Financial Regulators Adopt AI to Combat Growing Cybersecurity Risks

Swiss financial regulators are sounding an urgent alarm about the growing sophistication of cyber threats targeting the global financial system, warning that institutions must rapidly embrace artificial intelligence tools to stay ahead of attackers who are themselves using advanced technology. Marlene Amstad, president of the Swiss Financial Market Supervisory Authority (FINMA) and chair of an international forum on supervisory technology, outlined the escalating challenge during discussions with international counterparts, emphasizing that the traditional pace of vulnerability patching is no longer adequate in an environment where artificial intelligence amplifies both the speed and scope of potential attacks.

The technological arms race between defenders and attackers has intensified dramatically as machine learning models become increasingly adept at identifying security flaws that human analysts might miss or take considerably longer to detect. Recent experience with advanced AI systems has demonstrated that these tools can uncover previously unknown vulnerabilities in financial infrastructure, but they also present novel risks to the institutions deploying them. Regulators across multiple jurisdictions now recognize that waiting for traditional security audits and manual code reviews leaves critical gaps in protection as malicious actors harness similar technologies to probe financial systems for weaknesses.

AMstad emphasized that as criminal and potentially state-sponsored hackers accelerate their operational tempo through artificial intelligence, financial institutions must fundamentally reshape how they identify and remediate security issues. The traditional quarterly or semi-annual patching cycles that dominated financial IT for decades have become dangerously obsolete. Financial institutions now face pressure to implement continuous vulnerability detection and rapid response protocols, a transition that requires substantial investment in technology infrastructure and workforce training.

Recognizing these interconnected challenges, FINMA spearheaded the establishment of a specialized working group within the International Organization of Securities Commissions, the international body that sets standards for market regulation across jurisdictions. This forum brings together the regulatory authorities overseeing approximately 95 percent of the world's financial markets, creating a collaborative platform for sharing knowledge about artificial intelligence deployment in supervisory contexts. The breadth of this initiative underscores how comprehensively the financial stability risk has been recognized at the highest levels of global financial governance.

This week marked a concrete step toward this collaborative vision when approximately 100 policy experts and technology specialists gathered for an intensive hackathon designed to develop practical supervisory tools. The participants focused on building artificial intelligence solutions specifically tailored to the challenges of cryptocurrency and digital asset market supervision, an area where technological sophistication and regulatory complexity converge in particularly acute ways. The hackathon format, which brings together technologists and policymakers for rapid prototyping, reflects a recognition that traditional regulatory development cycles are too slow for the current technological environment.

Amstad indicated that supervisory innovation is not limited to software-based detection systems. Regulators are actively exploring whether safeguards and compliance mechanisms can be embedded directly into the underlying architecture of digital asset systems themselves, a more ambitious approach that would push security and regulatory compliance responsibility deeper into the technology stack. This represents a potential shift from monitoring institutions that use financial technology to designing the technology itself with regulatory requirements built into its fundamental structure.

The emergence of artificial intelligence has created a particular paradox for financial regulators: the same tools that offer powerful capabilities for identifying vulnerabilities also introduce new operational risks and raise challenging questions about accountability, interpretability, and resilience. Recent experience deploying advanced AI models like Anthropic's Mythos has exposed these dual-edged characteristics, revealing cases where the artificial intelligence systems themselves became potential vectors for unintended consequences or failures. Understanding these limitations is crucial as regulators consider how extensively to rely on artificial intelligence in critical financial infrastructure.

The geopolitical dimensions of artificial intelligence regulation have also become impossible to ignore. The United States government this month issued orders directing Anthropic to halt exports of its latest artificial intelligence models, including Mythos and a system called Fable, citing national security concerns about these advanced systems reaching potentially adversarial jurisdictions. This move reflects anxiety about whether cutting-edge artificial intelligence capabilities might be weaponized or used to undermine financial stability in ways that would harm American interests.

Simultaneously, competition to develop domestic artificial intelligence capabilities has intensified globally. Chinese cybersecurity firm 360 Security Technology announced this week that it has successfully developed its own version of advanced large language models intended to serve as a domestic alternative to international offerings like Mythos. This development reflects broader efforts by major economies to reduce dependence on foreign artificial intelligence providers and ensure that critical financial infrastructure relies on technology developed within national borders.

Amstad articulated what may be the central tension confronting Swiss and broader European financial regulation: Switzerland and European institutions must retain access to the most advanced artificial intelligence models available globally to effectively protect their financial systems, yet doing so may conflict with national security imperatives and geopolitical positioning. She argued that artificial intelligence will prove instrumental in identifying and hardening vulnerabilities before they can be exploited, suggesting that the most sophisticated defensive capabilities depend on access to the most powerful artificial intelligence tools. This requirement for technological parity creates pressure on smaller financial jurisdictions to participate in global artificial intelligence development ecosystems rather than attempting to build isolated, domestically-focused alternatives.

The broader strategic implication is that financial regulation itself is being fundamentally reshaped by artificial intelligence. Rather than regulators simply updating rules and oversight mechanisms to account for artificial intelligence used by regulated institutions, regulators themselves are becoming artificial intelligence practitioners, embedding algorithmic decision-making into the supervisory apparatus. This transformation blurs traditional lines between technological innovation and regulatory governance, suggesting that the future of financial stability depends on regulators maintaining competitive parity with the technological sophistication of both regulated institutions and potential attackers.

Related Stories

BREAKING: Johor Assemblyman Quits UMNO, Drops Bombshell — Claims Royal Palace Ordered State Election

Democracy at Work: Johor PRN Ke-16 and the Meaning of Tonight's Candidate Reveal for Malaysian Voters

Semangat Merdeka Menyala: PH dan Anwar Umumkan Calon PRN Johor Ke-16