Europe's top banking supervisor is telling lenders that AI has changed the timetable for cybersecurity. Vulnerabilities that once sat in the patch queue now need to be treated as live business risks.
The European Central Bank has moved the AI security debate out of the innovation department and into the supervisory file. That is the real story. Banks have spent the past year talking about AI as a way to improve fraud detection, compliance reviews, trading workflows and customer service. The ECB is now asking a sharper question: what happens when the same class of models makes it easier to find and exploit weaknesses inside the financial system?
Frank Elderson, Vice-Chair of the ECB Supervisory Board, used the central bank's May supervision newsletter to warn euro area banks that Claude Mythos Preview, Anthropic's cybersecurity-focused model, is not just another technical upgrade. According to Reuters, Elderson urged banks in the euro area on May 13 to prepare quickly for cyberattacks launched with the help of Mythos or similar AI tools.
The timing matters. European lenders are under pressure to modernize, cut costs and use AI more aggressively across operations. But supervisors are making clear that faster deployment cannot come with a slower understanding of the attack surface it creates. That is especially true in banking, where old infrastructure, vendor dependencies, internal applications and complex authentication layers all sit close to customer money and market infrastructure.
The concern is not simply that attackers will write better phishing emails or automate more basic scams. Banks already know that problem. The more serious issue is that advanced AI systems can help discover software flaws at a speed that does not fit traditional security routines.
Elderson described three capabilities that should get the attention of every bank board. Mythos can autonomously discover and exploit vulnerabilities at scale. It can combine smaller weaknesses into more serious attacks. It can also reverse-engineer patches into exploitable flaws far faster than older tools. That last point is particularly uncomfortable for large institutions, because the publication of a patch can become a signal to attackers before every dependent system has been fixed.
In ordinary corporate cybersecurity, a minor vulnerability might be scheduled into a longer patch cycle. In banking, that logic is becoming harder to defend. If an AI model can connect minor gaps across identity systems, legacy code, vendor software and internal controls, the word minor starts to lose its meaning. The ECB is effectively telling banks to shorten the distance between discovery and remediation.
There is also a European disadvantage built into the current moment. Elderson said euro area banks do not currently have access to Mythos, which has only been made available to a limited number of organizations in the United States. That does not make the risk theoretical. It means European banks may have to defend against capabilities they cannot fully test for themselves.
AI adoption now comes with a compliance bill
For bank executives, the practical lesson is direct. AI procurement is no longer only a productivity decision. It is a resilience decision, a vendor-risk decision and a governance decision. If a bank uses AI in trading surveillance, loan servicing, compliance workflows or customer operations, supervisors will want to know who owns the model risk, who monitors data exposure and how quickly the bank can respond when a new weakness is found.
The Digital Operational Resilience Act, known as DORA, gives this warning more weight. It requires financial institutions in the European Union to manage information and communication technology risk, report major incidents, test resilience and oversee critical third-party providers. AI does not sit outside that framework. It makes the framework more demanding.
That is why the ECB's message reaches beyond security teams. Chief risk officers, procurement heads, legal teams and boards will need a clearer map of where AI touches systems and data. The old approach of letting business units trial tools first and formalize controls later looks increasingly risky. In a regulated bank, experimentation still needs a boundary.
The likely market effect is straightforward. Banks will spend more on vulnerability management, identity controls, security testing, third-party assurance and operational resilience planning. Cybersecurity vendors that can prove they understand financial regulation will have an easier sales conversation. AI vendors, meanwhile, will be asked harder questions about safeguards, access controls, audit trails and how their models behave when pointed at sensitive infrastructure.
This does not mean banks should step away from AI. Used responsibly, these models can help defenders find weaknesses before criminals do. They can speed code review, improve threat detection and make security teams more effective. But the balance has changed. The same tool that strengthens a bank in the right hands can expose it in the wrong ones.
The next phase will be about proof. Supervisors will not be satisfied with broad claims that a bank is monitoring AI risk. They will expect evidence that vulnerabilities are being identified, prioritized and fixed quickly, and that disruption plans reflect a world where attacks can move faster than internal committees. For European banks, the message is simple enough: AI is now part of operational resilience, and the deadline for treating it that way has already arrived.
Also read: SpaceX is asking IPO investors to price it like an AI platform • Nvidia is watching Huawei turn China into a closed AI chip market. • Nvidia is watching Huawei turn China into a real AI chip market
