Monday, 13 July 2026 · Europe
EUR/USD 1.143 EUR/GBP 0.8516 EUR/CHF 0.9223 EUR/PLN 4.348 All rates →
Sign in · Join
EUROPES The European Report
LATEST
Tech & Startups

ECB sets October deadline for banks to counter AI cyber risks

ECB sets October deadline for banks to counter AI cyber risks

Europe's top banking regulator has ordered major lenders to draft plans against AI-driven cyber attacks, a move that underscores how artificial intelligence has become a systemic financial vulnerability.

The European Central Bank has told the euro area’s largest lenders to submit plans by the end of October for countering cyber threats posed by frontier artificial intelligence. Claudia Buch, who chairs the ECB’s supervisory board, outlined the directive in a letter sent directly to bank chief executives.

The regulator's alarm is tied to a new generation of AI capable of independently finding and exploiting software flaws. The immediate trigger is Anthropic’s Claude Mythos model, which the company claims has already identified thousands of severe vulnerabilities across major operating systems and browsers. Buch warned that emerging models can pinpoint weaknesses and write working exploits "at unprecedented speed," collapsing the timeline between discovering a flaw and weaponizing it.

The ECB is not acting in isolation. On the same day, the European Systemic Risk Board raised its assessment of systemic cyber risk to "severe," officially classifying frontier AI as a standalone source of systemic risk. The board also highlighted a structural vulnerability for the bloc: nearly all leading AI providers are based outside the European Union. This leaves the continent dependent on foreign firms and exposed to geopolitical pressure, prompting a call for Europe to build its own AI capabilities.

In their October submissions, banks must detail how they will patch software faster, harden AI-enabled defences, and tighten oversight of external technology providers. Over the longer term, institutions must modernise ageing infrastructure and sharpen crisis response capabilities. While the directive carries no formal fines, the ECB plans to use the plans to rank lenders against each other and pressure laggards.

The directive reflects mounting anxiety across European institutions, following a warning from ECB President Christine Lagarde last month that AI could precipitate a financial crisis. The threat is tangible, with state-backed attacks climbing and a recent severe cyber-attack drill that tested 109 banks. The regulatory alarm is already translating into market activity, with French startup Mistral in talks to sell lenders a home-grown flaw-hunting tool as an alternative to Mythos.

More from Tech & Startups