The European Central Bank has formally told eurozone banks they must tighten their cyber-security posture in response to AI-led attack tools, in a follow-up statement issued on Wednesday that turns earlier private guidance into something closer to a supervisory expectation.
The ECB’s vice-chair of the Single Supervisory Mechanism, Frank Elderson, framed the shift in language that signals a hardening regulatory posture rather than a discussion document.
The trigger remains Anthropic’s Mythos, the restricted-access AI model that can autonomously discover and exploit cybersecurity vulnerabilities at machine speed. Mythos has been demonstrated to combine smaller weaknesses into more serious attacks and to reverse-engineer patches into exploitable flaws faster than older toolchains.
Access has been limited by Anthropic to roughly 40 to 50 organisations including a handful of US banks; no eurozone institution sits on the list. The ECB’s position, in Elderson’s words earlier this month, is that “lack of access is not an excuse for inaction.”
Wednesday’s statement extends that framing. Banks are now expected to assume that attackers will have access to AI tools of comparable capability whether or not the defenders do.
The 💜 of EU tech
The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!
The supervisory implication is that traditional, monthly software-patching cycles are no longer adequate, that contractor relationships need to be audited for the same exposure, and that the entire institutional posture around vulnerability management needs to compress to AI-attacker timeframes. The ECB has indicated it will incorporate AI-cyber readiness into supervisory dialogues with individual banks.
The political and commercial backdrop has also moved. BNP Paribas is now publicly working with Mistral on a sovereign European answer to Mythos, in what is functionally a continent-wide hedge. Brussels has been in stalled talks with Anthropic for several weeks over expanding Mythos access to European institutions; Spain has described those talks as deadlocked.
The ECB statement is, in effect, the supervisory side of the same problem: regulators cannot wait for the access question to resolve before insisting on a defensive posture.
The harder question is what concrete change banks are actually expected to make. The ECB has not published a specific technical-controls list, partly because the threat surface is evolving faster than any static checklist would capture.
The closest thing to a working playbook is the implicit expectation that banks now treat any unpatched vulnerability as a discoverable target, and that the meantime-to-patch for critical systems collapses from weeks to days or hours.
Smaller eurozone banks, which have historically relied on outsourced infrastructure providers for the technical layer, are in a weaker position to deliver on that timeline than the big-three universal banks.
The ECB also flagged contractor exposure as the asymmetric problem. Most eurozone banks have a long tail of third-party software providers whose patch discipline is uneven; an AI-led attacker discovering a vulnerability in a single widely deployed vendor product can pivot into multiple bank environments through that vendor relationship.
The Solarwinds-style supply-chain exposure that defined the late 2010s is now being recast in AI-attacker form. Elderson’s framing is that supervisors will hold banks accountable for their contractor security, not just their own.
Eurozone banks have until end-2026 to demonstrate readiness against the ECB’s new posture, with formal supervisory dialogues beginning over the summer. Mythos itself, on current public reporting, has not been demonstrated in the wild against a European institution.
