Andrew Bailey, Governor of the Bank of England and Chair of the Financial Stability Board, is pushing for a fundamental rethink of how regulators handle the cybersecurity threats that advanced AI models are creating for the financial system. Instead of the traditional playbook of issuing directives and watching banks scramble to comply, Bailey wants regulators and banks sitting at the same table, working through the problems together.
The European Central Bank is already putting this into practice. In late May 2026, the ECB convened euro-area banks to collaboratively assess cybersecurity risks tied to advanced AI models, rather than defaulting to formal regulation.
Mythos and the new threat landscape
The catalyst for this regulatory pivot has a name: Mythos. Anthropic’s advanced AI model has drawn pointed warnings from Bailey, who cautioned during talks at Columbia University on April 14, 2026, that the model could dramatically escalate cyber risks by exposing systemic vulnerabilities across the financial sector.
Bailey has described cyber risks as a constant threat requiring ongoing vigilance.















