Financial watchdogs around the world are falling dangerously behind banks when it comes to understanding and regulating artificial intelligence, according to new research that raises serious questions about oversight capabilities.
A comprehensive study released Tuesday by the Cambridge Centre for Alternative Finance reveals that banks and financial companies are embracing AI technology more than twice as fast as the regulators who supervise them. The research shows only 20% of regulatory agencies report having “advanced AI adoption” compared to their counterparts in the private sector.
Perhaps more troubling, the survey found that just 24% of financial authorities gather information about how the industry is implementing AI systems, while 43% have no intention of beginning such data collection over the next two years.
“This empirical blind spot may undermine the prevailing optimism [on AI]. Authorities cannot successfully harness or oversee AI if they are navigating its adoption and risks without hard data,” researchers concluded in their report.
The extensive study was conducted in partnership with the Bank for International Settlements, International Monetary Fund, and other international organizations. Researchers gathered responses from 350 traditional banks and financial technology companies, over 140 AI suppliers, and 130 central banks and regulatory bodies across 151 nations.
The timing of these findings coincides with growing alarm over new AI developments. Earlier this month, technology company Anthropic unveiled Mythos, an advanced AI system that cybersecurity specialists warn could present major challenges to banking institutions and their existing computer infrastructure.
Banking supervisors worldwide have been engaging with financial institutions about whether their current systems can handle sophisticated AI models that continue to emerge.
The study specifically points to Mythos as representing the next wave of AI technology that may soon possess the ability to identify and exploit computer security weaknesses on a massive scale, potentially making current human-based oversight methods inadequate.
“Regulators generally maintain the principle that financial firms should remain accountable for harms, including cyberattacks, whether AI is built in-house or supplied by third parties, but that position becomes harder to apply in the context of more autonomous systems that are provided and managed by third-party vendors,” the study authors explained.
The research suggests that conventional regulatory approaches may no longer be effective. According to the report, supervisory agencies must develop their own autonomous AI systems—technology capable of operating independently without human intervention—to properly oversee the advanced systems they’re meant to regulate.
