Germany's Banking Regulator to Inspect Financial Firms for AI Cybersecurity Gaps
Germany's financial watchdog BaFin announced Tuesday it will conduct targeted inspections at banks and financial firms to assess their readiness for cybersecurity threats posed by advanced AI models. The regulator said cyber risks from artificial intelligence are "growing" and "substantial."
BaFin President Mark Branson said new AI models can identify vulnerabilities in IT systems "with remarkable speed" and exploit them faster than before. "They will be able to exploit the vulnerabilities they find ever more rapidly," Branson said.
The warning comes as financial institutions globally scramble to access and test Anthropic's Mythos, a new AI model that cybersecurity experts view as a significant threat to banking systems, particularly legacy technology infrastructure.
Several U.S. banks have already received access to Mythos. Regulators and policymakers have issued a series of warnings about the model's potential to compromise financial sector security.
Branson called stronger cybersecurity "an urgent and essential investment" that the financial industry can afford to make.
New Inspection Division
BaFin will create a new division dedicated to what it calls "IT spotlight" inspections. These targeted reviews take significantly less time than comprehensive audits, allowing the regulator to examine more firms and respond faster to emerging threats.
"We can therefore complete more of them and thus respond more effectively to current developments and incidents," Branson said.
For finance professionals, understanding these regulatory requirements and the underlying AI risks is becoming essential. Learn more about AI for Finance, or if you're in a finance leadership role, explore the AI Learning Path for CFOs to understand how these developments affect strategic planning and risk management.
Your membership also unlocks:
