Australia’s banking sector is not keeping pace with the speed of artificial intelligence development, the country’s financial regulator has warned, cautioning that frontier AI systems could enable larger and faster cyberattacks against financial institutions.
Regulator Warns of Faster and Larger AI Driven Threats
The Australian Prudential Regulation Authority said in a letter to banks that much of the industry’s information security framework was struggling to match the pace of AI change. The regulator warned that frontier models such as Anthropic’s Claude Mythos could increase the probability, speed and scale of cyberattacks by helping bad actors discover vulnerabilities more effectively.
APRA said the rapid development of AI posed a growing threat to Australia’s financial services sector. Experts have warned Mythos, because of its high level coding capabilities, could have an unusually strong ability to identify cybersecurity weaknesses.
FCRF Academy Launches Premier Anti-Money Laundering Certification Program
Banks Told Cyber Practices Need a Step Change
The regulator said it had heard clear recognition from regulated entities that a step change was needed in cyber practices and capabilities to protect IT assets in an evolving threat environment. At the same time, APRA’s industry consultation found that banks were relying too heavily on model presentations and vendor summaries without fully assessing the risks that could emerge.
APRA also observed that many boards were still developing the technical literacy needed to provide effective challenge and oversight on AI related risks. While banks already had strict security procedures, the regulator said some of those controls were not designed to keep pace with AI development.
Industry Response and Wider Regional Concerns
Anthropic did not immediately respond to a Reuters request for comment. The material says Anthropic launched Claude Mythos Preview under Project Glasswing, a tightly restricted access programme that includes major technology companies such as Amazon, Microsoft, Nvidia and Apple. It also notes that Australia has been working with software providers including Anthropic on potential cybersecurity vulnerabilities.
The Australian Banking Association said banks were continually assessing their cyber risk settings and remained well positioned to respond to emerging AI technologies, adding that Australian banks invest billions of dollars each year to maintain cyber defences. Separately, S&P Global said AI would affect the credit standing of Asia Pacific financial institutions over the next one to five years. While it said most banks in the region had large technology budgets that could help reduce costs and absorb negative impacts, the broader effect across financial services may not be even.
About the author – Rehan Khan is a law student and legal journalist with a keen interest in cybercrime, digital fraud, and emerging technology laws. He writes on the intersection of law, cybersecurity, and online safety, focusing on developments that impact individuals and institutions in India.
