Around May 5, 2026, Anthropic advanced an approximately US$1.5 billion AI joint venture project with Wall Street institutions such as Blackstone, Goldman Sachs, Hellman & Friedman, with the goal of deploying Claude-related AI capabilities into financial enterprises and private equity portfolio companies. At the same time, Anthropic released 10 Agent templates for the financial services industry and open sourced the anthropics/financial-services warehouse.
From the surface,financial-servicesIt is a set of financial industry templates, but behind it is a set of templates that can be migrated to various industries.Enterprise-level Agent Architecture。
In this article, we analyze the composition and operating logic of this architecture, as well as how enterprises implement it; it is a reference for enterprises that are currently implementing or preparing to implement Agent.
First let’s talk about the key points: 1) The core of this architecture isSkillandunified semantic model, now many people are aware of the importance of Skill, but ignore the unified semantic model; 2) Although this architecture is currently presented in the form of Claude Cowork plugin or Claude Managed Agents cookbook, its core ideas are not bound to Claude and can be completely migrated to other agent frameworks.
1. General Agent Architecture
The general Agent architecture can be abstracted into the following 7 layers:
1. Business trigger layer
User dialogue, slash command, scheduled tasks, work order events, system events
2. Agent orchestration layer
The main agent understands the task, breaks down the steps, calls tools, and dispatches sub-agents.
3. Domain Skill layer
SOP, checklist, calculation method, industry rules, output template
4. Connector data connection layer
MCP Server, API, data warehouse, SaaS, Excel, document library
5. Domain semantic layer
Unify different system fields into business objects
6. Deterministic execution layer
SQL, Python, Excel engine, and rule engine are responsible for calculation and verification
7. Governance and approval layer
Permissions, logs, data lineage, review, manual approval, complianceIn this framework:
LLM does not directly replace the business system, but becomes an "orchestrator that understands business processes"; business rules are deposited in skills, enterprise data is entered through connectors, and key actions are controlled by permissions and manual approval.
The above 7 layers are a complete architectural view. Regardless of infrastructure and governance capabilities, there are mainly 5 core modules that really determine whether Agent can be implemented: Agent, Skills, Connectors, unified semantic model (Canonical Schema), and Subagents.
2. Core module
1. Agent: end-to-end business process
Agent is not a simple chat assistant, but a process executor with clear responsibilities.
For example, in finance:
GL Reconciler
Read the general ledger and sub-ledger
do reconciliation
find differences
Tracing the root cause
generate exception report
Submit to person for approvalMigrate to other industries:
| industry | Agent example |
|---|---|
| manufacture | Quality anomaly investigation agent |
| legal affairs | Contract Risk Review Agent |
| medical | Claims Denial Review Agent |
| supply chain | Three single matching exception handling agent |
| customer service | Complex work order upgrade Agent |
2. Skills: Domain Expert Method
Skill is responsible for precipitating professional SOPs within the enterprise into reusable modules.
Skills in finance may be:
gl-recon
break-trace
audit-xls
accrual-schedule
variance-commentary
dcf-modelIn other industries it can be:
| field | Skill example |
|---|---|
| Manufacturing quality | 8D Report, CAPA, 5 Why, Fishbone Diagram, SPC Trend Analysis |
| medical | ICD/CPT rules, medical record completeness checks, chargeback reason classification |
| legal affairs | Contract terms risk matrix, red line rules, deviation approval rules |
| supply chain | Delivery risk classification, alternative supplier screening, inventory coverage days calculation |
| customer service | Customer complaint grading, compensation policy, upgrade path, speaking standards |
| Insurance | Policy liability verification, material integrity check, fraud risk signal |
3. Connectors: Securely connect enterprise systems
AI should not directly connect to ERP, CRM, MES, HIS, CLM and other systems, but should access controlled data through MCP Server or API gateway.
The general structure is:
enterprise system
ERP/CRM/MES/QMS/CLM/WMS/Data Warehouse
↓
Domain semantics API / read-only view
↓
MCP Server
↓
Business tools that Agent can callFor example, financial systems can be exposed to:
get_trial_balance
get_gl_activity
get_ar_open_items
get_journal_entryManufacturing systems can be exposed to:
get_batch_history
get_inspection_results
get_machine_events
get_capa_historyThe important thing to note is: don't expose the underlying database, but exposebusiness semantics。
4. unified semantic model (Canonical Schema)
Fields in different enterprise systems are different, so a layer of unified semantic model is needed.
It is best not to define a semantic model from scratch for each enterprise. Instead, it should use industry-wide semantic objects as the backbone, and then expand it based on the enterprise's own business system, process calibers, and system fields. Otherwise, it is easy to customize, and for projects involving data models, the management workload is often heavy.
In finance, it can be unified into:
TrialBalance
JournalLine
SubledgerItem
Invoice
Payment
AccountMappingIn manufacturing, it can be unified into:
ProductionBatch
InspectionResult
MaterialLot
MachineEvent
CAPAIn this way, the Agent faces business objects instead of the messy fields of each system.
5. Subagents: permission isolation
Just like the human brain is handed over to a computer when faced with complex calculations, the enterprise agent should not allow a model to do everything.
Can be broken down into:
Reader
Read external files, emails, PDFs
No internal system permissions
Orchestrator
Call internal system
Read-only or limited permissions
Critic
Independent review conclusion
Resolver
Generate reports, working papers, and work order drafts
Human Approver
Approval, signature, and execution of key actionsProper use of Subagents can reduce the risk of prompt injection, unauthorized access, and misoperation.
3. How to implement the enterprise
Take financial-services as an example to see the overall process:
1. The user or system triggers the reconciliation task
2. Agent reads the subject, period, account and tolerance
3. Connector calls internal-gl and subledger MCP data access
4. Skill performs field unification, full outer join, and difference classification
5. Critic reviews major differences
6. Resolver generates exception report and reconciliation workbook
7. Human Approver determines whether adjusting entries are neededFor general industries, it is recommended to follow the following 6 steps.
Step one: Choose a narrow scene
Don’t start by building an “enterprise-level general AI platform”.
First select a scenario that meets the following conditions:
high frequency
The rules are relatively clear
Data source is clear
Manual work is now very time consuming
Output can be reviewed
The final action can be approved by someoneFor example:
Finance: AR/AP reconciliation, bank balance reconciliation, monthly balance variance commentary
Manufacturing: Quality anomaly investigation, supplier batch traceability, CAPA draft
Legal affairs: preliminary review of contract, summary of clause deviations
Supply chain: three-order matching difference processing, supplier delay analysisStep 2: Draw a clear business process
Each scene should be sorted out first:
What are the triggering conditions?
What is the input data?
Which systems are the source of truth?
What are the judgment rules?
What steps can be automated?
Which steps require manual approval?
What is the end product?
How to upgrade when failed?For example financial AR reconciliation:
Trigger: 2nd day of monthly checkout
Input: general ledger balance, AR open items, manual vouchers, customer dimension mapping
source of truth:ERP GL + AR subledger
Rule: if the difference exceeds 10,000 yuan, exception will be entered
Output: AR recon workbook + exception report
Approval: The financial manager confirms the difference processing
Forbidden: Agent cannot postAbnormal manufacturing quality:
Trigger: The defective rate of a certain batch exceeds the 3σ control line
Input: production batches, inspection results, equipment parameters, material batches, process changes
source of truth:MES + QMS + PLM
Rule: SQE/QA must be upgraded for batches that affect customers
Output: 8D draft + sphere of influence + containment action
Approval: Quality Manager approves CAPA
Forbidden: Agent cannot close CAPAStep 3: Design unified semantic model
This step is the foundation for “AI implementation”.
Take the financial industry as an example:
TrialBalance
JournalLine
SubledgerItem
InvoiceManufacturing industry:
Batch
InspectionResult
MaterialLot
MachineEventEnterprises must first clearly define these objects, and then let the MCP Server output these objects. Otherwise, the Agent project will be stuck in the quagmire of differences in various system fields and calibers.
Step 4: Build MCP Server
Enterprise MCP Servers should expose business semantics tools rather than underlying tables.
For example, it is not recommended:
run_sql(query)
query_sap_table(table_name, where_clause)
read_any_file(path)
update_any_record(object, id, fields)recommend:
get_trial_balance(entity, period, account_prefix)
get_gl_activity(entity, period, account_code)
get_ar_open_items(entity, as_of_date)
get_purchase_order(po_id)For details, please refer to the following principles:
Open tools with least privileges by Agent
Naming tools by business objects
Return structured JSON
Each data strip source_system / extract_timestamp / record_id
All tool calls go into audit logs
Read only first
Write operations only write to the draft area or approval queueStep 5: Write Skills and solidify the expert SOP
Write expert SOPs into reusable skills.
For example:
Finance: reconciliation rules, difference classification, working papers templates
Manufacturing: 5 Why, 8D, CAPA, batch traceability
Legal: Clause risk matrix, deviation approval rules
Supply chain: three order matching rules, price difference classificationStep 6: Design Agents and Subagents
A typical structure:
Main Agent
Responsible for task arrangement
Reader
Read external file
Investigator
Query internal system
Critic
Review conclusion
Resolver
Generate report
Human
Approval and SignatureSummarize
financial-servicesThe value is not that it provides several financial agents, but that it demonstrates an enterprise agent productization method:
Define processes using Agents
Use Skill to solidify professional methods
Connect to the system using Connector
Unify data with Canonical Schema
Isolate permissions with Subagent
Execute in the background using Managed Agent
Control risk with Human ApprovalThis architecture can be extended to almost all knowledge-intensive industries.
