ESRB warns of vulnerabilities in the financial system linked to frontier AI models
Press release The European Systemic Risk Board (ESRB), the EU’s macroprudential oversight authority, is issuing a formal warning regarding vulnerabilities in the financial system linked to frontier AI models. The ESRB's warning calls for relevant authorities to reflect these risks in supervisory and oversight work.
The rapid development of AI models capable of identifying vulnerabilities in critical software and ways of exploiting them is leading to increased cyber security risks.
At EU level, the ESRB’s General Board – of which the Riksbank and Finansinspektionen (the Swedish Financial Supervisory Authority) are members – is now issuing a formal warning to the EU regarding the risk of vulnerabilities in the financial system linked to frontier AI models. The aim is to safeguard the resilience of the EU’s financial system by raising awareness of these risks and highlighting the need to counter them. The ESRB warns that frontier AI models are changing the cyber threat landscape for EU’s financial system and that these models may increase speed, scale and sophistication of cyberattacks. The ESRB also emphasises that relevant authorities should reflect these risks in supervisory and oversight work.
In parallel with the ESRB’s warning, the European Central Bank’s Single Supervisory Mechanism (SSM) has also highlighted the risks associated with new frontier AI models in a letter to the chief executive officers of the institutions under its supervision. The National Cyber Security Centre has also recently issued advice and recommendations on AI and cyber security from a Swedish perspective.
In this context, the Riksbank and Finansinspektionen together call for Swedish financial institutions to prioritise the work on identifying, managing and mitigating these risks and to continue strengthening their operative resilience.
”We welcome the ESRB’s warning. Developments in AI present significant opportunities for the financial sector but also entail risks. These risks often do not respect national borders, and in a world of geopolitical tensions, the issue becomes even more complex. Not least for this reason, a warning at EU level is important, even though this is also a global issue. Authorities globally and in Sweden are engaged in close dialogue with financial institutions to ensure that they have the capacity to manage the risks posed by the rapid development of new, more capable AI models,” says Governor Erik Thedéen.
“It is important that AI-related risks and cybersecurity threats receive widespread attention at the EU level, as they can affect both individual companies and the financial system as a whole. Companies need to assume that disruptions will occur and therefore build operational resilience. This is also a priority area in Finansinspektionen’s supervision,” says Finansinspektionen Director-General Johan Almenberg.