The Mythos summit missed the real AI threat to banks. This is the overlooked danger.

(SeaPRwire) –   Earlier this month, Treasury Secretary Scott Bessent and Federal Reserve Chair Jay Powell gathered the CEOs of major U.S. banks to discuss Anthropic’s new model, Mythos. This meeting indicated a shift in the financial sector’s understanding of artificial intelligence. It was not a discussion about innovation, but a warning: models capable of identifying and exploiting vulnerabilities could present a tangible risk to essential financial infrastructure.

While this concern is valid, the current focus remains too limited.

In recent conversations with leading financial institutions, I have observed how quickly concern escalates once the malicious applications of AI are grasped. However, turning this concern into action remains sluggish and inconsistent. Most of the current attention is directed at cyber risk. This is a significant danger, but it is neither the sole threat nor the most immediate one.

Alongside the risks underscored by Mythos, a separate threat is already materializing on a large scale. It does not rely on cutting-edge frontier models, but on AI capabilities that are already broadly accessible. Unlike cyber attacks, which require system access, this threat operates by targeting individuals.

The Shift Is Not Just About Sophistication—It’s About Economics

Artificial intelligence has significantly reduced the cost and complexity of fraud while vastly increasing its scalability. Operations that previously demanded time and coordination can now be automated and deployed on an industrial level. AI systems can produce thousands of persuasive messages, audio clips, and videos in seconds, each customized for a specific person. This represents a structural, rather than incremental, change.

Fraud has transitioned from a manual task to a machine-driven operation. Hyper-personalized social engineering initiatives, frequently powered by AI agents, now function across various channels, legal jurisdictions, and identities. With growing authenticity, they impersonate executives, advisors, or family members to manufacture urgency and prompt authorized transfers.

In these instances, the system is not infiltrated; it is circumvented.

The System Isn’t Hacked—The Customer Is Convinced

Customers are not necessarily being hacked; they are being deceived. Because the transactions are authorized, existing protective measures are frequently ineffective. Biometric verifications can be circumvented by deepfakes. Rule-based monitoring systems are tuned to identify human fraudsters, not coordinated networks of AI agents operating at machine velocity.

This establishes a fundamentally distinct category of risk.

In contrast to cyber attacks, which are typically episodic and conspicuous, AI-enabled fraud functions as a continuous, distributed drain of funds across millions of transactions. It is an insidious threat: simpler to execute, quicker to scale, and often invisible until the losses become substantial. Current trends indicate potential losses reaching trillions of dollars in the near future.

The Risk Extends Beyond Financial Loss

Should the public conclude that financial institutions are incapable of shielding customers from manipulation and fraud, trust in the system will deteriorate. The repercussions will surpass monetary losses. Friction will increase, customers will become reluctant, and confidence in banks’ capacity to safeguard assets may diminish in ways just as damaging as cyber threats.

This is not a superior threat to cyber risk, but a concurrent one that warrants equal attention.

A Redesign of Defense, Not a Minor Adjustment

Most institutions continue to depend on fragmented data, outdated monitoring, and human-centric analysis that cannot match the speed of adaptive, AI-driven dangers. A substantial response necessitates an architectural overhaul: real-time, AI-native detection; the integration of fraud, AML, and behavioral indicators; and the capacity to intervene at the transaction stage, including for authorized payments.

Additionally, it requires a shift from isolated to coordinated defense. Fraud campaigns target customers across multiple institutions simultaneously, while defensive controls remain compartmentalized. An effective response relies on identifying patterns and campaigns in real time. While privacy and competition considerations remain significant, they can no longer rationalize structural blind spots. Privacy-preserving technologies provide a viable path forward, enabling institutions to share signals without compromising sensitive data.

Concurrently, institutions must implement a “Defense AI” strategy: utilizing AI to combat AI-driven threats. First lines of defense staffed solely by humans cannot scale. AI-native systems are essential to facilitate faster detection and response under human supervision.

Regulators Must Also Address This—Before Disaster Strikes

The lesson from the Mythos meeting is not merely that AI can compromise systems. It is that the financial system is already being exploited through a different method: one that is less visible, more scalable, and potentially equally destructive.

If the financial system fails to react promptly, the consequences will be severe: escalating losses, increased friction, and a significant erosion of public trust.

Regulators should also assemble senior financial leaders to address this issue as a parallel AI risk, before a catastrophe that is already within the reach of malicious actors fully manifests. The financial system, the technology industry, and policymakers must now acknowledge the magnitude of this vulnerability and act with considerably greater urgency.