UK authorities issue guidance on frontier AI cyber risks in finance

A joint statement from UK financial authorities addresses cyber resilience and operational risks linked to frontier AI models.
Frontier AI-related cyber risks and resilience measures are outlined in a joint statement from the Bank of England, FCA, and HM Treasury.

The Bank of England, the Financial Conduct Authority (FCA), and HM Treasury published a joint statement on cybersecurity and operational resilience risks linked to frontier AI models.

According to the statement, current frontier AI models can perform certain cyber-related tasks at high speed and scale, potentially increasing operational and security risks if misused.

UK authorities said regulated firms should strengthen governance, vulnerability management, third-party risk oversight, and recovery capabilities. The statement also referred to the use of automated and AI-supported defensive measures in cybersecurity operations.

The guidance highlighted risks associated with third-party services, open-source software, and legacy systems. According to the statement, boards and senior management should maintain awareness of frontier AI-related operational and cyber risks.

The authorities said they will continue monitoring frontier AI developments and engage with industry through the Cross Market Operational Resilience Group (CMORG). The statement also references guidance published by the UK National Cyber Security Centre (NCSC) on vulnerability management and AI-related cyber risks.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.