In conversation with Pedro Machado of the ECB on AI and cyber risk

Frontier AI models are accelerating cyber threats. Speaking with Zango AI, Pedro Machado, Member of the Supervisory Board at the European Central Bank, explains what the supervisor now expects of significant institutions.

On 7 July, the European Central Bank wrote to the chief executives of every significant institution under its direct supervision. The letter, which is public, sets a deadline: action plans on the risks posed by frontier AI models are due by 31 October. To give banks room to focus, the ECB has postponed a separate cyber questionnaire to next year.

We spoke to Pedro Machado of the ECB about what the letter asks for, why frontier models change the cybersecurity picture, and where firms should concentrate their effort now.

Key takeaways

  • The ECB has asked all significant institutions to submit AI cyber risk action plans by 31 October 2026.
  • Frontier AI models compress the time between a vulnerability being detected and being exploited, shifting the balance between attack and defence.
  • Short term, supervisors want stronger patching, enhanced monitoring, and proactive vulnerability detection, with automated testing named as a priority.
  • Legacy systems and concentrated third party dependency, particularly a handful of cloud providers, are the structural exposures firms must address.

A change of paradigm, in the supervisor's words

Pedro Machado outlines the scale of this shift: "This new AI frontier model represents a change in paradigm in terms of cybersecurity". Until now, defenders have relied on a window of time. An attack is launched, it is detected, and a response follows. That gap has often been enough for a bank to contain the very attack that targets it.

Frontier models close that gap. "What the new AI frontier models do is that they compress significantly the time between the attack and the exploitation of the vulnerability," Machado explains. The vulnerability is found and weaponised far faster than before. It is the shortening of that window, he says, that banks now need to address quickly.

“They need to quickly have automated testing in place to enhance their capabilities, and in particular enhance their capabilities on patching, in particular legacy systems.” — Pedro Machado, Member of the Supervisory Board, European Central Bank

What the letter asks for

In the near term, Machado points to three areas: patching capabilities, enhanced monitoring, and the proactive detection of vulnerabilities. These are the measures a bank can move on immediately, and the ones supervisors will expect to see reflected in the October action plans.

Alongside these sit the structural measures, which take a longer view. They range from cyber hygiene through to a more holistic view of the estate, including the legacy systems many banks still run. Machado is candid that this will mean work, and in some cases a reprioritisation of IT roadmaps. The decision to postpone the separate questionnaire to next year is meant to create that space.

The role of automated testing

Of the short term measures, Machado highlights automated testing. When the interval between discovery and exploitation is measured in hours rather than days, manual, periodic testing cannot keep pace. Continuous, automated testing is how a firm finds a weakness before an attacker does, and how it keeps checking after every change to the estate.

Machado singles out legacy systems, where fixes are slower and where, as he notes, third party providers may not have a patching solution in place at all. Automated testing turns patching from a reactive scramble into a managed, evidenced process: know what is exposed, know what has been fixed, and be able to show it.

The third party question

The final theme is concentration. "We have services, in particular cloud services, which are very concentrated on a handful of providers," Machado says. "This creates a dependency risk which should also be properly addressed by banks, in particular in their contractual relationship with those providers." The aim is to name the dependency and hold it to account in the terms banks sign.

What this means for risk and compliance teams

The letter is addressed to bank CEOs, but the action plans will be built by risk, security and compliance functions working together, and the issues reach well beyond banks across financial services. Four practical implications stand out.

  • Treat 31 October as a governance deadline. For the significant institutions in scope, the action plan is a supervisory submission with a fixed date. Each measure the ECB names should map to a control and a named accountable person. The letter is addressed to significant institutions, but other firms would be wise to act as if it were addressed to them too.
  • Move testing from periodic to continuous. Firms that already run continuous controls testing will find it easier to evidence readiness than those still relying on annual penetration tests.
  • Confront legacy and patching latency. Identify the systems where patching is slow or dependent on a third party, and document the compensating controls. Supervisors will look for awareness of the gap as much as its closure.
  • Manage the dependency. The more a bank relies on a cloud or critical vendor, the more the contract must carry that weight: exit rights, resilience commitments and clear patching obligations.

Ultimately, frontier AI changes the dynamics of cyberattack and defence, and the supervisor is asking firms to respond in kind. As Machado puts it, these short term measures require very swift action.

Continue reading