The agentic traffic era has opened. ChatGPT is aggregating consumer financial relationships above 12,000+ institutions. Agents will query your systems, compare your products, and execute on behalf of consumers — without a human in the loop. This is the reference for what your IBM i environment and digital presence need to look like before that traffic arrives.
Agent-ready is not a single thing. It is a stack — five layers of capability that an organization must build, in order, before agentic traffic can flow through its systems without breaking. Missing any one layer creates a failure mode. Build them in the wrong order and the governance layer never catches up to the execution layer. The IBM i organizations sitting on decades of encoded business logic are closer to agent-ready than most. The consumer finance operators operating under ECOA and FCRA have additional regulatory requirements that make the governance layer non-optional. This reference maps both.
"The orchestration layer was already built. It just needed to be connected."
Silver Lake Series · Installment 2
"Can agents find you — and understand what you're willing to let them do?"
Your IBM i system has no web presence agents can navigate by default. There is no llms.txt, no structured sitemap agents can read, no declared policy on what agents are permitted to query or invoke. From an agent's perspective, your system doesn't exist — until you build the discovery layer.
llms.txt at your domain root declaring agent permissions and MCP endpointrobots.txt to explicitly allow or restrict specific agent crawlersOrganization markup with API contact and capabilitiesFor regulated lenders, discovery is also a fair lending consideration. If your products are discoverable by agents operating on behalf of some consumer segments but not others — due to missing structured data or inconsistent API coverage — you may have created a disparate access issue before a single loan decision was made.
llms.txt — LTO, installment, BNPL — with eligibility scope"Can agents understand what you offer well enough to evaluate it on a consumer's behalf?"
The business logic that governs your products lives in RPG programs and DB2 tables. No agent can read RPG. But Project Bob and Claude Code can surface that logic into human-readable documentation that becomes the foundation for machine-readable product specifications. This is the knowledge extraction step.
Most consumer finance product disclosures are PDF documents designed for human readers. An agent evaluating your LTO or installment product against three competitors needs structured, parseable terms it can compare programmatically. Machine-readable product terms are the prerequisite for agent-driven recommendations.
LoanOrCredit and FinancialProduct structured data on product pages"Can agents reach your live data and business logic in real time — not yesterday's batch export?"
This is the layer IBM i shops are closest to — but haven't crossed yet. Mapepire opens DB2 to modern API consumers. MCP exposes RPG business logic as callable tools. The data is there. The interface isn't built yet. Two tools, one bridge.
/api/v1/ — so agents can pin to stable contractsConsumer finance access has two tracks: read access (an agent checking product availability, rates, eligibility for a consumer) and write access (an agent initiating an application). Both require real-time APIs. Neither can be served from a batch file or a static product page.
"Can agents execute transactions on behalf of consumers — with proper authentication and no human in the loop?"
Agents executing transactions is the Stage 03 moment from Silver Lake Installment 2 — the event fires, the system responds, no human assembled the steps. For IBM i shops, this means wiring the MCP tool layer to event-driven workflows already running in your production environment. The logic exists. The invocation path doesn't yet.
Action in regulated lending has a higher bar than action in unregulated contexts. An agent submitting a credit application on behalf of a consumer is a regulated event. The action layer in consumer finance must be built with adverse action infrastructure already wired in — not added after deployment.
"Can you reconstruct what your agent did, why it did it, and what data it used — when the examiner asks?"
IBM i's object-level authority model and integrated audit journaling give IBM i shops a structural advantage here. The platform was built for auditability. The gap is connecting the agent's invocation trail to the IBM i audit log — so the record of what the agent called is reconstructable alongside the record of what the system did.
Governance in consumer finance is not optional. SR 11-7 model risk management requirements, ECOA adverse action documentation, FCRA accuracy obligations, and UDAAP exposure mapping all apply to agentic decisioning. The governance layer is the layer that makes every other layer defensible.
What it is: A plain Markdown file at yourdomain.com/llms.txt that tells AI agents how to navigate and use your site. Proposed by Jeremy Howard (Answer.AI) in September 2024 and now adopted by Anthropic, Cloudflare, Vercel, and Stripe. The official spec lives at llmstxt.org.
What it contains: An H1 with your institution name, a blockquote summary, and H2-delimited sections linking to your key resources — products, API documentation, eligibility specs, and your agent policy document. Pure Markdown. No XML, no configuration syntax.
Why it matters right now: As ChatGPT, Claude, and Gemini begin acting on behalf of consumers in financial contexts, the institutions that declare their capabilities clearly will be the ones agents route to first. An undeclared institution is an invisible institution. Implementation takes under two hours.
Do you have an llms.txt at your domain root? Does your robots.txt address AI agent crawlers specifically?
Are your product terms machine-readable? Do you have Schema.org FinancialProduct markup deployed? Is your DB2 schema documented?
Is Mapepire running? Do you have MCP tools exposing your RPG business logic? Is your eligibility API real-time?
Can an agent submit an application without a human in the loop? Do you have non-human authentication? Is adverse action wired to automatic fire?
Is your agent policy documented? Are agentic decisioning models in your SR 11-7 inventory? Can you produce a full audit trail in 24 hours?