Tip: Sessions expire after 90 days (PSD2 regulation). You'll need to re-authenticate through the consent flow periodically. The server logs a clear message when a session expires.
Teller (US Banks)
What you need:
- [ ] A Teller developer account
- [ ] Your client certificate and private key (
.zipdownload from the Teller dashboard) - [ ] An access token from a Teller Connect enrollment
# Extract your certificate
mkdir -p ~/.bank-mcp/keys/teller
unzip ~/Downloads/teller.zip -d ~/.bank-mcp/keys/teller/
chmod 600 ~/.bank-mcp/keys/teller/*.pem
# Run setup
npx @bank-mcp/server init
# Select: Teller (US Banks)
# Enter: certificate path, key path, access token
Tip: Teller uses mutual TLS (mTLS) — your app authenticates at the TLS layer via client certificate, then individual enrollments authenticate via access token. Free tier supports up to 100 live connections.
Plaid (US/CA/EU)
What you need:
- [ ] A Plaid developer account (free signup)
- [ ] Your Client ID and Secret (from the Plaid dashboard)
- [ ] An access token from a Plaid Link enrollment
npx @bank-mcp/server init
# Select: Plaid (US/CA/EU)
# Enter: client ID, secret, access token, environment
Tip: Start with the
sandboxenvironment (fake data, instant setup). Plaid provides the richest transaction categorization — 104 sub-categories with confidence scores — which makes it ideal for LLM-driven spending analysis.
Tink (EU Open Banking)
What you need:
- [ ] A Tink developer account (free for testing)
- [ ] An OAuth2 access token (from the Tink Console or your OAuth2 flow)
npx @bank-mcp/server init
# Select: Tink (EU Open Banking)
# Enter: access token
Tip: Tink covers 3,400+ banks across Europe. Transactions include PFM (Personal Finance Management) categories with merchant enrichment, and amounts use fixed-point decimals — no floating-point rounding surprises.
Caching
All data is cached in-memory (no disk persistence — cache dies with the process):
| Data | TTL | Why | |------|-----|-----| | Account list | 1 hour | Accounts rarely change; minimizes API calls | | Transactions | 15 minutes | Balances new transactions vs freshness | | Balances | 5 minutes | Most time-sensitive; users expect current data |
Cache is per-connection and per-account. Restarting the server clears all caches.
Multiple Connections
Configure as many bank connections as you need — even across different providers:
{
"connections": [
{ "id": "ing-main", "provider": "enable-banking", "..." : "..." },
{ "id": "chase-checking", "provider": "plaid", "..." : "..." },
{ "id": "revolut", "provider": "tink", "..." : "..." }
]
}
All tools accept an optional connectionId parameter to target a specific connection. When omitted, every connection is queried and results are merged — so "show all my balances" works across banks automatically.
Security
Design Principles
bank-mcp handles sensitive financial credentials. Its security posture is built on minimizing attack surface:
- Read-only by design — the
BankProviderinterface exposes only read methods (listAccounts,listTransactions,getBalance). There are no write methods — no transfers, no account modifications, no payment initiation. This is enforced at the type level, not by convention. - No network listener — bank-mcp runs as a stdio process (stdin/stdout), not an HTTP server. There is no open port, no attack surface from the network.
- Minimal dependencies — only 3 runtime dependencies (
@modelcontextprotocol/sdk,jsonwebtoken,zod). Fewer dependencies means fewer supply chain risks. - Open source — every line is auditable. No obfuscated code, no compiled blobs, no telemetry.
Credential Storage
- Config file at
~/.bank-mcp/config.jsonis created with600permissions (owner read/write only) - RSA keys and certificates are stored in
~/.bank-mcp/keys/with the same restrictive permissions - Credentials are never logged — the server sanitizes config objects before any debug output
- No credential caching beyond the process lifetime — when the server stops, credentials exist only on disk
Data Flow
Your Bank's API ← HTTPS → bank-mcp (local process) ← stdio → MCP Client (local)
- Transaction data flows directly from your bank's API to your local MCP client
- Nothing is stored remotely — no cloud relay, no proxy server, no intermediate storage
- No telemetry — zero analytics, no crash reports, no usage tracking, no phone-home
- In-memory cache is per-process and dies when the server stops
What Your MCP Client Sees
The MCP client (Claude, Cursor, etc.) receives structured tool results containing:
- Account names, types, and balances
- Transaction descriptions, amounts, dates, and categories
- Spending summaries
The LLM processes this in its context window. Be aware that cloud-hosted LLMs send your conversation (including tool results) to their servers. If this is a concern, use a local model or review your provider's data retention policy.
Recommendations
- Rotate tokens — if your banking provider supports token rotation, enable it
- Use sandbox first — test your setup with mock data or Plaid sandbox before connecting live accounts
- Review permissions — ensure
~/.bank-mcp/is not world-readable (ls -la ~/.bank-mcp/) - Scope access — if your provider supports it, request the minimum scopes needed (read-only account and transaction access)
Reporting Vulnerabilities
If you discover a security issue, please email the maintainer directly rather than opening a public issue. See CONTRIBUTING.md for contact details.
Adding a New Provider
The pluggable architecture makes it straightforward to add support for additional banking APIs:
- Create your provider at
src/providers/your-provider/index.ts - Extend
BankProvider— implementlistAccounts,listTransactions,getBalance, andgetConfigSchema - Register it in
src/providers/registry.ts - Add config fields for the init wizard (the schema drives the interactive prompts automatically)
See src/providers/enable-banking/ as a reference implementation. The mock provider at src/providers/mock/ is also useful for understanding the expected data shapes.
Troubleshooting
npx is running an old version
npx caches packages. Force the latest:
npx @bank-mcp/server@latest
"Permission denied" reading config
The config file should be readable by your user:
ls -la ~/.bank-mcp/config.json
# Should show: -rw------- (600)
# Fix: chmod 600 ~/.bank-mcp/config.json
"Session expired" (Enable Banking)
PSD2 sessions expire after 90 days. Re-run the init wizard:
npx @bank-mcp/server init
# Select your existing Enable Banking connection to update the session
Tools not showing up in your MCP client
- Verify the server starts:
npx @bank-mcp/server --mock(should output MCP protocol on stdout) - Check your config file path matches your client's expected location
- Restart your MCP client after adding the config
- Check your client's MCP logs for connection errors
"ETLS" or certificate errors (Teller)
Teller requires mTLS. Verify your certificate files:
ls -la ~/.bank-mcp/keys/teller/
# Should contain: certificate.pem, private_key.pem
# Both should be chmod 600
Development
git clone https://github.com/elcukro/bank-mcp.git
cd bank-mcp
npm install
npm test # Run tests (vitest)
npm run build # Compile TypeScript
npm run dev # Watch mode (recompile on change)
npm run lint # ESLint
Contributing
Contributions are welcome! Please see CONTRIBUTING.md for guidelines.
If you're adding a new provider, open an issue first to discuss the approach — we want to make sure the integration fits the project's architecture.
License
MIT — use it however you want.
Built for the Model Context Protocol ecosystem