OpenRewrite is designed to tackle the exact challenges that large financial institutions face. With deterministic “recipes” that describe codified transformations, OpenRewrite can systematically analyze and modify codebases—ensuring consistent modernization across vast application portfolios. And when paired with AI agents, OpenRewrite becomes even more powerful: agents can use recipes as tools to perform safe, context-aware transformations far beyond what probabilistic code completion can offer.
WHY FINTECH MODERNIZATION REQUIRES MORE THAN JUST AI CODE GEN
Modernization in financial services isn’t just about adopting the latest frameworks—it’s about maintaining security, ensuring compliance, and evolving legacy architectures while meeting aggressive business demands. It also means doing so in a way that reduces risk and guarantees auditability. And the challenge becomes even more treacherous in today’s open source-driven world.
According to a recent Sonatype industry report, the average application includes 180 third-party and open source components, and the volume of malicious packages has grown 156% year over year. Open source software has become the backbone of modern software, which means fintech firms must manage a sprawling network of dependencies that evolve constantly. Security patches, deprecations, and breaking changes in upstream projects can ripple unpredictably across hundreds of systems.
Manual code updates are slow, error-prone, and fundamentally unscalable. For example, one large banking customer faced the task of upgrading more than 15,000 codebases to Java 21—a project they estimated would take over 50,000 hours to complete manually. That’s 687 full workdays for a 10-person engineering team, just to complete a single upgrade initiative.
The sheer scope of this work highlights a hard truth: Even with AI coding assistants, this repo-by-repo work can’t scale to the demands of enterprise software modernization. It can’t solve the operational reality of billions of lines of existing code: applications built over decades, interwoven with open-source dependencies, proprietary APIs, and deeply embedded business logic.
AI assistants, even those trained on vast amounts of code, generate suggestions based on patterns without deep knowledge of an entire fintech’s specific codebase. Their understanding of broader architectural context is shallow, and their outputs often require manual validation. Large-scale refactoring and remediation across multiple repositories is not just a weakness of developer assistants—it’s outside the realm of what these tools are built to do.
FINTECH MODERNIZATION STARTS WITH BETTER CODE DATA
Modernization at scale demands more than AI-generated suggestions—it requires deep code understanding and predictable execution. That’s where OpenRewrite comes in. Its core innovations—the Lossless Semantic Tree (LST) and deterministic recipes—provide what AI assistants lack: a complete picture of your codebase and a safe, repeatable way to transform it.
By pairing with OpenRewrite, AI agents move from passive code suggestion to active, trustworthy execution—unlocking their full potential to modernize software at scale.
The LST is a high-fidelity representation of source code—akin to the detailed understanding your IDE provides, but extended across your entire codebase. It captures not only syntax, but also semantic details like type attribution, formatting, build configurations, and transitive dependencies. This comprehensive context provides a complete and accurate picture of your software that is crucial for making precise, meaningful changes at scale.
OpenRewrite uses deterministic recipes—purpose-built, repeatable programs—to analyze and transform the LST code representations. These recipes are versioned, testable, and auditable, ensuring that changes are consistent across thousands of files and repositories. They can also be created and customized for in-house libraries, frameworks, tools, and configurations. Whether upgrading to Java 21, changing out monitoring frameworks, or remediating security vulnerabilities, OpenRewrite recipes eliminate the guesswork and ensure safe, production-ready outcomes.
Now, thanks to agentic AI and tool-calling interfaces—such as OpenAI’s Function Calling or the Model Context Protocol (MCP)—AI agents can directly invoke the catalog of more than 3,500 OpenRewrite recipes as trusted tools. Rather than generating code from scratch, the agent selects the appropriate recipe based on user intent and delegates execution to a deterministic program purpose-built for that transformation.
The combination of LSTs and recipes is what makes OpenRewrite an ideal companion to AI coding agents, enabling AI to direct deterministic transformation—accurately, consistently, and across your entire codebase.
the power of ai agents with deterministic refactoring tools
The Power of AI Agents with Deterministic Refactoring Tools
When AI agents can invoke OpenRewrite recipes, they no longer need to invent upgrade paths—they can call deterministic, community-vetted transformations and apply them at scale. This unlocks powerful capabilities for fintech teams:
- Accelerate migrations and modernization: Move to new Java versions, cloud platforms, and modern tooling without slogging through every repository.
- Secure codebases proactively: Patch known vulnerabilities for all dependencies (direct and transient), auto-fix source code, and protect PII before a crisis occurs.
- Meet regulatory requirements: Prove changes are consistent, traceable, and in line with internal policy—a must-have for compliance and audits.
- Enforce architecture standards: Ensure consistent logging frameworks, remove deprecated APIs, and align all services to approved design patterns.
OpenRewrite as a change agent helps banks and fintechs respond with agility. Instead of relying on developers with AI assistants to individually catch and fix issues—or creating brittle scripts that work once and break the next time—you can encode transformations as recipes and run them across your entire portfolio. Recipes are versioned, reviewed, and reused, creating a foundation for dynamic architecture governance.
unlocking code modernization paths
Too often, teams feel stuck with architectural choices made years ago. Refactoring large applications has historically been seen as too costly, too risky, or too slow. But that’s changing. The convergence of open-source, deterministic auto-refactoring and intelligent AI agents is enabling a new kind of modernization—one that’s scalable, reliable, and developer-friendly.
OpenRewrite isn’t just a tool for one-off upgrades. It’s a framework for evolving your codebase as your business evolves. With AI agents now able to interpret intent, select the right recipes, and execute changes across thousands of files, fintech teams can finally tame the complexity of their software ecosystems.
This is the future of code modernization: a tight feedback loop between intent, analysis, and safe, automated change. It’s a future where teams move fast and stay compliant—where AI doesn’t just generate more code, but helps you manage the code you already have.
To learn more about large-scale code modernization, join Moderne in a joint session with Morgan Stanley at OSFF London. In addition, engage with the FINOS Evolution @ Scale working group focused on simplifying how developers can automate mass changes to a large number of code repositories, effectively evolving them all simultaneously.
Author: Moderne Team