Article written by Stéphane Cagnon, July 9, 2026

Generative AI is changing the game on IBM i: analyzing a thirty-year-old RPG program, explaining its logic, suggesting a refactor… All of this can now be done in minutes. It’s a historic opportunity for a legacy estate that often carries the heart of the business: billing, payroll, inventory…

But one question keeps coming up in the boardroom: “Does the modernized application do exactly what it did before?” Not roughly. Exactly. Because on these systems, a difference in behavior means an incorrect invoice or a payroll error.

Our conviction: the safest modernization is hybrid: AI to understand, determinism to transform, regression testing to prove it.

Key takeaways

  • 1

    AI understands but it doesn’t guarantee, that guarantee comes from deterministic engines.

  • 2

    Regression testing proves that a modernization reproduces business behavior exactly.

  • 3

    The hybrid approach is cost-effective: targeted AI + MCP = controlled token consumption.

1. AI to understand

Let’s be clear: generative AI brings real, immediate value on IBM i:

  • Understand: explain undocumented code, reconstruct buried business rules.

  • Document: produce the documentation no one had time to write.

  • Assist: suggest refactorings, guide a junior developer through unfamiliar code.

  • Accelerate: revive backlogged projects held back by limited resources and expertise.

But a language model is probabilistic by design: it produces the most likely output, not a guaranteed one. Ask it to convert the same program twice, and nothing guarantees you’ll get identical results. And across an application portfolio, whether it’s a few hundred programs or several thousand, nothing guarantees that the same conversion rule will be applied consistently everywhere.

This isn’t a flaw in AI. It’s its nature. And that’s precisely why AI alone can’t be responsible for modernizing a mission-critical system.

In these systems, everything comes down to the details: a rounding rule in accounting, a sort order, a numeric truncation context, a legacy date format. Invisible in a code review. Very visible in production.

2. Determinism to transform

Faced with this, many organizations conclude: “then everything needs to be reviewed by humans.” That overlooks a third path, proven long before the AI wave: code transformation through deterministic engines, based on syntactic and semantic analysis of the language, not on probabilities.

A deterministic process offers three properties that no generative model can guarantee:

  1. Reproducibility: the same input always produces the same output;
  2. Consistency: the same rule applies everywhere, without exception;
  3. Auditability: every transformation is traceable and can be justified to an auditor.

On IBM i, two major modernization projects can be carried out this way:

The first obstacle isn’t technical, it’s human: fixed-format RPG is unreadable to newer generations of developers, while Free Form offers a modern syntax closer to Java.

That’s exactly what ARCAD Transformer RPG does: a fully automated conversion from RPGLE to RPG Free Form, with a conversion rate close to 100% (C, H, F, D, P specs and GOTO instructions), whether run one program at a time or in bulk. The engine detects truncation contexts in particular and corrects the code to prevent runtime issues; and every conversion can be checked through a visual comparison between the original and converted code. It’s also the only Free Form converter with its own IBM product number (5733-AC1).

For a CIO, that’s the essential point: this engine applies the same conversion rules from the first program to the last, no matter the size of the application portfolio, a guarantee no LLM can offer.

The second project involves extracting business rules from the RPG monolith to expose them as RESTful web services, consumable by web portals, mobile apps, or partners.

ARCAD Transformer Microservices supports this refactoring end to end, with a systematic method rather than a manual one: assistance in selecting candidate code blocks, automatic coupling checks to ensure the extracted modules are consistent, conversion of variables into parameters, automated module extraction, replacement of the original block with a call to the new procedure, and detection of duplicated logic to consolidate it into a single procedure. The observed gain: up to 70% more productivity than a manual effort, without sacrificing the reliability, security, or performance of the existing IBM i back end.

3. Regression testing to prove it

Deterministic transformation or not, one governance rule remains: every modernization must be proven. And that proof follows a very precise logic, one that is also deterministic:

  • replay the same business scenarios before and after the transformation;

  • factually compare the results: screens, DB2 data, spooled output;

  • turn every discrepancy into a measurable, analyzable, fixable fact.

That’s the role of ARCAD Verifier. And one point deserves particular attention from QA managers: thanks to the link maintained between application code and test cases, Verifier identifies only the tests affected by a given change. In practice, after converting a batch of programs, you don’t blindly replay 3,000 scenarios: you replay the ones that touch the transformed code. Verification becomes targeted, fast, and therefore genuinely practical at every iteration, not just at the end of the project.

Same input + same scenario = same result. Otherwise, it’s a regression. Trust isn’t declared: it’s demonstrated, screen by screen, record by record, report by report.

Secure your application changes

4. A token-efficient hybrid architecture

Putting the three pieces together, the secure modernization chain looks like this:

AI (understand) → Deterministic engines (transform) → Regression testing (prove) → Trust (deploy)

The orchestration link: the MCP protocol

One question remains: how do the AI agent and the deterministic engines communicate?

That’s the role of the ARCAD MCP Server. Through the standard MCP protocol, it exposes the ARCAD repository (34 years of deterministic analysis of the application estate: components, fields, procedures, dependencies) as more than 70 tools (resources, actions, methodological prompts). The AI agent (Copilot, Claude, an on-premise LLM…) queries these tools in natural language, chains calls together, and can trigger the underlying tooled processes (launching a Free Form conversion through Transformer RPG, for example), all while relying on a certified context derived from deterministic algorithms, not inference.

Three direct consequences for a CIO:

  • AI no longer guesses, it knows: a factual context eliminates hallucinations about the application architecture.

  • Your code stays with you: only the necessary information is sent to the agent, never the full codebase.

  • The developer stays in the loop: AI accelerates, structures, and documents; the human expert validates and decides.

In other words, the hybrid approach described in this article isn’t a concept: it’s an operational architecture, where the AI agent orchestrates and the deterministic engines execute.

A token-saving economy

This division of labor has an economic consequence that few organizations have measured yet: token consumption.

Having an LLM convert millions of lines of RPG means sending millions of lines in and receiving just as many back out, then starting over with every correction. That means direct cost, latency, energy footprint, and, depending on the architecture, exposure of source code to external services. In the hybrid approach, by contrast, bulk transformation consumes no tokens at all: it’s carried out by syntactic analysis engines. AI is deployed surgically, on high-value tasks: understanding, explaining, documenting, and adjudicating complex cases.

The result: predictable, minimal AI costs, tight control over code confidentiality, and a budget that funds the transformation itself rather than rounds of inference. The MCP protocol amplifies this effect even further: because context makes up for raw model power, even a small local SLM hosted on-premises produces relevant results: sovereignty without the added cost.

Connect your AI agents to your IBM i estate

5. Three real-world situations

Rather than a pitch, here are three situations that CIOs and CISOs will recognize.

Context: a manufacturer with an in-house RPG ERP, 2.5 million lines of code, and the last long-standing developer retiring in 18 months.

The risk isn’t a system failure, it’s losing the ability to evolve the system at all.

The hybrid response:

  • Mass, automated conversion from fixed format to Free Form to make the code readable for new hires,
  • AI to reconstruct and document business rules while the expert is still there to validate them,
  • A full regression testing campaign to prove the conversion changed nothing. The application estate becomes transferable, backed by proof.

Context: a financial institution with an RPG calculation engine at the heart of its customer relationship, required to open up APIs for a portal and partners, under strict internal audit requirements.

Rewrite the engine in Java? Years of project work and maximum business risk.

The hybrid response:

  • Extract the calculation rules into modules and expose them as RESTful services through a tooled, traceable refactoring process, without touching the logic itself;
  • Replay end-to-end scenarios and compare the results all the way into DB2, to demonstrate, case by case, that the calculated amounts are strictly identical. Internal audit doesn’t get a promise, it gets comparison reports.

Context: a retail/logistics company with an IBM i billing chain, business pressure to deliver faster, and a small team.

Here, the danger is “opportunistic” modernization: every change mixes bug fixes, AI-assisted refactoring, and new features.

The hybrid response:

  • Build regression testing into the DevSecOps pipeline, automatically replaying only the tests affected by each change. Delivery speed goes up, and every release carries its own proof. The more AI accelerates change, the more this proof loop becomes the strategic asset.

Let’s talk about your IBM i environment

Every IBM i estate has its own history, its sensitive areas, its level of technical debt, and its regulatory constraints. There’s no universal modernization path, but there is a method for building your own: assess what you have, choose your projects (Free Form, web services, database), and build the proof loop suited to your delivery cycles.

This is a conversation I have every week with CIOs, CISOs, and application managers. If you recognize your own situation in any of these, or if your leadership team is already asking you for proof, get in touch with me. I’d be glad to discuss your context, share concrete lessons learned, and show you how to bring AI, deterministic transformation, and regression testing together in your own DevSecOps pipeline.

Stéphane Cagnon

About the author

Stéphane Cagnon

Senior Solution Architect, ARCAD Software

With 28 years of experience in the IBM i world, Stéphane began his career as a systems engineer. Now a Senior Solution Architect, he gives you the keys to a successful DevSecOps transition and to an IBM i modernization tailored to your needs.

Contact Us

REQUEST A DEMO

Let’s talk about your project!

Speak with an expert

Customized Demo

Contact our experts