MCP vs Function Calling: Protocol vs Pattern Explained
Function calling wires tools into one app. MCP publishes them once for every host. How the two layers relate, and when each fits your agent stack.

The short version
Function calling is a pattern: you embed tool schemas in each model request, the model emits a structured call, and your own code executes it. MCP (Model Context Protocol) is a protocol: a server publishes those tools once, and any compatible host (Claude Code, Claude Desktop, others) can discover and call them. MCP does not replace function calling; the model still makes structured tool calls underneath. The difference is where tool definitions live and who maintains the execution glue.
Two layers of the same stack
The confusion around "MCP vs function calling" comes from treating them as competing options at the same level. They are not. Function calling is a model capability and an integration pattern. MCP is a wire protocol built on top of that capability.
When a model "calls a function," three things happen. The application sends the model a list of tool schemas (names, descriptions, JSON parameter shapes) inside the request. The model, instead of replying with prose, emits a structured invocation: this tool, these arguments. Your application executes whatever that means (a query, an HTTP request, a calculation) and feeds the result back so the model can continue. The model never executes anything itself. Everything outside the model, including schema management, dispatch, auth, and retries, is your code.
MCP keeps that loop intact and standardizes the parts around it. An MCP server declares its tools in a discoverable manifest. A host application (the MCP client) fetches that manifest at connect time, hands the schemas to the model as ordinary function-calling tools, and routes the model's invocations back to the server over a standard JSON-RPC transport. The model still does function calling. Now the tool definitions and the execution live in one place, maintained by the provider, instead of copy-pasted into every application that wants them.
A reasonable analogy: function calling is the ability to plug something in. MCP is the agreement on the shape of the plug.

What plain function calling gets you
If you are building one application with one model and a handful of tools you own, bare function calling is hard to beat. You define a schema, write the executor, and ship. There is no extra process to run, no transport to debug, and no version of "the server is down" that is not already your own outage.
The control is the point. You decide how arguments are validated and how results are shaped before they go back to the model: trimming a 5,000-row response to the 20 rows that matter saves tokens and sharpens the model's attention. You can cache aggressively, retry selectively, and attach per-tool authorization that matches your product's permission model exactly. None of that is impossible with MCP, but with function calling it is all just code you already own.
The cost shows up at scale, and the scale that hurts is the integration matrix, not request volume. Three internal apps needing the same five tools means three divergent schema copies, three executors, three places to update when a parameter changes. Add a third-party data source and it gets worse: you read the provider's REST docs, hand-write a tool schema that mirrors them, then maintain that mirror forever as the API evolves. This is the same split we cover in MCP vs REST API: REST is a contract for your code, and function calling is how you staple that contract onto a model, one app at a time.
What MCP standardizes
MCP takes the loop above and fixes the two parts that do not scale: where tool definitions come from, and who executes them.
An MCP server publishes its tools in a machine-readable manifest. When a host connects, it issues a tools/list request, receives every tool's name, description, and parameter schema, and hands those to the model as ordinary function-calling tools. When the model invokes one, the host forwards a tools/call; the server executes it and returns the result. Authentication, metering, and rate limits live at the server boundary, where the provider can actually enforce them.
The payoff is portability. A server written once works in Claude Code, Claude Desktop, and any other MCP-compatible host, with no per-app glue. When the provider adds a tool or fixes a schema, every connected host picks it up at the next connect; nobody redeploys client code. The protocol also covers resources and prompts, but tools are the part that maps directly onto function calling. For the protocol's full picture, start with What is an MCP server?
For data providers there is a quieter benefit: the server controls what the model sees. Arkolith's MCP server returns filing-backed results where each datapoint traces to its SEC EDGAR accession number, which gives the agent grounded data instead of plausible recall. That provenance pattern (covered in stopping AI from hallucinating market data) is only enforceable because execution happens server-side, not in whatever wrapper each integrator happened to write.
Side by side: protocol vs pattern
| Function calling | MCP | |
|---|---|---|
| What it is | an integration pattern inside one app | an open protocol across hosts |
| Tool definitions | embedded in each request by your code | published by the server, discovered at connect |
| Who executes | your application code | the MCP server |
| Reuse | re-implemented per application | write once, runs in every compatible host |
| Schema changes | redeploy every client | update the server once |
| Auth and metering | per app, your responsibility | enforced at the server boundary |
| Extra moving parts | none | a server process and a transport |
| Best for | a single product you fully control | shared tools and third-party data services |
Two caveats keep this table honest. First, MCP adds a dependency: a server you do not control can be slow, down, or changed underneath you, and your agent inherits all of it. With in-process function calling, the only thing that fails is your own code. Second, MCP's discovery is only as good as the server's tool descriptions. A model picks tools by reading their descriptions, and a vague manifest produces worse tool selection than a schema hand-tuned for your exact task. Sometimes that over-fitting is exactly what you want.
The table compresses to one sentence: function calling optimizes for control in one place; MCP optimizes for reuse across many.
When each fits
Reach for plain function calling when the model is embedded inside your product and the tools are yours. Internal database lookups, a checkout action, a domain-specific calculator: these gain nothing from a protocol layer; the extra hop adds latency and an operational dependency. Deterministic pipelines that need exact control over retries and timeouts fit here too.
Reach for MCP when the tool's consumers are not all yours. If you are a data provider, MCP means every Claude Code user (and users of other MCP hosts) can connect without writing a wrapper. If you are an agent builder consuming third-party data, MCP means you skip the wrapper-maintenance treadmill: the provider maintains the schemas, and your host discovers them. Our comparison of market data APIs for AI agents goes deeper on that maintenance burden.
And it is rarely either-or, because the layers compose. An MCP host still performs function calling internally; that is how the model invokes the discovered tools. A serious data platform exposes both a REST API for code and an MCP server for agents over the same backend, so the deterministic pipeline and the conversational agent read identical numbers. The real decision is not "which technology wins" but "who should maintain the glue for this particular tool." If the answer is "us, forever, in every app we ship," consider whether a protocol should be doing that work instead.
A market data test case
Institutional filings data makes the trade-off concrete: the surface area is large and the schemas evolve. Arkolith's Q1 2026 13F dataset alone covers 1,824 institutional filers and 1.87 million long positions, about $53.7 trillion in reported value, alongside 51,000+ tracked insider transactions. Hand-writing function-calling wrappers for search, fund holdings, and per-stock ownership is a real project, and you would redo it in every app.
With bare function calling, your executor wraps REST endpoints like these:
curl -H "Authorization: Bearer YOUR_KEY" "https://arkolith.com/api/v1/search?q=NVIDIA"
curl -H "Authorization: Bearer YOUR_KEY" "https://arkolith.com/api/v1/funds/1067983/holdings"
That is the right architecture for a nightly job or a dashboard backend. For an agent, connecting the MCP server gets the same data with zero wrapper code: the agent discovers the tools, chains them (search for the company, pull its institutional owners, check recent insider activity), and every figure arrives with a citation to the underlying SEC filing. Connecting market data to Claude via MCP walks through the setup.
One domain detail matters either way: freshness is set by the SEC, not by the API. 13F holdings arrive up to 45 days after quarter end (see the SEC's own Form 13F FAQ), while Form 4 insider trades land within 2 business days. A good tool description states that lag explicitly, and any accession number a tool returns can be checked against EDGAR full-text search. That verifiability is worth more than any protocol choice.

Frequently asked questions about MCP vs function calling
Is MCP a replacement for function calling?
No. MCP runs on top of function calling: the host hands MCP-discovered tool schemas to the model, and the model invokes them through the same structured-call mechanism it always uses. MCP replaces the per-app glue around function calling (definition, discovery, execution), not the capability itself.
Does MCP work with models other than Claude?
MCP is an open protocol; support depends on the host application rather than the model. Anthropic's hosts support it natively, and other clients and frameworks have been adding it. A host without MCP support can still reach the same data through ordinary function calling over a REST API, which is how ChatGPT-style setups typically access live market data.
Is function calling faster than MCP?
For in-process tools, marginally yes: there is no extra transport hop. For remote data, the network round-trip to the data source dominates either way, so the protocol overhead is noise. The meaningful performance lever is result shaping (returning compact, relevant payloads), which a well-built MCP server and a well-built wrapper can both do.
Can the same backend serve both?
Yes, and well-designed platforms do exactly that. Arkolith's MCP tools and REST endpoints read the same filings database, so an agent calling a tool and a pipeline calling /api/v1/funds get identical, provenance-stamped numbers. Pick the integration per consumer, not per dataset.
This article explains public filings and data concepts. It is not investment advice.
Keep reading

13F Holdings API: Query Funds, Stocks, Quarters
A 13F holdings API turns SEC institutional ownership filings into resolved fund, stock, quarter, and point-in-time queries with filing provenance.
Insider Trading Data API: Query Form 4 Filings at Scale
What a good insider trading data API looks like: Form 4 mechanics, amendment handling, derivative separation, provenance, and code examples for agents.

Critical Third Parties: UK Cloud Rule Explained
A Critical Third Party is a provider whose service failure could threaten UK financial stability. The first UK designations are four cloud providers.