Why MCP is the pivot for cost and policy governance

What you'll learn: Why FinOps governance must converge across cost monitoring, policy enforcement, and compliance, and how Model Context Protocol (MCP) enables coordinated execution at AI speed.

Your organisation has three governance systems running in parallel. The FinOps team tracks cloud spend in Cost Explorer and publishes weekly reports. The platform team reviews infrastructure policies in Terraform and deploys monthly. The compliance team audits controls quarterly and files reports. Each team operates independently, each uses different tools, and none of them see costs in real time.

The problem is not a lack of governance. It is a lack of coordination across time, cost, and policy.

This separation worked when infrastructure was predictable. A database provisioned in January would still exist in December. Capacity planning happened annually. Budgets moved in quarters.

AI workloads broke this model. A weekend experiment on four H100 instances consumes €9,000 before Monday's cost report runs. A training job misconfigured with the wrong model parameter burns through a quarter's GPU budget in 72 hours. Governance silos cannot detect problems fast enough to prevent them.

This pattern is not limited to frontier AI labs. It already appears in LLM inference, agent retries, vector re-indexing, and cross-region data pipelines.

Organisations that unify governance by connecting strategy to execution through coordinated workflows will optimise faster and with less risk than those managing cost, policy, and compliance as separate domains.

Why bottom-up FinOps governance fails at scale

Most FinOps today operates bottom-up. Engineers receive a dashboard showing idle resources. A Slack bot posts recommendations. Someone is told to resize a cluster "when you have time." The assumption is that if a saving exists, leadership will care.

Bottom-up FinOps made sense when cost optimisation was primarily about hygiene. Cleaning up unused resources, removing waste, and right-sizing predictable workloads were effective. AI shifts the problem from hygiene to control.

As Frank Contrepois writes in The Shape of Top-down FinOps: "FinOps fails when it starts at the bottom." Engineers see suggestions as chores. Executives see noise. The organisation wonders why nothing changes at scale.

The root cause is a broken chain of intent. Frank identifies seven layers that connect strategy to execution: strategy, translation, coordination, architecture, measurement, planning, execution. Most organisations skip directly to execution and hope recommendations somehow matter.

Here is how the chain should work. The CEO sets strategy: "We will reduce cloud waste and reinvest the savings into our 2026 AI roadmap." The CTO and VP Engineering translate this into targets and operating principles. The Head of Platform defines scope and guardrails. The FinOps Lead measures and surfaces opportunities. Engineering managers convert recommendations into backlog items. Engineers execute.

AI amplifies the coordination problem because costs appear before planning cycles complete. Traditional infrastructure governance assumed monthly or quarterly rhythms. AI costs move in hours. A data scientist starts a training job on Friday afternoon. By Monday morning, the budget is consumed and the work is done. The existing governance rhythm detects the spend far too late.

Industry data reflects this shift. Organisations managing more than €30,000 in monthly cloud spend are moving from annual savings targets to monthly accountability. Governance cadence compresses from quarters to weeks to days. Real-time problems require real-time coordination.

The coordination gap: AI investment councils bridge strategy and execution

FinOps teams surface cost optimisation opportunities. Platform teams identify architectural improvements. Compliance teams flag policy violations. These recommendations land in spreadsheets, slide decks, and Jira tickets marked "P3." They rarely become funded work.

The gap exists because bottom-up recommendations lack strategic context. An engineer sees "resize this cluster to save €800 per month" as extra work. A manager sees scope creep. An executive never sees it at all. The recommendation dies in the coordination gap between detection and execution.

Organisations are addressing this by introducing governance bodies that explicitly connect financial oversight to technical execution. An AI Investment Council provides the missing coordination layer. At the FinOps Foundation, this governance model is being formalised through the FinOps for AI Working Group.

These councils define approval thresholds. Projects above a certain monthly operating cost require review. They implement stage gates: Concept, MVP, Pilot, Launch, Scale, Sunset. Each stage has success criteria, budget limits, and escalation triggers.

Crucially, well-designed councils do not add bureaucracy. They remove ambiguity. By making cost, risk, and priority explicit early, they protect delivery speed instead of slowing it down.

The councils connect financial metrics, such as cost per token or cost per inference, to business outcomes like cost per conversation or revenue per interaction. They enforce escalation when budgets exceed thresholds or milestones are missed. Most importantly, they allocate engineering capacity for optimisation work instead of assuming it will happen between feature sprints.

This is the shift from reactive reporting to proactive governance. Efficiency work becomes first-class engineering work, with ownership, capacity, and measurable outcomes.

Cloud governance tools make technical enforcement possible.

• Cloud Custodian and stacklet.io enables policy-as-code for lifecycle and cost controls.

• OpenOps and Wiv.ai connect policy decisions to automated workflows.

These tools translate council decisions into infrastructure validation and enforcement. MCP does not replace these systems. It provides the real-time context layer that allows them to act with shared understanding.

MCP as the real-time policy coordination layer

Policy-as-code has existed for years. Open Policy Agent, AWS Service Control Policies, and Cedar allow teams to define governance rules programmatically. The missing piece is real-time infrastructure context.

A policy requiring GPU instances to be tagged with a cost centre is ineffective if violations are discovered days later in a billing report. By then, costs are misallocated and remediation is disconnected from active work.

Model Context Protocol (MCP) addresses this gap by connecting policy engines to live infrastructure and cost state through standardised interfaces. Governance becomes proactive rather than reactive. MCP does not decide policy. It ensures policy is evaluated against live reality instead of stale reports.

Consider GPU budget governance across Finance, Platform, and Engineering:

The pattern is detect, recommend, approve, execute. MCP servers enable continuous detection. Recommendations flow into governance workflows. Humans provide judgment and accountability. Execution is automated with audit trails.

This preserves speed while building trust. Automation provides intelligence. Humans retain control. The system cannot modify infrastructure without explicit approval, matching how enterprises operate.

One organisation applied this pattern to database right-sizing. Oversized instances were detected automatically. Recommendations were reviewed during maintenance windows. Result: 80 percent cost reduction, improved performance, zero incidents.

The outcome is not stricter control. It is faster, safer decision-making at AI speed.

The future of FinOps governance: from silos to continuous coordination

Governance is evolving along three axes: intelligent automation, reversible actions, and continuous measurement.

This closes the feedback loop. Strategy flows down through coordination. Execution flows up through measurement. The loop completes in days instead of quarters.

Assess your FinOps governance maturity

Governance maturity exists on a spectrum.

In AI environments, governance maturity is no longer only a cost optimisation concern. It is a financial and operational risk concern.

Take action: evaluate your AI governance architecture

Assess where your organisation sits on AI governance maturity. Our free assessment evaluates cost visibility, automation readiness, policy enforcement, and cross-functional coordination.

Start your assessment: https://aicostsfinops.optimnow.io/

If you manage more than €30,000 in monthly AI spend and governance still operates in silos, book a consultation to design workflows that connect strategy to execution at AI speed.