Built by the open-source community · FINOS project

Open Enterprise Protocol for AI Multi-agent Orchestration

OpenEMCP is an open standard for secure, scalable, and compliant multi-agent workflows in regulated enterprise environments. Designed for regulated industries with comprehensive governance, auditability, and cross-border compliance features.

Start building Read the release notes

Contributors

0.1.0

Version

Contributions

Envelope

Signed payload + policy bundle + trace context + compliance metadata.

Negotiation

Capability discovery, cost budgets, compliance validation, and policy enforcement.

Handoff

Deterministic routing with replayable state snapshots and audit trails.

Inspired by the best open-source communities

Features

Everything enterprise teams need to ship safely and compliently in regulated environments

OpenEMCP addresses critical gaps in enterprise AI infrastructure by providing a universal standard for AI agent interoperability that operates within regulatory boundaries and enterprise security requirements.

Framework-agnostic integration

Support for LandChain, LangGraph, custom agents, and legacy system wrappers with seamless interoperability.

Enterprise-grade security

Recommendation for authentication, authorization, and encryption for regulated environments.

Regulatory compliance

Native support for GDPS, HIPPA, PCI-DSS, CCPA, and financial services regulations with automated compliance validation.

Resilient orchestration

Multi-agent workflow coordination with circuit breakers, retry policies, fallback routing, and compensation transactions.

Cross-border data governance

Automated compliance with data souvereignty and localization requirements across jurisdictions.

AI governance

Human-in-the-loop controls, explainability features, and bias monitoring aligned with EU AI Act and NIST AI RMF requirements.

Adopters

Architecture

A protocol stack designed for regulated enterprise AI

Agents exchange signed envelopes, negotiate capabilities, and synchronize state through a comprehensive protocol architecture. Every step is observable, compliant, and replayable.

Contract layer

Standard message schema with signatures, policy bundles, and regulatory compliance metadata.

Planning layer

Dynamic capability discovery, cost budgeting, and guardrail enforcement, and optimal agent selection.

Verification layer

Plan validation with required authorization, SLA/SLO agreements, policy compliance, and risk assessments.

Execution layer

Executes tasks with deterministic routing, state snapshots, multi-region failover, and compliance monitoring.

Context layer

Manages contextual information and state across sessions, conversations, and agent layers with audit trails.

Communication layer

Standartised agent communication protocols ensuring interoperability and secure context sharing.

Developer experience

Readable, auditable, and designed for regulatory compliance.

openemcp.json

{
  "contract_id": "<uuid-v4>",
  "version": "0.1.0",
  "client_info" : {
    ...
  },
  "business_requirements": {
    ...
  },
  "workflow_tasks" : [
    {...},
    {...},
  ],
  "exacution_constraints": {
    ...
  },
  "regulatory_compliance": {
    ...
  },
  "data_governance": {
    ...
  }
}

Use cases

Built for regulated, high-trust environments

From multinational banking to healthcare, OpenEMCP enables compliant agentic workflows that meet global regulatory requirements.

Regulated multi-agent finance operations

Coordinate risk assessment, AML/KYC compliance, and analytics agents with deterministic handoffs and full audit trails.

Cross-border banking workflows

Enable secure agent collaboration across jurisdictions while maintaining data sovereignty and regulatory compliance.

Enterprise DevSecOps with governance

Bridge security scanners, CI/CD agents, and incident responders with comprehensive policy enforcement, compliance validation, and traceability.

Why teams adopt OpenEMCP

Regulatory confidence

Deploy autonomous agents with consistent compliance checks, automated policy enforcement, and reversible actions across global jurisdictions.

Enterprise-grade security

Comprehensive identity management, mTLS authentication, and zero-trust architecture with agent registry and capability validation.

Operational transparency

Trace every decision with deterministic replay, compliance audit logs, and explainability features for regulatory reporting.

Cross-border compliance

Automated handling of data sovereignty, localization requirements, and jurisdiction-specific regulations for global agent collaboration.

Audit blockchain

Immutable audit trails with cryptographic verification ensure temper-proof compliance records and regulatory reporting across mult-agent workflows.

Explore the docs

Blog

Latest updates

Short updates on releases, roadmap milestones, documentation, and news.

Release

OpenEMCP 0.1.0 — Initial release with core protocol

Initial release of OpenEMCP 0.1.0, featuring the core protocol specification, and documentation to get started.

Roadmap

Q1 2026 goals: Initial 0.1.0 release and agent registry

Focus on core protocol features, reference implementation, and community building.

Docs

First commit to the OpenEMCP specification and reference implementation

Initial commit of the OpenEMCP specification and reference implementation, laying the foundation for future development.

News

FinOS Labs welcomes OpenEMCP as the newest project in the foundation

Join maintainers and contributors to shape the next-gen enterprisemulti-agent standard.

Community

Build the protocol together

Join the OpenEMCP community to shape the next generation of multi-agent standards.

Contribute on GitHub View roadmap

Community checklist

✓ Review the OpenEMCP specification and share feedback.
✓ Join weekly design calls and RFC reviews.
✓ Ship reference implementations for your stack.