Mikhail Hamilton sits down with qa aaaa, a builder with hands-on time taking AI from “helper” to “operator” in payments. The conversation explores how Omise MCP lets AI agents plug into more than 60 payment tools across five markets, why Model Context Protocol underpins secure two-way control, and how orchestration moves beyond APIs to real-time, rules-aware execution. We touch on reliability, guardrails, and the gritty parts of refunds, routing, and reconciliation. It’s a grounded tour from day-0 setup to month-end close, anchored in the shift from passive fintech to intelligent financial orchestration.
You launched Omise MCP to let AI agents tap more than 60 Omise payment tools. What real tasks did early users automate first, what metrics (success rates, time saved, error cuts) surprised you, and can you walk us step-by-step through one production workflow?
Early adopters started with the obvious: acceptance and refunds, then reconciliation and supplier payouts. They also leaned on subscriptions and monitoring because those combine speed with control. A typical flow: an agent accepts a card or bank payment, confirms status, logs metadata, and schedules a follow-up transfer. Then it issues a refund with a single command, posts the entry for reconciliation, and closes the loop without a custom API build.
You operate in Thailand, Singapore, Malaysia, Japan, and the US, and rank among the top 25 US processors. How did regional rules shape MCP’s design, what localization hurdles did you face, and can you share a concrete incident where cross-border differences forced a redesign?
Regional diversity forced us to treat compliance and payment behavior as first-class configuration. MCP abstracts country specifics while exposing what agents need to choose the right rail. We hit a wall when one market required extra buyer authentication while another allowed a simplified path. The fix was a policy layer that branches by jurisdiction, so the same agent logic adapts across the five markets.
MCP uses the Model Context Protocol to link AI agents with payments. Why MCP over other patterns, how does the secure two-way interaction actually work in a live call, and can you trace a message’s path with timing data and safeguards at each hop?
We chose MCP because it’s an open standard built for structured, tool-aware interaction. An agent requests a capability, receives a scoped tool manifest, and exchanges signed payloads with strict permissions. Each hop validates intent, checks policy, and records an audit event before executing. If any control fails, the call degrades safely and the agent gets a clear reason code to recover.
You said no custom API builds are needed. What does setup look like for a merchant on day 0, day 1, and day 30, what common missteps occur, and can you share metrics on integration time, first-transaction latency, and first-refund success?
Day 0 is credentials, scopes, and selecting from the 60+ tools. Day 1 is wiring a test agent and running end-to-end scenarios across acceptance and refunds. By day 30, teams promote live flows for reconciliation, payouts, and reporting. The most common misstep is skipping role scoping, so we guide merchants to right-size permissions from the start.
Acceptance spans cards, banks, e-wallets, and QR. How do you route between rails in real time, what signals drive routing choices, and can you share a story where smart routing lifted approval rates or cut costs, with numbers to back it up?
The agent evaluates rail availability, business policy, and user context, then selects the best path. It weighs card versus bank, or e-wallet and QR, based on the user’s market and mandated steps. One merchant shifted traffic toward a local rail in a specific country and saw smoother checkouts with fewer user drops. The win came from aligning offers per market, not forcing a single global default.
Issuing a refund via a single command sounds simple. What actually happens under the hood across ledgers and acquirers, how do you handle partials and retries, and can you give a timeline of a tough refund case that you resolved?
The command fans out to ledger updates, acquirer requests, and notification hooks. Partials allocate proportionally and lock state to prevent duplication. If a window closes, the agent retries through an alternate path or schedules a transfer-backed make-good. The customer hears one voice, while the system quietly stitches it together.
You support transaction management, subscriptions, transfers, and monitoring. How does an AI agent coordinate these in one flow without race conditions, what guardrails stop bad sequences, and can you map a multi-step scenario with state changes and alerts?
The agent works off a shared state model with idempotent operations. Guardrails enforce ordering, preconditions, and rollback steps. Picture a renewal: it confirms the prior period, attempts charge, posts a transfer, and registers a monitoring rule. If monitoring flags an anomaly, the agent pauses downstream actions and requests guidance.
The CTO stressed “financial-grade reliability” that is secure, predictable, and fault-tolerant at scale. What SLOs do you hold (uptime, p99 latency, recovery time), what failure drills do you run, and can you recount a real incident and the exact mitigations?
We hold strict SLOs on uptime, p99 latency, and recovery, and we measure relentlessly. We run failure drills for rail outages, policy misconfigurations, and malformed agent requests. In one incident, a downstream rail degraded and the circuit opened as designed. Traffic shifted, queues drained, and the audit trail captured every decision for review.
The CEO talked about moving from passive fintech to “intelligent financial orchestration.” What’s one customer story where orchestration changed a KPI, how did the agent learn over time, and what manual tasks vanished, with before-and-after metrics?
A merchant used MCP to unify acceptance, refunds, and month-end reporting. The agent learned when to suggest bank or QR in a given market and nudged the checkout accordingly. Manual spreadsheet reconciliations disappeared because the entries were posted automatically. The big change was fewer interventions and steadier cash flow.
How do you embed compliance and fraud controls as agents operate money, what model- and rule-based checks run in sequence, and can you walk through a blocked attempt, the signals that triggered it, and how a legitimate case was cleared?
Controls execute in layers: identity, behavior, content, and policy. Models score risk, and rules codify mandatory steps per market. We blocked a payment when behavior contradicted local norms and required additional verification. After the customer passed the extra step, the agent resumed, and the record reflected the exception.
Reconciliation, supplier payouts, and operational reporting are automated. What data model powers this, how do you align time zones and currencies across regions, and can you share a step-by-step of month-end close that cut hours or errors measurably?
We use a canonical ledger with event-sourced entries and mapped attributes. Time zones and currencies normalize at ingestion with region-aware tags. At month-end, the agent locks the period, rolls entries, validates transfers, and generates reports. Teams moved from ad hoc exports to one consistent close across the five markets.
How do you test MCP against edge cases like chargebacks, duplicate payments, or network splits, what chaos or sandbox tools do you use, and can you provide pass/fail rates and the most instructive failure you fixed?
Our sandbox simulates rails, delays, and policy branches. Chaos injects network splits and malformed messages to probe recovery. We learned to harden idempotency when duplicates collided with retries in rare sequences. The outcome was clearer dedup keys and safer replay paths.
For developers, what tooling and logs make agent behavior transparent, how do you debug when an AI command goes wrong, and can you show the exact traces or redactions that help teams resolve issues fast?
We expose structured traces that align agent intents with tool calls. Redactions protect sensitive data while keeping context. When something goes off track, developers pivot from the trace to the precise policy decision or rail response. It shortens the journey from “what happened” to “fixed.”
Looking ahead, what capabilities are next on the roadmap, how will you expand beyond the 60+ tools, and can you share timelines, pilot criteria, and one bet that could change how merchants think about autonomy in payments?
We’re deepening orchestration so agents compose richer flows across acceptance, subscriptions, transfers, and monitoring. Expansion beyond the 60+ tools will focus on new rails and deeper analytics surfaces. Pilots will target merchants in the five regions that can exercise cross-border complexity. Our bet is that autonomy will become the default, not the exception.
What is your forecast for intelligent financial orchestration?
The center of gravity moves from APIs to policies, and from dashboards to agents that act. Merchants will expect orchestration out of the box across cards, banks, e-wallets, and QR. Reliability will mirror traditional systems while unlocking new forms of scale. The winners will blend openness, like MCP, with trustworthy controls that feel invisible.