The Bank of England's regulatory division, the Prudential Regulation Authority (PRA), has issued a stark warning regarding the potential for advanced Artificial Intelligence (AI) models to cause significant disruption within the financial services sector. Sam Woods, chief executive of the PRA, highlighted the increasing capability of these AI systems to identify and exploit security weaknesses in banking infrastructure.
Woods specifically cited systems such as Anthropic’s Claude Mythos and ChatGPT 5.5 Instant as points of concern. He emphasized the critical need for financial institutions to patch vulnerabilities swiftly, noting that unresolved technical flaws are a primary cause of system outages and disruptions.
Global Concerns Over AI Cybersecurity
The UK's concerns are echoed by regulators worldwide. Germany's banking regulator, BaFin, reported a significant increase in cybersecurity risks due to AI advancements and announced the creation of a new division to assess cybersecurity preparedness and risk management within banks and other financial firms.
The International Monetary Fund (IMF) also cautioned about AI-driven cyber threats, stating that the financial system's reliance on interconnected digital infrastructure makes it susceptible to correlated failures that could disrupt financial intermediation, payments, and overall confidence at a systemic level.
India and OpenAI Respond to Emerging Threats
India's Finance Minister, Nirmala Sitharaman, held a high-level meeting to address AI threats across financial and critical infrastructure systems. She expressed particular concern about the emerging 'Mythos' threat, about which limited information is available, stressing the need for more versatile countermeasures.
In response to these growing global concerns, OpenAI has launched a new AI system called “Daybreak.” Positioned as “AI for cyber defenders,” Daybreak aims to assist organizations in building safer software, potentially rivaling Anthropic’s Mythos but also fueling discussions about potential misuse.
Regulators are collectively urging heightened cyber hygiene and a quicker response to security threats as AI technology continues to advance, emphasizing the increasing importance of AI-powered defense systems in protecting organizations from evolving cyber risks.