Bank of Italy Governor urges banks to fortify defences against AI cyber risks
Central bank chief calls for executive governance and IT investment, citing specific concerns over artificial intelligence capabilities that could enhance attacks on financial institutions.
Bank of Italy Governor Fabio Panetta has confirmed that the central bank is in direct discussions with global artificial intelligence providers, including Anthropic, ahead of the release of new AI models to the financial sector. Speaking during his annual keynote address on Friday, Panetta outlined the regulator’s proactive engagement with technology firms to ensure that emerging tools are implemented securely within the banking industry.
The central bank recently initiated talks with national authorities, financial institutions, and their IT service providers to address the security implications of widespread AI adoption. These discussions aim to mitigate the risks associated with the integration of advanced algorithms into critical financial infrastructure, ensuring that new technologies do not compromise system integrity or operational continuity.
Supervisory concerns have specifically focused on Anthropic’s Mythos model, a tool designed to identify flaws in computer code to bolster cyber defences. However, cybersecurity experts have warned that the same capabilities could be exploited to turbo-charge cyberattacks against banks. The dual-use nature of such technology has prompted the Bank of Italy to engage directly with developers to understand and manage potential vulnerabilities before these models become publicly accessible.
Panetta emphasised that financial institutions remain ultimately responsible for the protection and continuity of their systems, a duty that extends to third-party technology providers. To address these challenges, he urged banks to utilise their recent record profits to fund necessary IT security investments. The governor stressed that relying solely on technological fixes is insufficient; executive bodies must establish sound governance and control frameworks, assign clear responsibilities, and prepare rapid intervention plans to manage third-party risks effectively.
The regulatory push comes as the financial sector increasingly integrates AI technologies, raising questions about oversight and risk management. By highlighting the specific risks posed by models like Mythos, the Bank of Italy is signalling a heightened focus on operational resilience and the need for robust governance structures to safeguard the integrity of the banking system against evolving cyber threats.
