Big EU banks must set out AI risk plan, top ECB official – POLITICO

Politico News

“Emerging AI models are capable of identifying software vulnerabilities and generating functioning exploits at unprecedented speed, compressing the timeline between vulnerability discovery and exploitation. These developments have potentially profound implications for the confidentiality, integrity and resilience of banks’ information and communication technology (ICT) systems,” Buch wrote in letters sent to the CEOs of the bloc’s biggest banks.

There are no planned sanctions for banks that don’t comply, but the ECB may use the plans to compare different banks’ performance on tackling AI risks and follow up with them.

Buch’s letters also call on bank CEOs to modernize infrastructure and improve response and recovery mechanisms and crisis management.  

EU finance risk body, the European Systemic Risk Board (ESRB), also published a warning today on systemic cyber risks stemming from frontier AI models, saying they “should be treated as a source of systemic risk” by the finance industry.

If cyber incidents spread through “operational bottlenecks” such as payment, clearing or settlement systems, they could “severely disrupt or shock the financial system,” the ESRB said.

Without coordinated EU action, those risks “may evolve into structural vulnerabilities,” inclreasing the likelihood of a system-wide event, it said.

The European Commission will also unveil an action plan on AI risks today, outlining how the bloc will involve itself in safety testing of advanced models.