-- The Australian Prudential Regulation Authority (APRA) on Thursday called on the financial sector to enhance its management of AI-related risks, warning that information security practices are struggling to keep up with the speed of the technology's adoption.
In a letter to the industry, the regulator outlined the findings of a review it launched last year, noting that the growing use of advanced AI is creating multiple new financial and operational vulnerabilities for banks, insurers, and superannuation trustees.
"Frontier AI models such as Anthropic's Claude Mythos, which could enhance the discovery of vulnerabilities by bad actors, are expected to further increase the probability, speed, and scale of cyber attacks," APRA said.
The regulator found that financial corporates have a high interest in the potential benefits of AI usage, but in many cases lack the technical knowledge to effectively manage the associated risks.
The APRA is not proposing to introduce additional requirements at this stage but expects to see a "significant improvement" in how the financial sector approaches AI-related risk management and governance.