Thought Leadership
Without their own access to Anthropic’s new Mythos model, European banks would be defenceless against a new quality of cyberattacks, the Bundesbank warns. It is calling on the EU to make a political move in Washington.
The Bundesbank’s chief supervisor, Michael Theurer, wants to put the European Commission and European governments under pressure to secure access to the Mythos AI model from US company Anthropic or from the Trump administration. That emerges from an interview with Reuters. The background: Mythos is currently available only to a handful of US banks, while European institutions are left out.
Anthropic distributed the model earlier this month to a hand-picked group of companies, among them just one bank initially. Mythos specialises in finding security flaws in software. From the perspective of IT security experts, that is precisely what makes it a potential weapon: attackers could use it to dramatically accelerate intrusions into banking systems. Supervisory authorities in several countries, including the United Kingdom, Japan and India, have been examining the risks ever since. Reuters recently reported that Anthropic plans to grant European banks access in the foreseeable future, without naming a date.
Theurer insists on an official request
“I consider it necessary that the European Commission and governments in Europe now also approach the company — or rather the United States — to request that the technology be shared,” Reuters quotes the Bundesbank executive as saying. “There has to be an official request so that we in Europe can also benefit from the insights.”
Defence without the tools
According to Theurer, the banks are well aware of what they may be up against. As long as they cannot get hold of the model, however, they cannot test “which vulnerabilities it is capable of identifying”. The institutions know they have a problem but cannot analyse it.
Theurer sees this as a fundamental risk and warns of a geopolitical imbalance: “We may be moving into an area in which economic actors could potentially become dependent on state assistance. If you do not have access to this technology yourself, you naturally find yourself in very difficult waters.”
According to Reuters, the Bundesbank and German supervisory authorities are working jointly on the threats. The European Central Bank’s banking supervision arm, which oversees the largest lenders in the euro zone, has also been asking institutions about the state of their preparations.
Supervisors falling behind
A particularly awkward finding comes from a recent study cited by Reuters: supervisors themselves are significantly further behind in adopting AI than the firms they are meant to oversee. They also lack reliable data on the new types of harm that are emerging. Whoever is supposed to monitor Mythos has neither the tools nor the situational awareness to do so.
That shifts the debate from pure IT security into the political arena. When a US company decides which banks in which region are allowed to use an AI capable of vulnerability analysis and which are not, market access becomes a lever of economic and security policy. Seen in that light, Theurer’s push is less a technical request than a call for Brussels to make itself officially heard in Washington.
dpa
