UK banks face AI cyberattacks beyond their current defences
Key Points
- The Bank of England, Financial Conduct Authority and HM Treasury issued a joint statement on 15 May 2026 warning UK financial firms that frontier AI cyber attacks now exceed what current bank defences can handle.
- The authorities said current frontier AI models already surpass skilled human hackers in speed, scale and cost, and that risks will rise as more capable models reach the market.
- Regulators told banks, building societies, payments firms and financial market infrastructures to strengthen board level governance of AI risk, accelerate vulnerability triage and patching, manage third party and open source software exposure, and adopt automated AI enabled defences.
- The statement names customers, market integrity and financial stability as the interests at risk, and points firms to NCSC guidance and the Cross Market Operational Resilience Group's Frontier AI Risk Mitigation Webinar held on 14 May 2026.
- No new rules were introduced; the warning frames attacks driven by AI as a scenario firms must plan for under existing operational resilience obligations dating from 2022.
Frontier AI can now run cyber attacks beyond what current UK bank defences can handle, the Bank of England, FCA, and Treasury have warned.
The three authorities said in a joint statement on Friday (15 May) that the cyber capabilities of current frontier AI models already exceed what a skilled human practitioner could achieve, at significantly higher speed, greater scale, and lower cost.
The regulators said these capabilities, used maliciously, amplify threats to firms’ safety and soundness, customers, market integrity, and financial stability.
Risks will rise as more advanced models reach the market, and firms that have underinvested in cybersecurity fundamentals will become progressively more exposed.
Account access, payment processing, and personal data sit behind the systems the authorities say are under growing pressure. The wider customer base also includes the small businesses and corporates whose bank relationships depend on the same controls.
Work needed to get ahead of AI attacks
The authorities told boards and senior management to develop a sufficient understanding of frontier AI risks to set strategic direction and oversee how control functions respond.
Investment and resourcing decisions should reflect the emerging threat, including increased exposure from end-of-life systems and software no longer supported by vendors. The statement also asked firms to consider whether they have appropriate insurance in place.
Vulnerability management is a core pressure point because frontier models can scan large technology estates and surface exploitable flaws far faster than human security teams.
The regulators said firms must be able to triage, prioritise, risk assess, and remediate vulnerabilities at greater speed, frequency, and scale, with automation where appropriate, while managing the operational risks of automating remediation.
The statement flagged third-party risk separately. It told firms to identify, monitor, and manage external applications, libraries, and services integrated into their networks, including open source software, and to be ready to remediate vulnerabilities identified by third parties at scale.
The regulators have also directed firms to consider adopting automated, and AI-enabled controls so they can operate at a comparable speed to attacks driven by AI. Access management, network security and data protection should reduce the surface a frontier AI model could reach.
The authorities said they will continue to monitor frontier AI developments and engage with industry through the Cross Market Operational Resilience Group, which held a Frontier AI Risk Mitigation Webinar on Thursday (14 May).
The National Cyber Security Centre has published companion material, including guidance on preparing for a vulnerability patch wave and ten questions firms should ask when using AI models to find vulnerabilities. The statement did not name specific frontier models and did not set new rules.
It told firms the existing operational resilience framework, in place since 2022, already requires them to plan for the threats attacks driven by AI now pose.
