By Aarav Garg

Today

AI
Compliance
Digital Banking

Anthropic’s Claude Mythos has triggered fresh debate around how advanced AI systems could change cybersecurity risks for banks and FinTech companies. The concern is not only that AI can help detect software vulnerabilities faster, but that it could also make it easier to exploit them at scale.

Anthropic recently said that Claude Mythos was able to identify a large number of previously unknown software vulnerabilities, including flaws in widely used operating systems and browsers. The company described the system as capable of finding weaknesses with limited human involvement, showing how quickly AI-powered security research is advancing.

For the banking sector, the issue is especially important because many financial institutions still depend on legacy infrastructure built years or even decades ago. Older systems are often deeply connected to payment networks, customer databases, and core banking operations. Updating them can be slow, expensive, and risky, which means many firms continue operating with outdated software and complex integrations.

That creates a larger attack surface for cybercriminals. If AI tools become capable of automatically scanning systems, identifying weak points, and generating attack methods, banks with heavy technical debt could face greater pressure than firms running modern cloud-based systems.

The wider FinTech industry is already moving toward more automated cybersecurity defenses in response. Security teams are increasingly using AI for fraud monitoring, anomaly detection, and vulnerability management. However, the same technology can also be used offensively. This has led to growing discussion around whether AI could eventually increase the speed and scale of cyberattacks targeting financial institutions.

Mark Devonshire, Managing Director Banking and Financial Services at NTT DATA UK&I, commented, “Claude Mythos is being positioned as a next-generation AI model that can analyse entire systems – from code to infrastructure – to identify weaknesses and ways in which they could be exploited. Given the obvious risk of misuse, it hasn’t yet been released to the public, so we can’t verify whether it is as powerful as claimed. But whether this particular tool realises all the potential of today’s digital technologies, the threat level is rising rapidly as cyber criminals gain access to AI tools able to find and exploit vulnerabilities at scale.”

He added, “Because cyber criminals prioritise theft – whether for its own sake, or in order to fund other criminal or terrorist activities – banks and financial service providers are the first line of defence against emerging cyber crime technologies. This is a particular risk because many finance organisations have large and ageing technology legacies: for years, they have patched and upgraded existing IT platforms, deferring the significant investments required to transform their systems.”

The concern is not theoretical. Regulators and cybersecurity agencies have repeatedly warned that the financial sector remains one of the most targeted industries globally because of the value of financial data and the importance of banking infrastructure.

Previous Article

SAP acquires Prior Labs to establish frontier AI lab in Europe
Read More