FRANKFURT, April 20 (Reuters) - Deutsche Bank CEO Christian Sewing said on Monday that banks were in close contact with European watchdogs about Anthropic's Mythos as regulators rush to examine the cybersecurity risks the new artificial intelligence model raises and how prepared financial firms are to tackle them.
Mythos is viewed by cybersecurity experts as posing significant challenges to the banking industry and its legacy technology systems, prompting a series of warnings from regulators and policymakers
gathered at last week's International Monetary Fund spring meeting in Washington.
"It's certainly not something that's causing panic or setting off any alarm bells on our end right now, but it's definitely something we need to keep in mind in our day-to-day risk management -- and that's exactly what we're doing," Sewing, who is chief executive of Germany's biggest bank, told journalists.
"The banks are prepared for this and have their own responses. So this is something we have to live with, and of course everyone is trying to gain access, but I also think it’s right that access is limited for now," he said, adding that a German banking association would meet to discuss the issue on Monday.
Anthropic has so far restricted access to the model to partners in its Project Glasswing initiative and about 40 additional organisations that build or maintain critical software infrastructure. JPMorgan, which is part of Glasswing, is the only bank Anthropic has publicly said has access.
Multiple senior banking and regulatory sources in Europe told Reuters they were not aware of any European financial institution with access to Mythos yet. Anthropic did not immediately respond to a request for comment by Reuters on if and when it would grant banks access.
"SUBSTANTIALLY MORE CAPABLE AT CYBER OFFENCE"
The British government sent an open letter to company leaders on April 15 warning that testing by its AI Security Institute (AISI) had shown Mythos to be "substantially more capable at cyber offence than any model we have previously assessed."
Some Asian regulators said on Monday they were monitoring the development. South Korea's Financial Supervisory Service (FSS) said it held a meeting with information security officials from financial firms last week to review Mythos-related risks.
Mythos was a key topic on the sidelines of the IMF meetings last week. European regulators are not yet overly concerned and for now are assessing it through their existing cyber resilience process, two European supervisory sources told Reuters.
One banking source said that the ECB and other regulators have been in contact with European banks to assess their preparedness for new cybersecurity risks. Supervisors have asked about banks’ awareness of the threat and their ability to respond, the source said.
The vast capabilities of Mythos to code at a high level have given it a potentially unprecedented ability to identify cybersecurity vulnerabilities, experts say, prompting greater scrutiny from regulators globally.
Barclays CEO C. S. Venkatakrishnan said on Friday in Washington that Mythos was a serious threat to the global banking system and likely to be followed by similar, more powerful cyberthreats.
(Reporting by Tom Sims, Jesus Aguado; Additional reporting by Francesco Canepa and Balazs Koranyi in Frankfurt. Writing by Tommy Reggiori Wilkes; Editing by Thomas Seythal, Elisa Martinuzzi and Alexander Smith )
